Synopsis: Important: kvm security, bug fix and enhancement update Issue date: 2010-03-30 CVE Names: CVE-2010-0741 This updated kvm is already in SL 5.5. Earlier versions of SL 5 are not able to run kvm, so do not need this update. A flaw was found in the way QEMU-KVM handled erroneous data provided by the Linux virtio-net driver, used by guest operating systems. Due to a deficiency in the TSO (TCP segment offloading) implementation, a guest's virtio-net driver would transmit improper data to a certain QEMU-KVM process on the host, causing the guest to crash. A remote attacker could use this flaw to send specially-crafted data to a target guest system, causing that guest to crash. (CVE-2010-0741) The following procedure must be performed before this update will take effect: 1) Stop all KVM guest virtual machines. 2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd. 3) Restart the KVM guest virtual machines. SL 5.x SRPMS: kvm-83-164.el5.src.rpm x86_64: kmod-kvm-83-164.el5_5.9.x86_64.rpm kvm-83-164.el5_5.9.x86_64.rpm kvm-qemu-img-83-164.el5_5.9.x86_64.rpm kvm-tools-83-164.el5_5.9.x86_64.rpm -Connie Sieh -Troy Dawson