Synopsis:          Important: kvm security update
Advisory ID:       SLSA-2015:1003-1
Issue Date:        2015-05-13
CVE Numbers:       CVE-2015-3456
--

An out-of-bounds memory access flaw was found in the way QEMU's virtual
Floppy Disk Controller (FDC) handled FIFO buffer access while processing
certain FDC commands. A privileged guest user could use this flaw to crash
the guest or, potentially, execute arbitrary code on the host with the
privileges of the host's QEMU process corresponding to the guest.
(CVE-2015-3456)

Note: The following procedure must be performed before this update will take
effect:

1) Stop all KVM guest virtual machines.

2) Either reboot the hypervisor machine or, as the root user, remove (using
"modprobe -r [module]") and reload (using "modprobe [module]") all of the
following modules which are currently running (determined using "lsmod"):
kvm, ksm, kvm-intel or kvm-amd.

3) Restart the KVM guest virtual machines.
--

SL5
  x86_64
    kmod-kvm-83-272.el5_11.x86_64.rpm
    kmod-kvm-debug-83-272.el5_11.x86_64.rpm
    kvm-83-272.el5_11.x86_64.rpm
    kvm-debuginfo-83-272.el5_11.x86_64.rpm
    kvm-qemu-img-83-272.el5_11.x86_64.rpm
    kvm-tools-83-272.el5_11.x86_64.rpm

- Scientific Linux Development Team