-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kvm security update Advisory ID: RHSA-2015:1925-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1925.html Issue date: 2015-10-22 CVE Names: CVE-2015-5279 ===================================================================== 1. Summary: Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Multi OS (v. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance (denial of service) or potentially execute arbitrary code on the host. (CVE-2015-5279) Red Hat would like to thank Qinghao Tang of QIHU 360 Inc. for reporting this issue. All kvm users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Note: The procedure in the Solution section must be performed before this update will take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 The following procedure must be performed before this update will take effect: 1) Stop all KVM guest virtual machines. 2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd. 3) Restart the KVM guest virtual machines. 5. Bugs fixed (https://bugzilla.redhat.com/): 1256672 - CVE-2015-5279 qemu: Heap overflow vulnerability in ne2000_receive() function 6. Package List: RHEL Desktop Multi OS (v. 5 client): Source: kvm-83-274.el5_11.src.rpm x86_64: kmod-kvm-83-274.el5_11.x86_64.rpm kmod-kvm-debug-83-274.el5_11.x86_64.rpm kvm-83-274.el5_11.x86_64.rpm kvm-debuginfo-83-274.el5_11.x86_64.rpm kvm-qemu-img-83-274.el5_11.x86_64.rpm kvm-tools-83-274.el5_11.x86_64.rpm RHEL Virtualization (v. 5 server): Source: kvm-83-274.el5_11.src.rpm x86_64: kmod-kvm-83-274.el5_11.x86_64.rpm kmod-kvm-debug-83-274.el5_11.x86_64.rpm kvm-83-274.el5_11.x86_64.rpm kvm-debuginfo-83-274.el5_11.x86_64.rpm kvm-qemu-img-83-274.el5_11.x86_64.rpm kvm-tools-83-274.el5_11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-5279 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWKRPoXlSAg2UNWIIRAlGuAKClFFh8AiP9fEjpghaXzpXzwjbjsACfbvSL csbE4YaGS0k2SCI/QXIO1+8= =omUi -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce