Important: xen security update
| Advisory: | RHSA-2013:0599-1 |
|---|---|
| Type: | Security Advisory |
| Severity: | Important |
| Issued on: | 2013-03-06 |
| Last updated on: | 2013-03-06 |
| Affected Products: | RHEL Desktop Multi OS (v. 5 client) RHEL Virtualization (v. 5 server) RHEL Virtualization EUS (v. 5.9.z server) RHEL Virtualization Long Life (v. 5.9 server) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux EUS (v. 5.9.z server) Red Hat Enterprise Linux Long Life (v. 5.9 server) |
| CVEs (cve.mitre.org): |
CVE-2012-6075 |
Details
Updated xen packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
The xen packages contain administration tools and the xend service for
managing the kernel-xen kernel for virtualization on Red Hat Enterprise
Linux.
A flaw was found in the way QEMU emulated the e1000 network interface card
when the host was configured to accept jumbo network frames, and a
fully-virtualized guest using the e1000 emulated driver was not. A remote
attacker could use this flaw to crash the guest or, potentially, execute
arbitrary code with root privileges in the guest. (CVE-2012-6075)
All users of xen are advised to upgrade to these updated packages, which
correct this issue. After installing the updated packages, all running
fully-virtualized guests must be restarted for this update to take effect.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
Updated packages
| RHEL Desktop Multi OS (v. 5 client) | |
| SRPMS: | |
| xen-3.0.3-142.el5_9.2.src.rpm | MD5: ff76a0144e5d4661ba931d15dbda684b SHA-256: a14b19afc1ad5cfe0efd0e5544d213ce5fa957cbc578e8168f9c950e77ca16e8 |
| IA-32: | |
| xen-3.0.3-142.el5_9.2.i386.rpm | MD5: 57c11f605dec303b4edf6d623e1663c7 SHA-256: 3b59f9cc6d593d0f0ae7bf3f2050d35f8e7aa3e9e555fdfccc76e53c940e0c44 |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-devel-3.0.3-142.el5_9.2.i386.rpm | MD5: 5f680b0b1c0187815eefd32af67ec39e SHA-256: bf94c8bc6e82170af79783e93c93e4413c98d05e96c1a43e7c8cf1aca1f3c966 |
| x86_64: | |
| xen-3.0.3-142.el5_9.2.x86_64.rpm | MD5: 2eaaf101298f232540757a132f42ef35 SHA-256: a49f734375c1a40e1e69c76a1e9918026a6400c1706d89f2a065987ef9e52a09 |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-debuginfo-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca1222575cd602325e6eee82ef0e651c SHA-256: b1bdef9993fd489cad96b8025685c1583032a7d15a0d2c19f77e0468c51c04bd |
| xen-devel-3.0.3-142.el5_9.2.i386.rpm | MD5: 5f680b0b1c0187815eefd32af67ec39e SHA-256: bf94c8bc6e82170af79783e93c93e4413c98d05e96c1a43e7c8cf1aca1f3c966 |
| xen-devel-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca5f452b1a55ca71a725f3313d638b9c SHA-256: 54a6c3cce21cdd72a43b345970c6eba193dc21ed4c1b594b8dcd5481ce6a6b56 |
| RHEL Virtualization (v. 5 server) | |
| SRPMS: | |
| xen-3.0.3-142.el5_9.2.src.rpm | MD5: ff76a0144e5d4661ba931d15dbda684b SHA-256: a14b19afc1ad5cfe0efd0e5544d213ce5fa957cbc578e8168f9c950e77ca16e8 |
| IA-32: | |
| xen-3.0.3-142.el5_9.2.i386.rpm | MD5: 57c11f605dec303b4edf6d623e1663c7 SHA-256: 3b59f9cc6d593d0f0ae7bf3f2050d35f8e7aa3e9e555fdfccc76e53c940e0c44 |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-devel-3.0.3-142.el5_9.2.i386.rpm | MD5: 5f680b0b1c0187815eefd32af67ec39e SHA-256: bf94c8bc6e82170af79783e93c93e4413c98d05e96c1a43e7c8cf1aca1f3c966 |
| IA-64: | |
| xen-3.0.3-142.el5_9.2.ia64.rpm | MD5: ef6cec08659c15f9507b47bb8f93f495 SHA-256: 5a0d6555993ad75d8859cb47858db65b972a61e87e1e6ff69522c4d40e216bb5 |
| xen-debuginfo-3.0.3-142.el5_9.2.ia64.rpm | MD5: 4663cc25a24799a793d7f1ea0fea24e4 SHA-256: aed1b4059769fb0f369bf9f64f414b2d4d11d9b0619632c421569fe37e3f9b5f |
| xen-devel-3.0.3-142.el5_9.2.ia64.rpm | MD5: 7f18b65c442d37e2aa8a2a731252ea97 SHA-256: 937638e5dcfc858e5ad26fe0dbfb41d3b5b5275300d1e103d1b6f09e9a23f119 |
| x86_64: | |
| xen-3.0.3-142.el5_9.2.x86_64.rpm | MD5: 2eaaf101298f232540757a132f42ef35 SHA-256: a49f734375c1a40e1e69c76a1e9918026a6400c1706d89f2a065987ef9e52a09 |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-debuginfo-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca1222575cd602325e6eee82ef0e651c SHA-256: b1bdef9993fd489cad96b8025685c1583032a7d15a0d2c19f77e0468c51c04bd |
| xen-devel-3.0.3-142.el5_9.2.i386.rpm | MD5: 5f680b0b1c0187815eefd32af67ec39e SHA-256: bf94c8bc6e82170af79783e93c93e4413c98d05e96c1a43e7c8cf1aca1f3c966 |
| xen-devel-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca5f452b1a55ca71a725f3313d638b9c SHA-256: 54a6c3cce21cdd72a43b345970c6eba193dc21ed4c1b594b8dcd5481ce6a6b56 |
| RHEL Virtualization EUS (v. 5.9.z server) | |
| SRPMS: | |
| xen-3.0.3-142.el5_9.2.src.rpm | MD5: ff76a0144e5d4661ba931d15dbda684b SHA-256: a14b19afc1ad5cfe0efd0e5544d213ce5fa957cbc578e8168f9c950e77ca16e8 |
| IA-32: | |
| xen-3.0.3-142.el5_9.2.i386.rpm | MD5: 57c11f605dec303b4edf6d623e1663c7 SHA-256: 3b59f9cc6d593d0f0ae7bf3f2050d35f8e7aa3e9e555fdfccc76e53c940e0c44 |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-devel-3.0.3-142.el5_9.2.i386.rpm | MD5: 5f680b0b1c0187815eefd32af67ec39e SHA-256: bf94c8bc6e82170af79783e93c93e4413c98d05e96c1a43e7c8cf1aca1f3c966 |
| IA-64: | |
| xen-3.0.3-142.el5_9.2.ia64.rpm | MD5: ef6cec08659c15f9507b47bb8f93f495 SHA-256: 5a0d6555993ad75d8859cb47858db65b972a61e87e1e6ff69522c4d40e216bb5 |
| xen-debuginfo-3.0.3-142.el5_9.2.ia64.rpm | MD5: 4663cc25a24799a793d7f1ea0fea24e4 SHA-256: aed1b4059769fb0f369bf9f64f414b2d4d11d9b0619632c421569fe37e3f9b5f |
| xen-devel-3.0.3-142.el5_9.2.ia64.rpm | MD5: 7f18b65c442d37e2aa8a2a731252ea97 SHA-256: 937638e5dcfc858e5ad26fe0dbfb41d3b5b5275300d1e103d1b6f09e9a23f119 |
| x86_64: | |
| xen-3.0.3-142.el5_9.2.x86_64.rpm | MD5: 2eaaf101298f232540757a132f42ef35 SHA-256: a49f734375c1a40e1e69c76a1e9918026a6400c1706d89f2a065987ef9e52a09 |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-debuginfo-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca1222575cd602325e6eee82ef0e651c SHA-256: b1bdef9993fd489cad96b8025685c1583032a7d15a0d2c19f77e0468c51c04bd |
| xen-devel-3.0.3-142.el5_9.2.i386.rpm | MD5: 5f680b0b1c0187815eefd32af67ec39e SHA-256: bf94c8bc6e82170af79783e93c93e4413c98d05e96c1a43e7c8cf1aca1f3c966 |
| xen-devel-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca5f452b1a55ca71a725f3313d638b9c SHA-256: 54a6c3cce21cdd72a43b345970c6eba193dc21ed4c1b594b8dcd5481ce6a6b56 |
| RHEL Virtualization Long Life (v. 5.9 server) | |
| SRPMS: | |
| xen-3.0.3-142.el5_9.2.src.rpm | MD5: ff76a0144e5d4661ba931d15dbda684b SHA-256: a14b19afc1ad5cfe0efd0e5544d213ce5fa957cbc578e8168f9c950e77ca16e8 |
| IA-32: | |
| xen-3.0.3-142.el5_9.2.i386.rpm | MD5: 57c11f605dec303b4edf6d623e1663c7 SHA-256: 3b59f9cc6d593d0f0ae7bf3f2050d35f8e7aa3e9e555fdfccc76e53c940e0c44 |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-devel-3.0.3-142.el5_9.2.i386.rpm | MD5: 5f680b0b1c0187815eefd32af67ec39e SHA-256: bf94c8bc6e82170af79783e93c93e4413c98d05e96c1a43e7c8cf1aca1f3c966 |
| IA-64: | |
| xen-3.0.3-142.el5_9.2.ia64.rpm | MD5: ef6cec08659c15f9507b47bb8f93f495 SHA-256: 5a0d6555993ad75d8859cb47858db65b972a61e87e1e6ff69522c4d40e216bb5 |
| xen-debuginfo-3.0.3-142.el5_9.2.ia64.rpm | MD5: 4663cc25a24799a793d7f1ea0fea24e4 SHA-256: aed1b4059769fb0f369bf9f64f414b2d4d11d9b0619632c421569fe37e3f9b5f |
| xen-devel-3.0.3-142.el5_9.2.ia64.rpm | MD5: 7f18b65c442d37e2aa8a2a731252ea97 SHA-256: 937638e5dcfc858e5ad26fe0dbfb41d3b5b5275300d1e103d1b6f09e9a23f119 |
| x86_64: | |
| xen-3.0.3-142.el5_9.2.x86_64.rpm | MD5: 2eaaf101298f232540757a132f42ef35 SHA-256: a49f734375c1a40e1e69c76a1e9918026a6400c1706d89f2a065987ef9e52a09 |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-debuginfo-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca1222575cd602325e6eee82ef0e651c SHA-256: b1bdef9993fd489cad96b8025685c1583032a7d15a0d2c19f77e0468c51c04bd |
| xen-devel-3.0.3-142.el5_9.2.i386.rpm | MD5: 5f680b0b1c0187815eefd32af67ec39e SHA-256: bf94c8bc6e82170af79783e93c93e4413c98d05e96c1a43e7c8cf1aca1f3c966 |
| xen-devel-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca5f452b1a55ca71a725f3313d638b9c SHA-256: 54a6c3cce21cdd72a43b345970c6eba193dc21ed4c1b594b8dcd5481ce6a6b56 |
| Red Hat Enterprise Linux (v. 5 server) | |
| SRPMS: | |
| xen-3.0.3-142.el5_9.2.src.rpm | MD5: ff76a0144e5d4661ba931d15dbda684b SHA-256: a14b19afc1ad5cfe0efd0e5544d213ce5fa957cbc578e8168f9c950e77ca16e8 |
| IA-32: | |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-libs-3.0.3-142.el5_9.2.i386.rpm | MD5: 8c5f8e344a50ec407945037fa590f5fe SHA-256: 0242e7ce19ac5e85fed27fdac77cd2055eb596ac1bb3f8567b49d54fb3413339 |
| IA-64: | |
| xen-debuginfo-3.0.3-142.el5_9.2.ia64.rpm | MD5: 4663cc25a24799a793d7f1ea0fea24e4 SHA-256: aed1b4059769fb0f369bf9f64f414b2d4d11d9b0619632c421569fe37e3f9b5f |
| xen-libs-3.0.3-142.el5_9.2.ia64.rpm | MD5: 6a947d493d016ce19ba93643055280ff SHA-256: c92acd87af93853c795ce43f0d50a96a4cc6767c8c3a7af2c8a37d0ea1c5674d |
| x86_64: | |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-debuginfo-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca1222575cd602325e6eee82ef0e651c SHA-256: b1bdef9993fd489cad96b8025685c1583032a7d15a0d2c19f77e0468c51c04bd |
| xen-libs-3.0.3-142.el5_9.2.i386.rpm | MD5: 8c5f8e344a50ec407945037fa590f5fe SHA-256: 0242e7ce19ac5e85fed27fdac77cd2055eb596ac1bb3f8567b49d54fb3413339 |
| xen-libs-3.0.3-142.el5_9.2.x86_64.rpm | MD5: 5bb5e54a7267de67d20be04f8273da63 SHA-256: f5a398dd57bc9e0afdf1734008b746f83061de75ac1f40c6e2999d7d2b0782e0 |
| Red Hat Enterprise Linux Desktop (v. 5 client) | |
| SRPMS: | |
| xen-3.0.3-142.el5_9.2.src.rpm | MD5: ff76a0144e5d4661ba931d15dbda684b SHA-256: a14b19afc1ad5cfe0efd0e5544d213ce5fa957cbc578e8168f9c950e77ca16e8 |
| IA-32: | |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-libs-3.0.3-142.el5_9.2.i386.rpm | MD5: 8c5f8e344a50ec407945037fa590f5fe SHA-256: 0242e7ce19ac5e85fed27fdac77cd2055eb596ac1bb3f8567b49d54fb3413339 |
| x86_64: | |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-debuginfo-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca1222575cd602325e6eee82ef0e651c SHA-256: b1bdef9993fd489cad96b8025685c1583032a7d15a0d2c19f77e0468c51c04bd |
| xen-libs-3.0.3-142.el5_9.2.i386.rpm | MD5: 8c5f8e344a50ec407945037fa590f5fe SHA-256: 0242e7ce19ac5e85fed27fdac77cd2055eb596ac1bb3f8567b49d54fb3413339 |
| xen-libs-3.0.3-142.el5_9.2.x86_64.rpm | MD5: 5bb5e54a7267de67d20be04f8273da63 SHA-256: f5a398dd57bc9e0afdf1734008b746f83061de75ac1f40c6e2999d7d2b0782e0 |
| Red Hat Enterprise Linux EUS (v. 5.9.z server) | |
| SRPMS: | |
| xen-3.0.3-142.el5_9.2.src.rpm | MD5: ff76a0144e5d4661ba931d15dbda684b SHA-256: a14b19afc1ad5cfe0efd0e5544d213ce5fa957cbc578e8168f9c950e77ca16e8 |
| IA-32: | |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-libs-3.0.3-142.el5_9.2.i386.rpm | MD5: 8c5f8e344a50ec407945037fa590f5fe SHA-256: 0242e7ce19ac5e85fed27fdac77cd2055eb596ac1bb3f8567b49d54fb3413339 |
| IA-64: | |
| xen-debuginfo-3.0.3-142.el5_9.2.ia64.rpm | MD5: 4663cc25a24799a793d7f1ea0fea24e4 SHA-256: aed1b4059769fb0f369bf9f64f414b2d4d11d9b0619632c421569fe37e3f9b5f |
| xen-libs-3.0.3-142.el5_9.2.ia64.rpm | MD5: 6a947d493d016ce19ba93643055280ff SHA-256: c92acd87af93853c795ce43f0d50a96a4cc6767c8c3a7af2c8a37d0ea1c5674d |
| x86_64: | |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-debuginfo-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca1222575cd602325e6eee82ef0e651c SHA-256: b1bdef9993fd489cad96b8025685c1583032a7d15a0d2c19f77e0468c51c04bd |
| xen-libs-3.0.3-142.el5_9.2.i386.rpm | MD5: 8c5f8e344a50ec407945037fa590f5fe SHA-256: 0242e7ce19ac5e85fed27fdac77cd2055eb596ac1bb3f8567b49d54fb3413339 |
| xen-libs-3.0.3-142.el5_9.2.x86_64.rpm | MD5: 5bb5e54a7267de67d20be04f8273da63 SHA-256: f5a398dd57bc9e0afdf1734008b746f83061de75ac1f40c6e2999d7d2b0782e0 |
| Red Hat Enterprise Linux Long Life (v. 5.9 server) | |
| SRPMS: | |
| xen-3.0.3-142.el5_9.2.src.rpm | MD5: ff76a0144e5d4661ba931d15dbda684b SHA-256: a14b19afc1ad5cfe0efd0e5544d213ce5fa957cbc578e8168f9c950e77ca16e8 |
| IA-32: | |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-libs-3.0.3-142.el5_9.2.i386.rpm | MD5: 8c5f8e344a50ec407945037fa590f5fe SHA-256: 0242e7ce19ac5e85fed27fdac77cd2055eb596ac1bb3f8567b49d54fb3413339 |
| IA-64: | |
| xen-debuginfo-3.0.3-142.el5_9.2.ia64.rpm | MD5: 4663cc25a24799a793d7f1ea0fea24e4 SHA-256: aed1b4059769fb0f369bf9f64f414b2d4d11d9b0619632c421569fe37e3f9b5f |
| xen-libs-3.0.3-142.el5_9.2.ia64.rpm | MD5: 6a947d493d016ce19ba93643055280ff SHA-256: c92acd87af93853c795ce43f0d50a96a4cc6767c8c3a7af2c8a37d0ea1c5674d |
| x86_64: | |
| xen-debuginfo-3.0.3-142.el5_9.2.i386.rpm | MD5: b8b9b96215fea56fc69df9df0e5fb3fd SHA-256: 7796d3248686a5cac1e95e88f405b412303be0c925007a900335f751b1cff149 |
| xen-debuginfo-3.0.3-142.el5_9.2.x86_64.rpm | MD5: ca1222575cd602325e6eee82ef0e651c SHA-256: b1bdef9993fd489cad96b8025685c1583032a7d15a0d2c19f77e0468c51c04bd |
| xen-libs-3.0.3-142.el5_9.2.i386.rpm | MD5: 8c5f8e344a50ec407945037fa590f5fe SHA-256: 0242e7ce19ac5e85fed27fdac77cd2055eb596ac1bb3f8567b49d54fb3413339 |
| xen-libs-3.0.3-142.el5_9.2.x86_64.rpm | MD5: 5bb5e54a7267de67d20be04f8273da63 SHA-256: f5a398dd57bc9e0afdf1734008b746f83061de75ac1f40c6e2999d7d2b0782e0 |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
889301 - CVE-2012-6075 qemu: e1000 driver buffer overflow when processing large packets when SBP and LPE flags are disabled
References
https://www.redhat.com/security/data/cve/CVE-2012-6075.html
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/updates/classification/#important
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
