Skip to navigation

Security Advisory Important: qemu-kvm security update

Advisory: RHSA-2013:1100-1
Type: Security Advisory
Severity: Important
Issued on: 2013-07-22
Last updated on: 2013-07-22
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.4)
Red Hat Enterprise Linux Server EUS (v. 6.4.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-2231

Details

Updated qemu-kvm packages that fix one security issue are now available for
Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component
for running virtual machines using KVM.

An unquoted search path flaw was found in the way the QEMU Guest Agent
service installation was performed on Windows. Depending on the permissions
of the directories in the unquoted search path, a local, unprivileged user
could use this flaw to have a binary of their choosing executed with SYSTEM
privileges. (CVE-2013-2231)

This issue was discovered by Lev Veyde of Red Hat.

All users of qemu-kvm should upgrade to these updated packages, which
contain backported patches to correct this issue. After installing this
update, shut down all running virtual machines. Once all virtual machines
have shut down, start them again for this update to take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.355.el6_4.6.src.rpm
File outdated by:  RHSA-2014:0420
    MD5: 335afbcc4a6d7146f817a9ef8d3b033e
SHA-256: 067433fa97737e37e627ca6d6cc0d5a871342ad79f2cab2d5402d35b13df7032
 
IA-32:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.i686.rpm
File outdated by:  RHSA-2014:0420
    MD5: cebf06959c8af2aeaf96466ec69364d5
SHA-256: 8679befd6ad2a5ff137bea63af4726be4d70af455786e23422e383341adebda8
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.i686.rpm
File outdated by:  RHSA-2014:0420
    MD5: eb80c0b33d3de640696ea68257fcc5e0
SHA-256: 254a3c98f758ed78202e0c52e916e48d3c76eb901485d08911e4c179c77788e1
 
x86_64:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 1912e36185320a4e12c7bebac3d9936a
SHA-256: 02fe0ac52aac63de8c0ca43f39fc38dff0ac15e2a9afc1bd5898d149f4bc301e
qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 87d9ef45f19ac1c34f1267ac64f8267c
SHA-256: 6a1ff9f4e083ca70b16b18c2d1c7b902fa86fae2fd68b8b3285e81bdc7822052
qemu-img-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 8016d24c415fef35addb433659e3a8bb
SHA-256: 4f8cc5367ff77bf6a89c16350bd00c88332be9db61bea5a751db76151e4a9c5c
qemu-kvm-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 805d7f598702da06418142a02aa900b7
SHA-256: 4096af1caf6d2705afcffd88cec817ceea0844a486eaa1d9e494624074476866
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 96da5b84764db9bb4278aba5df92927d
SHA-256: 4ab2e109956682483db3e0c4cb5a50872548a7c9124736a608d557a476cd14da
qemu-kvm-tools-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: f505a48fea614747b15579b408b73b9d
SHA-256: 2435186d0968a87c938ddd4ad8b51f43f9afc6cc00bd190cdb42e6c5e34aad23
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.355.el6_4.6.src.rpm
File outdated by:  RHSA-2014:0420
    MD5: 335afbcc4a6d7146f817a9ef8d3b033e
SHA-256: 067433fa97737e37e627ca6d6cc0d5a871342ad79f2cab2d5402d35b13df7032
 
x86_64:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 1912e36185320a4e12c7bebac3d9936a
SHA-256: 02fe0ac52aac63de8c0ca43f39fc38dff0ac15e2a9afc1bd5898d149f4bc301e
qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 87d9ef45f19ac1c34f1267ac64f8267c
SHA-256: 6a1ff9f4e083ca70b16b18c2d1c7b902fa86fae2fd68b8b3285e81bdc7822052
qemu-img-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 8016d24c415fef35addb433659e3a8bb
SHA-256: 4f8cc5367ff77bf6a89c16350bd00c88332be9db61bea5a751db76151e4a9c5c
qemu-kvm-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 805d7f598702da06418142a02aa900b7
SHA-256: 4096af1caf6d2705afcffd88cec817ceea0844a486eaa1d9e494624074476866
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 96da5b84764db9bb4278aba5df92927d
SHA-256: 4ab2e109956682483db3e0c4cb5a50872548a7c9124736a608d557a476cd14da
qemu-kvm-tools-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: f505a48fea614747b15579b408b73b9d
SHA-256: 2435186d0968a87c938ddd4ad8b51f43f9afc6cc00bd190cdb42e6c5e34aad23
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.355.el6_4.6.src.rpm
File outdated by:  RHSA-2014:0420
    MD5: 335afbcc4a6d7146f817a9ef8d3b033e
SHA-256: 067433fa97737e37e627ca6d6cc0d5a871342ad79f2cab2d5402d35b13df7032
 
IA-32:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.i686.rpm
File outdated by:  RHSA-2014:0420
    MD5: cebf06959c8af2aeaf96466ec69364d5
SHA-256: 8679befd6ad2a5ff137bea63af4726be4d70af455786e23422e383341adebda8
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.i686.rpm
File outdated by:  RHSA-2014:0420
    MD5: eb80c0b33d3de640696ea68257fcc5e0
SHA-256: 254a3c98f758ed78202e0c52e916e48d3c76eb901485d08911e4c179c77788e1
 
x86_64:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 1912e36185320a4e12c7bebac3d9936a
SHA-256: 02fe0ac52aac63de8c0ca43f39fc38dff0ac15e2a9afc1bd5898d149f4bc301e
qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 87d9ef45f19ac1c34f1267ac64f8267c
SHA-256: 6a1ff9f4e083ca70b16b18c2d1c7b902fa86fae2fd68b8b3285e81bdc7822052
qemu-img-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 8016d24c415fef35addb433659e3a8bb
SHA-256: 4f8cc5367ff77bf6a89c16350bd00c88332be9db61bea5a751db76151e4a9c5c
qemu-kvm-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 805d7f598702da06418142a02aa900b7
SHA-256: 4096af1caf6d2705afcffd88cec817ceea0844a486eaa1d9e494624074476866
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 96da5b84764db9bb4278aba5df92927d
SHA-256: 4ab2e109956682483db3e0c4cb5a50872548a7c9124736a608d557a476cd14da
qemu-kvm-tools-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: f505a48fea614747b15579b408b73b9d
SHA-256: 2435186d0968a87c938ddd4ad8b51f43f9afc6cc00bd190cdb42e6c5e34aad23
 
Red Hat Enterprise Linux Server AUS (v. 6.4)

SRPMS:
qemu-kvm-0.12.1.2-2.355.el6_4.6.src.rpm
File outdated by:  RHSA-2014:0420
    MD5: 335afbcc4a6d7146f817a9ef8d3b033e
SHA-256: 067433fa97737e37e627ca6d6cc0d5a871342ad79f2cab2d5402d35b13df7032
 
x86_64:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 1912e36185320a4e12c7bebac3d9936a
SHA-256: 02fe0ac52aac63de8c0ca43f39fc38dff0ac15e2a9afc1bd5898d149f4bc301e
qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 87d9ef45f19ac1c34f1267ac64f8267c
SHA-256: 6a1ff9f4e083ca70b16b18c2d1c7b902fa86fae2fd68b8b3285e81bdc7822052
qemu-img-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 8016d24c415fef35addb433659e3a8bb
SHA-256: 4f8cc5367ff77bf6a89c16350bd00c88332be9db61bea5a751db76151e4a9c5c
qemu-kvm-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 805d7f598702da06418142a02aa900b7
SHA-256: 4096af1caf6d2705afcffd88cec817ceea0844a486eaa1d9e494624074476866
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 96da5b84764db9bb4278aba5df92927d
SHA-256: 4ab2e109956682483db3e0c4cb5a50872548a7c9124736a608d557a476cd14da
qemu-kvm-tools-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: f505a48fea614747b15579b408b73b9d
SHA-256: 2435186d0968a87c938ddd4ad8b51f43f9afc6cc00bd190cdb42e6c5e34aad23
 
Red Hat Enterprise Linux Server EUS (v. 6.4.z)

SRPMS:
qemu-kvm-0.12.1.2-2.355.el6_4.6.src.rpm
File outdated by:  RHSA-2014:0420
    MD5: 335afbcc4a6d7146f817a9ef8d3b033e
SHA-256: 067433fa97737e37e627ca6d6cc0d5a871342ad79f2cab2d5402d35b13df7032
 
IA-32:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.i686.rpm
File outdated by:  RHBA-2013:1401
    MD5: cebf06959c8af2aeaf96466ec69364d5
SHA-256: 8679befd6ad2a5ff137bea63af4726be4d70af455786e23422e383341adebda8
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.i686.rpm
File outdated by:  RHBA-2013:1401
    MD5: eb80c0b33d3de640696ea68257fcc5e0
SHA-256: 254a3c98f758ed78202e0c52e916e48d3c76eb901485d08911e4c179c77788e1
 
x86_64:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 1912e36185320a4e12c7bebac3d9936a
SHA-256: 02fe0ac52aac63de8c0ca43f39fc38dff0ac15e2a9afc1bd5898d149f4bc301e
qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 87d9ef45f19ac1c34f1267ac64f8267c
SHA-256: 6a1ff9f4e083ca70b16b18c2d1c7b902fa86fae2fd68b8b3285e81bdc7822052
qemu-img-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 8016d24c415fef35addb433659e3a8bb
SHA-256: 4f8cc5367ff77bf6a89c16350bd00c88332be9db61bea5a751db76151e4a9c5c
qemu-kvm-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 805d7f598702da06418142a02aa900b7
SHA-256: 4096af1caf6d2705afcffd88cec817ceea0844a486eaa1d9e494624074476866
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 96da5b84764db9bb4278aba5df92927d
SHA-256: 4ab2e109956682483db3e0c4cb5a50872548a7c9124736a608d557a476cd14da
qemu-kvm-tools-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: f505a48fea614747b15579b408b73b9d
SHA-256: 2435186d0968a87c938ddd4ad8b51f43f9afc6cc00bd190cdb42e6c5e34aad23
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.355.el6_4.6.src.rpm
File outdated by:  RHSA-2014:0420
    MD5: 335afbcc4a6d7146f817a9ef8d3b033e
SHA-256: 067433fa97737e37e627ca6d6cc0d5a871342ad79f2cab2d5402d35b13df7032
 
IA-32:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.i686.rpm
File outdated by:  RHSA-2014:0420
    MD5: cebf06959c8af2aeaf96466ec69364d5
SHA-256: 8679befd6ad2a5ff137bea63af4726be4d70af455786e23422e383341adebda8
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.i686.rpm
File outdated by:  RHSA-2014:0420
    MD5: eb80c0b33d3de640696ea68257fcc5e0
SHA-256: 254a3c98f758ed78202e0c52e916e48d3c76eb901485d08911e4c179c77788e1
 
x86_64:
qemu-guest-agent-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 1912e36185320a4e12c7bebac3d9936a
SHA-256: 02fe0ac52aac63de8c0ca43f39fc38dff0ac15e2a9afc1bd5898d149f4bc301e
qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 87d9ef45f19ac1c34f1267ac64f8267c
SHA-256: 6a1ff9f4e083ca70b16b18c2d1c7b902fa86fae2fd68b8b3285e81bdc7822052
qemu-img-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 8016d24c415fef35addb433659e3a8bb
SHA-256: 4f8cc5367ff77bf6a89c16350bd00c88332be9db61bea5a751db76151e4a9c5c
qemu-kvm-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: 805d7f598702da06418142a02aa900b7
SHA-256: 4096af1caf6d2705afcffd88cec817ceea0844a486eaa1d9e494624074476866
qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHBA-2013:1401
    MD5: 96da5b84764db9bb4278aba5df92927d
SHA-256: 4ab2e109956682483db3e0c4cb5a50872548a7c9124736a608d557a476cd14da
qemu-kvm-tools-0.12.1.2-2.355.el6_4.6.x86_64.rpm
File outdated by:  RHSA-2014:0420
    MD5: f505a48fea614747b15579b408b73b9d
SHA-256: 2435186d0968a87c938ddd4ad8b51f43f9afc6cc00bd190cdb42e6c5e34aad23
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

980757 - CVE-2013-2231 qemu: qemu-ga win32 service unquoted search path


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/