Security Advisory Moderate: qemu-kvm-rhev security fix update

Advisory: RHSA-2015:1740-1
Type: Security Advisory
Severity: Moderate
Issued on: 2015-09-07
Last updated on: 2015-09-07
Affected Products: Red Hat Enterprise Virtualization 3
CVEs (cve.mitre.org): CVE-2015-5165

Details

Updated qemu-kvm-rhev packages that fix one security issue and one bug are
now available for Red Hat Enterprise Virtualization.

Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the
user-space component for running virtual machines using KVM in environments
managed by Red Hat Enterprise Virtualization Manager.

An information leak flaw was found in the way QEMU's RTL8139 emulation
implementation processed network packets under RTL8139 controller's C+ mode
of operation. An unprivileged guest user could use this flaw to read up to
65 KB of uninitialized QEMU heap memory. (CVE-2015-5165)

Red Hat would like to thank the Xen project for reporting this issue.
Upstream acknowledges Donghai Zhu of Alibaba as the original reporter.

All users of qemu-kvm-rhev are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue. After
installing this update, shut down all running virtual machines. Once all
virtual machines have shut down, start them again for this update to take
effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Updated packages

Red Hat Enterprise Virtualization 3

SRPMS:
qemu-kvm-rhev-0.12.1.2-2.479.el6_7.1.src.rpm
File outdated by:  RHSA-2017:1205
    MD5: 82692d7553535ea04da0da5998eb4a0c
SHA-256: fc2f9812979035336f141b7e0301cec0f5864e9c97d31121206f6b8e45e3ef48
 
x86_64:
qemu-img-rhev-0.12.1.2-2.479.el6_7.1.x86_64.rpm
File outdated by:  RHSA-2017:1205
    MD5: c4d47c4eafb74cd816296154a852a7e5
SHA-256: 30c035203625a7cf68c1d9440dc1cb9335e7760a2f6c9931e1b8a476a52ab599
qemu-kvm-rhev-0.12.1.2-2.479.el6_7.1.x86_64.rpm
File outdated by:  RHSA-2017:1205
    MD5: 3647eb749389b73025911e1995325ff0
SHA-256: a37ab4a3833dfbe055759d17f496282aa2259e91cc01c575ebfc9b79472531dc
qemu-kvm-rhev-debuginfo-0.12.1.2-2.479.el6_7.1.x86_64.rpm
File outdated by:  RHSA-2017:1205
    MD5: d1ddee6272e5e84c1765e0c32d180428
SHA-256: 9e7cc92fdbfdb09ca17d5950599f27bcd1ab94ba6456b60a9cb7bc18f12f46a4
qemu-kvm-rhev-tools-0.12.1.2-2.479.el6_7.1.x86_64.rpm
File outdated by:  RHSA-2017:1205
    MD5: 6c543bf2b1698cd24785415740d8b486
SHA-256: e5346a88d439694e6c60515062f4445c79b2b98966b4e7fd3456253b1cdff89d
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1248760 - CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/