Red Hat Customer Portal

Skip to main content

Security Advisory Important: qemu-kvm-rhev security update

Advisory: RHSA-2015:1772-2
Type: Security Advisory
Severity: Important
Issued on: 2015-09-14
Last updated on: 2015-09-14
Affected Products: Red Hat OpenStack 5.0 for RHEL 7
Red Hat OpenStack 6.0 for RHEL 7
CVEs (cve.mitre.org): CVE-2015-5225

Details

Updated qemu-kvm-rhev packages that fix one security issue are now
available for Red Hat Enterprise Linux OpenStack Platform 5.0, 6.0 and 7.0,
for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the
user-space component for running virtual machines using KVM.

A heap-based buffer overflow issue was found in the QEMU emulator's VNC
display driver. It could occur while refreshing the VNC server's display
surface using the vnc_refresh_server_surface() routine. A privileged guest
user could use this flaw to corrupt the heap memory and crash the QEMU
process instance, or to potentially use it to execute arbitrary code on the
host. (CVE-2015-5225)

Red Hat would like to thank Mr Qinghao Tang from QIHU 360 Inc. and Mr
Zuozhi from Alibaba Inc. for reporting this issue.

All qemu-kvm-rhev users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. After installing
this update, shut down all running virtual machines. After all virtual
machines have shut down, start them again for this update to take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Updated packages

Red Hat OpenStack 5.0 for RHEL 7

SRPMS:
qemu-kvm-rhev-2.1.2-23.el7_1.9.src.rpm
File outdated by:  RHSA-2016:1654
    MD5: ef082f3db9b7a962694b20eb9844e029
SHA-256: 1ea6d4dcb7382e5ee2d8b16d376197a655b037b3bdeb1e6bd49c3a886f1e49b9
 
x86_64:
libcacard-devel-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1655
    MD5: efd5991df25f88076eadf13e6d4bf90b
SHA-256: 3e5f1331aadb04344f1a7256ef8ff72b498c1a54e400309496a73a49230807a9
libcacard-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1655
    MD5: e4b54c2283158efb15ffaa8dc43c7da7
SHA-256: 2163bd48658e1f82975c541388493cfa6bd63f45f4f3bd0f11a2ae3dac876873
libcacard-tools-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1655
    MD5: 98b818042a5e2adf98449d2b6081c14c
SHA-256: f796ab67bec4316e83b4c288014235251d2fef7bd5237ec31cc7a096910f6f78
qemu-img-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1655
    MD5: 2f469e2b090ed274e5252bf23c3872cd
SHA-256: 80479ab8b04237b75c82ed2e1f3d250ea6d5876218a10bc63510ae26d99d68ef
qemu-kvm-common-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1655
    MD5: b5d2ab4a0df6b307a9d928cb1a92c1c4
SHA-256: c13cd3ba50ed87cf011b5c79b7ef2d08c88a6cda8f3c1ef58077f512290f3418
qemu-kvm-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1655
    MD5: 625975a3a6dd016885ae8a4ce68c8935
SHA-256: 8499fd600630df6aabb11f0bb739463fc1d263a3ed0785fed78c1dd2520efa03
qemu-kvm-rhev-debuginfo-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1655
    MD5: db11a271e1c07f843c355fc3b4425919
SHA-256: 8bafb71c3b89d9f05b36a8e0266809476978441583bb595e3708263eb622114e
qemu-kvm-tools-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1655
    MD5: 204f0c2fc6b5e44306653f95e5e22d5e
SHA-256: 1bbcd4b5443b5bd99c3d9d1cfdd9420eb0c13dcd343c99b74f9219d1b1173099
 
Red Hat OpenStack 6.0 for RHEL 7

SRPMS:
qemu-kvm-rhev-2.1.2-23.el7_1.9.src.rpm
File outdated by:  RHSA-2016:1654
    MD5: ef082f3db9b7a962694b20eb9844e029
SHA-256: 1ea6d4dcb7382e5ee2d8b16d376197a655b037b3bdeb1e6bd49c3a886f1e49b9
 
x86_64:
libcacard-devel-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1654
    MD5: efd5991df25f88076eadf13e6d4bf90b
SHA-256: 3e5f1331aadb04344f1a7256ef8ff72b498c1a54e400309496a73a49230807a9
libcacard-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1654
    MD5: e4b54c2283158efb15ffaa8dc43c7da7
SHA-256: 2163bd48658e1f82975c541388493cfa6bd63f45f4f3bd0f11a2ae3dac876873
libcacard-tools-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1654
    MD5: 98b818042a5e2adf98449d2b6081c14c
SHA-256: f796ab67bec4316e83b4c288014235251d2fef7bd5237ec31cc7a096910f6f78
qemu-img-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1654
    MD5: 2f469e2b090ed274e5252bf23c3872cd
SHA-256: 80479ab8b04237b75c82ed2e1f3d250ea6d5876218a10bc63510ae26d99d68ef
qemu-kvm-common-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1654
    MD5: b5d2ab4a0df6b307a9d928cb1a92c1c4
SHA-256: c13cd3ba50ed87cf011b5c79b7ef2d08c88a6cda8f3c1ef58077f512290f3418
qemu-kvm-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1654
    MD5: 625975a3a6dd016885ae8a4ce68c8935
SHA-256: 8499fd600630df6aabb11f0bb739463fc1d263a3ed0785fed78c1dd2520efa03
qemu-kvm-rhev-debuginfo-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1654
    MD5: db11a271e1c07f843c355fc3b4425919
SHA-256: 8bafb71c3b89d9f05b36a8e0266809476978441583bb595e3708263eb622114e
qemu-kvm-tools-rhev-2.1.2-23.el7_1.9.x86_64.rpm
File outdated by:  RHSA-2016:1654
    MD5: 204f0c2fc6b5e44306653f95e5e22d5e
SHA-256: 1bbcd4b5443b5bd99c3d9d1cfdd9420eb0c13dcd343c99b74f9219d1b1173099
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1255896 - CVE-2015-5225 Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/