Bug Fix Advisory hypervkvpd bug fix update

Advisory: RHBA-2013:1539-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2013-11-20
Last updated on: 2013-11-20
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)

Details

Updated hypervkvpd packages that fix several bugs are now available for Red Hat
Enterprise Linux 6.

The hypervkvpd packages contain hypervkvpd, the guest Hyper-V Key-Value Pair
(KVP) daemon. Using VMbus, hypervkvpd passes basic information to the host. The
information includes guest IP address, fully qualified domain name, operating
system name, and operating system release number. An IP injection functionality
enables the user to change the IP address of a guest from the host via the
hypervkvpd daemon.

This update fixes the following bugs:

* Previously, the hypervkvpd service registered to two netlink multicast groups,
one of which was used by the cgred service. When hypervkvpd received a netlink
message, it was interpreted blindly as its own. As a consequence, hypervkvpd
terminated unexpectedly with a segmentation fault. After this update, hypervkvpd
now registers only to its own netlink multicast group and verifies the type of
the incoming netlink message. Using hypervkvpd when the cgred service is running
no longer leads to a segmentation fault. (BZ#920032)

* Prior to this update, the hypervkvpd init script did not check if Hyper-V
driver modules were loaded into the kernel. If hypervkvpd was installed, it
started automatically on system boot, even if the system was not running as a
guest machine on a Hyper-V hypervisor. Verification has been added to the
hypervkvpd init script to determine whether Hyper-V driver modules are loaded
into the kernel. As a result, if the modules are not loaded into the kernel,
hypervkvpd now does not start, but displays a message that proper driver modules
are not loaded. (BZ#962565)

* Previously, hypervkvpd was not built with sufficiently secure compiler
options, which could, consequently, make the compiled code vulnerable. The
hypervkvpd daemon has been built with full read-only relocation (RELRO) and
position-independent executable (PIE) flags. As a result, the compiled code is
more secure and better guarded against possible buffer overflows. (BZ#977861)

* When using the Get-VMNetworkAdapter command to query a virtual machine
network adapter, each subnet string has to be separated by a semicolon.
Due to a bug in the IPv6 subnet enumeration code, the IPv6 addresses
were not listed. A patch has been applied, and the IPv6 subnet
enumeration now works as expected. (BZ#983851)

Users of hypervkvpd are advised to upgrade to these updated packages, which fix
these bugs. After updating the hypervkvpd packages, rebooting all guest machines
is recommended, otherwise the Microsoft Windows server with Hyper-V might not be
able to get information from these guest machines.


Solution

Before applying this update, make sure all previously released errata relevant
to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
hypervkvpd-0-0.12.el6.src.rpm
File outdated by:  RHBA-2015:1311
    MD5: 9207ef112811e552795e2269fa673990
SHA-256: 4470c14a49b56df9fa210564577c485a6a8230bd3eca78cec061c1e28c9e811b
 
IA-32:
hypervkvpd-0-0.12.el6.i686.rpm
File outdated by:  RHBA-2015:1311
    MD5: f02a9f8fe17d31b1e4d003ebff4727fd
SHA-256: 5ff455598f074cda593897232c30aafc8cfa1fc9ce465156919bbc653242677c
hypervkvpd-debuginfo-0-0.12.el6.i686.rpm     MD5: 471b4d093d977d4a7d9d02f83b991907
SHA-256: 71b2630463c42dd052bc50162938aa00b58357869998313293c71d956aa2d815
 
x86_64:
hypervkvpd-0-0.12.el6.x86_64.rpm
File outdated by:  RHBA-2015:1311
    MD5: 79301e17eb2ac0edaa658b5139f9e8fc
SHA-256: 6f602151ab26cf930e6d9dc1cea5675c6b3b7300acf7bcf1609bf3d71c10db67
hypervkvpd-debuginfo-0-0.12.el6.x86_64.rpm     MD5: cc8dc684113b97d81774ea96a8e5d5cd
SHA-256: a5ff5fe4a0872ecac2bc6b49b352c958c49eee7dcdc778e664cc383fc76b878e
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
hypervkvpd-0-0.12.el6.src.rpm
File outdated by:  RHBA-2015:1311
    MD5: 9207ef112811e552795e2269fa673990
SHA-256: 4470c14a49b56df9fa210564577c485a6a8230bd3eca78cec061c1e28c9e811b
 
x86_64:
hypervkvpd-0-0.12.el6.x86_64.rpm
File outdated by:  RHBA-2015:1311
    MD5: 79301e17eb2ac0edaa658b5139f9e8fc
SHA-256: 6f602151ab26cf930e6d9dc1cea5675c6b3b7300acf7bcf1609bf3d71c10db67
hypervkvpd-debuginfo-0-0.12.el6.x86_64.rpm     MD5: cc8dc684113b97d81774ea96a8e5d5cd
SHA-256: a5ff5fe4a0872ecac2bc6b49b352c958c49eee7dcdc778e664cc383fc76b878e
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
hypervkvpd-0-0.12.el6.src.rpm
File outdated by:  RHBA-2015:1311
    MD5: 9207ef112811e552795e2269fa673990
SHA-256: 4470c14a49b56df9fa210564577c485a6a8230bd3eca78cec061c1e28c9e811b
 
IA-32:
hypervkvpd-0-0.12.el6.i686.rpm
File outdated by:  RHBA-2015:1311
    MD5: f02a9f8fe17d31b1e4d003ebff4727fd
SHA-256: 5ff455598f074cda593897232c30aafc8cfa1fc9ce465156919bbc653242677c
hypervkvpd-debuginfo-0-0.12.el6.i686.rpm     MD5: 471b4d093d977d4a7d9d02f83b991907
SHA-256: 71b2630463c42dd052bc50162938aa00b58357869998313293c71d956aa2d815
 
x86_64:
hypervkvpd-0-0.12.el6.x86_64.rpm
File outdated by:  RHBA-2015:1311
    MD5: 79301e17eb2ac0edaa658b5139f9e8fc
SHA-256: 6f602151ab26cf930e6d9dc1cea5675c6b3b7300acf7bcf1609bf3d71c10db67
hypervkvpd-debuginfo-0-0.12.el6.x86_64.rpm     MD5: cc8dc684113b97d81774ea96a8e5d5cd
SHA-256: a5ff5fe4a0872ecac2bc6b49b352c958c49eee7dcdc778e664cc383fc76b878e
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
hypervkvpd-0-0.12.el6.src.rpm
File outdated by:  RHBA-2015:1311
    MD5: 9207ef112811e552795e2269fa673990
SHA-256: 4470c14a49b56df9fa210564577c485a6a8230bd3eca78cec061c1e28c9e811b
 
IA-32:
hypervkvpd-0-0.12.el6.i686.rpm
File outdated by:  RHBA-2015:1311
    MD5: f02a9f8fe17d31b1e4d003ebff4727fd
SHA-256: 5ff455598f074cda593897232c30aafc8cfa1fc9ce465156919bbc653242677c
hypervkvpd-debuginfo-0-0.12.el6.i686.rpm     MD5: 471b4d093d977d4a7d9d02f83b991907
SHA-256: 71b2630463c42dd052bc50162938aa00b58357869998313293c71d956aa2d815
 
x86_64:
hypervkvpd-0-0.12.el6.x86_64.rpm
File outdated by:  RHBA-2015:1311
    MD5: 79301e17eb2ac0edaa658b5139f9e8fc
SHA-256: 6f602151ab26cf930e6d9dc1cea5675c6b3b7300acf7bcf1609bf3d71c10db67
hypervkvpd-debuginfo-0-0.12.el6.x86_64.rpm     MD5: cc8dc684113b97d81774ea96a8e5d5cd
SHA-256: a5ff5fe4a0872ecac2bc6b49b352c958c49eee7dcdc778e664cc383fc76b878e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

920032 - hypervkvpd segfault when cgred is running
965944 - [Hyper-V][CoverityScan][RHEL6.5]Unchecked_value, null returns and resource leak
978300 - [Hyper-V][RHEL6.5]Failed to start the hypervkvpd service with error "Hyper-V drivers are not loaded"
983851 - hypervkvpd: Fix a bug in IPV6 subnet enumeration



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/