Skip to navigation

Security Advisory Important: xen security update

Advisory: RHSA-2011:0496-1
Type: Security Advisory
Severity: Important
Issued on: 2011-05-09
Last updated on: 2011-05-09
Affected Products: RHEL Desktop Multi OS (v. 5 client)
RHEL Virtualization (v. 5 server)
RHEL Virtualization EUS (v. 5.6.z server)
RHEL Virtualization Long Life (v. 5.6 server)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.6.z server)
Red Hat Enterprise Linux Long Life (v. 5.6 server)
CVEs (cve.mitre.org): CVE-2011-1583
CVE-2011-3262

Details

Updated xen packages that fix several security issues are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The xen packages contain administration tools and the xend service for
managing the kernel-xen kernel for virtualization on Red Hat Enterprise
Linux.

It was found that the xc_try_bzip2_decode() and xc_try_lzma_decode() decode
routines did not correctly check for a possible buffer size overflow in the
decoding loop. As well, several integer overflow flaws and missing
error/range checking were found that could lead to an infinite loop. A
privileged guest user could use these flaws to crash the guest or,
possibly, execute arbitrary code in the privileged management domain
(Dom0). (CVE-2011-1583)

All xen users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

RHEL Desktop Multi OS (v. 5 client)

SRPMS:
xen-3.0.3-120.el5_6.2.src.rpm
File outdated by:  RHBA-2012:0138
    MD5: c2ca5f2fb0020a04c37a088d58ed23bf
SHA-256: 9a93bb5d16eff03acb9841c8bc3e77c88852bd62d57a55da67e6244d69bc3d3d
 
IA-32:
xen-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 3b7504a430d4f91a9150962117178479
SHA-256: ae07b72cb097e88d57d3467427a34b487529712553d0768eeea6651a640b0b76
xen-devel-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: cc37c4fce4f2db747f8e493672e18283
SHA-256: 0fac3949cb252453977837a141dca4ca367c738aab3573f2669399469eab3d6c
 
x86_64:
xen-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 74786968305361eb6b3272a6d896a439
SHA-256: 76c180d18002caa56741746138c947e706829e01f511354607f5a8b46b9d6cd6
xen-devel-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: cc37c4fce4f2db747f8e493672e18283
SHA-256: 0fac3949cb252453977837a141dca4ca367c738aab3573f2669399469eab3d6c
xen-devel-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: e5ab16e5a1373c6e9a8e4b37cd2936d6
SHA-256: e9da7602f60f5ef3b14e1d7bab42afe591e4a2f7c1bbbc9a3e292c4ef4bb6112
 
RHEL Virtualization (v. 5 server)

SRPMS:
xen-3.0.3-120.el5_6.2.src.rpm
File outdated by:  RHBA-2012:0138
    MD5: c2ca5f2fb0020a04c37a088d58ed23bf
SHA-256: 9a93bb5d16eff03acb9841c8bc3e77c88852bd62d57a55da67e6244d69bc3d3d
 
IA-32:
xen-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 3b7504a430d4f91a9150962117178479
SHA-256: ae07b72cb097e88d57d3467427a34b487529712553d0768eeea6651a640b0b76
xen-devel-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: cc37c4fce4f2db747f8e493672e18283
SHA-256: 0fac3949cb252453977837a141dca4ca367c738aab3573f2669399469eab3d6c
 
IA-64:
xen-3.0.3-120.el5_6.2.ia64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 0fbeaa900a78bbaa431169b298a49193
SHA-256: c28bb0a451413f2b5e4d267ab7ccdc34e7601aa39297d1c44052e758eda74591
xen-devel-3.0.3-120.el5_6.2.ia64.rpm
File outdated by:  RHBA-2013:0846
    MD5: aa71d40f922eeac19c6a22790b1e9132
SHA-256: fbe681074663aaf680b73cbf20fd8164def024ed8ecce2955248def874af7d4d
 
x86_64:
xen-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 74786968305361eb6b3272a6d896a439
SHA-256: 76c180d18002caa56741746138c947e706829e01f511354607f5a8b46b9d6cd6
xen-devel-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: cc37c4fce4f2db747f8e493672e18283
SHA-256: 0fac3949cb252453977837a141dca4ca367c738aab3573f2669399469eab3d6c
xen-devel-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: e5ab16e5a1373c6e9a8e4b37cd2936d6
SHA-256: e9da7602f60f5ef3b14e1d7bab42afe591e4a2f7c1bbbc9a3e292c4ef4bb6112
 
RHEL Virtualization EUS (v. 5.6.z server)

SRPMS:
xen-3.0.3-120.el5_6.2.src.rpm
File outdated by:  RHBA-2012:0138
    MD5: c2ca5f2fb0020a04c37a088d58ed23bf
SHA-256: 9a93bb5d16eff03acb9841c8bc3e77c88852bd62d57a55da67e6244d69bc3d3d
 
IA-32:
xen-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: 3b7504a430d4f91a9150962117178479
SHA-256: ae07b72cb097e88d57d3467427a34b487529712553d0768eeea6651a640b0b76
xen-devel-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: cc37c4fce4f2db747f8e493672e18283
SHA-256: 0fac3949cb252453977837a141dca4ca367c738aab3573f2669399469eab3d6c
 
IA-64:
xen-3.0.3-120.el5_6.2.ia64.rpm
File outdated by:  RHBA-2012:0138
    MD5: 0fbeaa900a78bbaa431169b298a49193
SHA-256: c28bb0a451413f2b5e4d267ab7ccdc34e7601aa39297d1c44052e758eda74591
xen-devel-3.0.3-120.el5_6.2.ia64.rpm
File outdated by:  RHBA-2012:0138
    MD5: aa71d40f922eeac19c6a22790b1e9132
SHA-256: fbe681074663aaf680b73cbf20fd8164def024ed8ecce2955248def874af7d4d
 
x86_64:
xen-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2012:0138
    MD5: 74786968305361eb6b3272a6d896a439
SHA-256: 76c180d18002caa56741746138c947e706829e01f511354607f5a8b46b9d6cd6
xen-devel-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: cc37c4fce4f2db747f8e493672e18283
SHA-256: 0fac3949cb252453977837a141dca4ca367c738aab3573f2669399469eab3d6c
xen-devel-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2012:0138
    MD5: e5ab16e5a1373c6e9a8e4b37cd2936d6
SHA-256: e9da7602f60f5ef3b14e1d7bab42afe591e4a2f7c1bbbc9a3e292c4ef4bb6112
 
RHEL Virtualization Long Life (v. 5.6 server)

SRPMS:
xen-3.0.3-120.el5_6.2.src.rpm
File outdated by:  RHBA-2012:0138
    MD5: c2ca5f2fb0020a04c37a088d58ed23bf
SHA-256: 9a93bb5d16eff03acb9841c8bc3e77c88852bd62d57a55da67e6244d69bc3d3d
 
IA-32:
xen-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: 3b7504a430d4f91a9150962117178479
SHA-256: ae07b72cb097e88d57d3467427a34b487529712553d0768eeea6651a640b0b76
xen-devel-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: cc37c4fce4f2db747f8e493672e18283
SHA-256: 0fac3949cb252453977837a141dca4ca367c738aab3573f2669399469eab3d6c
 
IA-64:
xen-3.0.3-120.el5_6.2.ia64.rpm
File outdated by:  RHBA-2012:0138
    MD5: 0fbeaa900a78bbaa431169b298a49193
SHA-256: c28bb0a451413f2b5e4d267ab7ccdc34e7601aa39297d1c44052e758eda74591
xen-devel-3.0.3-120.el5_6.2.ia64.rpm
File outdated by:  RHBA-2012:0138
    MD5: aa71d40f922eeac19c6a22790b1e9132
SHA-256: fbe681074663aaf680b73cbf20fd8164def024ed8ecce2955248def874af7d4d
 
x86_64:
xen-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2012:0138
    MD5: 74786968305361eb6b3272a6d896a439
SHA-256: 76c180d18002caa56741746138c947e706829e01f511354607f5a8b46b9d6cd6
xen-devel-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: cc37c4fce4f2db747f8e493672e18283
SHA-256: 0fac3949cb252453977837a141dca4ca367c738aab3573f2669399469eab3d6c
xen-devel-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2012:0138
    MD5: e5ab16e5a1373c6e9a8e4b37cd2936d6
SHA-256: e9da7602f60f5ef3b14e1d7bab42afe591e4a2f7c1bbbc9a3e292c4ef4bb6112
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
xen-3.0.3-120.el5_6.2.src.rpm
File outdated by:  RHBA-2012:0138
    MD5: c2ca5f2fb0020a04c37a088d58ed23bf
SHA-256: 9a93bb5d16eff03acb9841c8bc3e77c88852bd62d57a55da67e6244d69bc3d3d
 
IA-32:
xen-libs-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 9bbbc82426980919f310f43fee4ad102
SHA-256: 9de7cd9c2e433c248740c1e3c2ea57427c746cd0a8d8a65455a2e5a80859f974
 
IA-64:
xen-libs-3.0.3-120.el5_6.2.ia64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 0e8552c5645d2dafc8ed7785b436772b
SHA-256: 7b394780c134e1c910b6b5eab85933b808bc3028814245bf0e9af54785ee0094
 
x86_64:
xen-libs-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 9bbbc82426980919f310f43fee4ad102
SHA-256: 9de7cd9c2e433c248740c1e3c2ea57427c746cd0a8d8a65455a2e5a80859f974
xen-libs-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: e9fe14f330cd3b0ff57702c6a7c1fc0f
SHA-256: 4a2e82a6171ae06b2e0b8f8f7e2f685a62f1a61132f660132aa3e9ab68d2bc8f
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
xen-3.0.3-120.el5_6.2.src.rpm
File outdated by:  RHBA-2012:0138
    MD5: c2ca5f2fb0020a04c37a088d58ed23bf
SHA-256: 9a93bb5d16eff03acb9841c8bc3e77c88852bd62d57a55da67e6244d69bc3d3d
 
IA-32:
xen-libs-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 9bbbc82426980919f310f43fee4ad102
SHA-256: 9de7cd9c2e433c248740c1e3c2ea57427c746cd0a8d8a65455a2e5a80859f974
 
x86_64:
xen-libs-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 9bbbc82426980919f310f43fee4ad102
SHA-256: 9de7cd9c2e433c248740c1e3c2ea57427c746cd0a8d8a65455a2e5a80859f974
xen-libs-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: e9fe14f330cd3b0ff57702c6a7c1fc0f
SHA-256: 4a2e82a6171ae06b2e0b8f8f7e2f685a62f1a61132f660132aa3e9ab68d2bc8f
 
Red Hat Enterprise Linux EUS (v. 5.6.z server)

SRPMS:
xen-3.0.3-120.el5_6.2.src.rpm
File outdated by:  RHBA-2012:0138
    MD5: c2ca5f2fb0020a04c37a088d58ed23bf
SHA-256: 9a93bb5d16eff03acb9841c8bc3e77c88852bd62d57a55da67e6244d69bc3d3d
 
IA-32:
xen-libs-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: 9bbbc82426980919f310f43fee4ad102
SHA-256: 9de7cd9c2e433c248740c1e3c2ea57427c746cd0a8d8a65455a2e5a80859f974
 
IA-64:
xen-libs-3.0.3-120.el5_6.2.ia64.rpm
File outdated by:  RHBA-2012:0138
    MD5: 0e8552c5645d2dafc8ed7785b436772b
SHA-256: 7b394780c134e1c910b6b5eab85933b808bc3028814245bf0e9af54785ee0094
 
x86_64:
xen-libs-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: 9bbbc82426980919f310f43fee4ad102
SHA-256: 9de7cd9c2e433c248740c1e3c2ea57427c746cd0a8d8a65455a2e5a80859f974
xen-libs-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2012:0138
    MD5: e9fe14f330cd3b0ff57702c6a7c1fc0f
SHA-256: 4a2e82a6171ae06b2e0b8f8f7e2f685a62f1a61132f660132aa3e9ab68d2bc8f
 
Red Hat Enterprise Linux Long Life (v. 5.6 server)

SRPMS:
xen-3.0.3-120.el5_6.2.src.rpm
File outdated by:  RHBA-2012:0138
    MD5: c2ca5f2fb0020a04c37a088d58ed23bf
SHA-256: 9a93bb5d16eff03acb9841c8bc3e77c88852bd62d57a55da67e6244d69bc3d3d
 
IA-32:
xen-libs-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: 9bbbc82426980919f310f43fee4ad102
SHA-256: 9de7cd9c2e433c248740c1e3c2ea57427c746cd0a8d8a65455a2e5a80859f974
 
IA-64:
xen-libs-3.0.3-120.el5_6.2.ia64.rpm
File outdated by:  RHBA-2012:0138
    MD5: 0e8552c5645d2dafc8ed7785b436772b
SHA-256: 7b394780c134e1c910b6b5eab85933b808bc3028814245bf0e9af54785ee0094
 
x86_64:
xen-libs-3.0.3-120.el5_6.2.i386.rpm
File outdated by:  RHBA-2012:0138
    MD5: 9bbbc82426980919f310f43fee4ad102
SHA-256: 9de7cd9c2e433c248740c1e3c2ea57427c746cd0a8d8a65455a2e5a80859f974
xen-libs-3.0.3-120.el5_6.2.x86_64.rpm
File outdated by:  RHBA-2012:0138
    MD5: e9fe14f330cd3b0ff57702c6a7c1fc0f
SHA-256: 4a2e82a6171ae06b2e0b8f8f7e2f685a62f1a61132f660132aa3e9ab68d2bc8f
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

696927 - CVE-2011-1583 xen: insufficiencies in pv kernel image validation


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/