Skip to navigation

Security Advisory Moderate: kvm security and bug fix update

Advisory: RHSA-2012:0149-3
Type: Security Advisory
Severity: Moderate
Issued on: 2012-02-21
Last updated on: 2012-02-21
Affected Products: RHEL Desktop Multi OS (v. 5 client)
RHEL Virtualization (v. 5 server)
CVEs (cve.mitre.org): CVE-2011-4347

Details

Updated kvm packages that fix one security issue and several bugs are now
available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Red Hat Enterprise Linux kernel.

It was found that the kvm_vm_ioctl_assign_device() function in the KVM
subsystem of a Linux kernel did not check if the user requesting device
assignment was privileged or not. A member of the kvm group on the host
could assign unused PCI devices, or even devices that were in use and
whose resources were not properly claimed by the respective drivers, which
could result in the host crashing. (CVE-2011-4347)

Red Hat would like to thank Sasha Levin for reporting this issue.

These updated kvm packages include several bug fixes. Space precludes
documenting all of these changes in this advisory. Users are directed to
the Red Hat Enterprise Linux 5.8 Technical Notes, linked to in the
References, for information on the most significant of these changes.

All KVM users should upgrade to these updated packages, which contain
backported patches to correct these issues. Note: The procedure in the
Solution section must be performed before this update will take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

The following procedure must be performed before this update will take
effect:

1) Stop all KVM guest virtual machines.

2) Either reboot the hypervisor machine or, as the root user, remove (using
"modprobe -r [module]") and reload (using "modprobe [module]") all of the
following modules which are currently running (determined using "lsmod"):
kvm, ksm, kvm-intel or kvm-amd.

3) Restart the KVM guest virtual machines.

Updated packages

RHEL Desktop Multi OS (v. 5 client)

SRPMS:
kvm-83-249.el5.src.rpm
File outdated by:  RHSA-2014:0163
    MD5: ae0af8b7058264c7a2b9a462a1fb17c5
SHA-256: efbece42d41fd376b33e89cbc84023b546d02e577302f7d3aac854a99554dd54
 
x86_64:
kmod-kvm-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: 174dd44cb49aecdf98f24a3d8beed133
SHA-256: 4454cc772191a360cf4afb84be38ff82e1aef13a7a6f4197060c2559e022a59a
kmod-kvm-debug-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: f8211ebd23480d9eb05b2b8f5c9b6bb8
SHA-256: 2dbc2128b63467c4a2c202fa81e4682fe8090d9ede9865e0459cad17691e1224
kvm-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: 9ae2c7734532e06835c0cbbbecf0b3ac
SHA-256: c8f306dceb53a46f324722f74b380ca4d9556c04aea45698f17745ae2403a890
kvm-debuginfo-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: 7ab15c5d5c3afac1ffe261171cf7c507
SHA-256: 2d43dc751d850a43313937e0b35533a5cb5112ea6b24bb3459d4b6d1eb8c522b
kvm-qemu-img-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: 5ea13d04b7c357d735bb6365bb061e77
SHA-256: f727fd24e066e695d825237febcfa097f0b61c24c116800c30ed899ab16117be
kvm-tools-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: ed405edbcf15b36be8807d369ad3ae90
SHA-256: a4e04f2e7f4828b39e2b55d8dd3eecd268291384606e9a0cae139eede6f42251
 
RHEL Virtualization (v. 5 server)

SRPMS:
kvm-83-249.el5.src.rpm
File outdated by:  RHSA-2014:0163
    MD5: ae0af8b7058264c7a2b9a462a1fb17c5
SHA-256: efbece42d41fd376b33e89cbc84023b546d02e577302f7d3aac854a99554dd54
 
x86_64:
kmod-kvm-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: 174dd44cb49aecdf98f24a3d8beed133
SHA-256: 4454cc772191a360cf4afb84be38ff82e1aef13a7a6f4197060c2559e022a59a
kmod-kvm-debug-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: f8211ebd23480d9eb05b2b8f5c9b6bb8
SHA-256: 2dbc2128b63467c4a2c202fa81e4682fe8090d9ede9865e0459cad17691e1224
kvm-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: 9ae2c7734532e06835c0cbbbecf0b3ac
SHA-256: c8f306dceb53a46f324722f74b380ca4d9556c04aea45698f17745ae2403a890
kvm-debuginfo-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: 7ab15c5d5c3afac1ffe261171cf7c507
SHA-256: 2d43dc751d850a43313937e0b35533a5cb5112ea6b24bb3459d4b6d1eb8c522b
kvm-qemu-img-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: 5ea13d04b7c357d735bb6365bb061e77
SHA-256: f727fd24e066e695d825237febcfa097f0b61c24c116800c30ed899ab16117be
kvm-tools-83-249.el5.x86_64.rpm
File outdated by:  RHSA-2014:0163
    MD5: ed405edbcf15b36be8807d369ad3ae90
SHA-256: a4e04f2e7f4828b39e2b55d8dd3eecd268291384606e9a0cae139eede6f42251
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

701616 - limitation on max number of assigned devices does not take effect if hot-plug pci devices
703335 - KVM guest clocks jump forward one hour on reboot
703446 - Failed to ping guest after MTU is changed
704081 - mouse responds very slowly with huge memory
725876 - RTC interrupt problems with RHEL5 qemu/kvm (0.10 based) on 2.6.38+ guest kernels.
753860 - Fix kvm userspace compilation on RHEL-5 to match the kernel changes
756084 - CVE-2011-4347 kernel: kvm: device assignment DoS


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/