Skip to navigation

Security Advisory Important: xen security update

Advisory: RHSA-2012:1236-1
Type: Security Advisory
Severity: Important
Issued on: 2012-09-05
Last updated on: 2012-09-05
Affected Products: RHEL Desktop Multi OS (v. 5 client)
RHEL Virtualization (v. 5 server)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2012-3515

Details

Updated xen packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The xen packages contain administration tools and the xend service for
managing the kernel-xen kernel for virtualization on Red Hat Enterprise
Linux.

A flaw was found in the way QEMU handled VT100 terminal escape sequences
when emulating certain character devices. A guest user with privileges to
write to a character device that is emulated on the host using a virtual
console back-end could use this flaw to crash the qemu process on the
host or, possibly, escalate their privileges on the host. (CVE-2012-3515)

This flaw did not affect the default use of the Xen hypervisor
implementation in Red Hat Enterprise Linux 5. This problem only affected
fully-virtualized guests that have a serial or parallel device that uses a
virtual console (vc) back-end. By default, the virtual console back-end is
not used for such devices; only guests explicitly configured to use them
in this way were affected.

Red Hat would like to thank the Xen project for reporting this issue.

All users of xen are advised to upgrade to these updated packages, which
correct this issue. After installing the updated packages, all
fully-virtualized guests must be restarted for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

RHEL Desktop Multi OS (v. 5 client)

SRPMS:
xen-3.0.3-135.el5_8.5.src.rpm
File outdated by:  RHBA-2013:0846
    MD5: 2c99ad3a594ec584c1aa6447faf44f87
SHA-256: 82ae1d3dd4d06a02275ebca866e200009908191805e94ae22b6a052786c2cbfa
 
IA-32:
xen-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 0aeb381c7cd5358eda12faba6b55ee7e
SHA-256: 6bb402340cb795a469d3722abde770559ed496e9feaeb7a952d3f87b83598ecf
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 7df55633aa25c26322e4694a035a00a4
SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-devel-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 1a9d992adb1c9c64868b7bbd676ae5dd
SHA-256: ba21af68a2a9df7ae5aef3b62789c5b8ce0eb34f99c4967b361de17af5cb0a06
 
x86_64:
xen-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 3baed2154c293e99edfd87ea64ec5590
SHA-256: 5cdd09a9633e5b83a1130b47a1f6f9f2270171cf78d2e0a59066d3571fc2be69
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 7df55633aa25c26322e4694a035a00a4
SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 344a83eca530e53bdc225954f4c3c8d9
SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-devel-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 1a9d992adb1c9c64868b7bbd676ae5dd
SHA-256: ba21af68a2a9df7ae5aef3b62789c5b8ce0eb34f99c4967b361de17af5cb0a06
xen-devel-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 0062d31e118ef74a0ad3b3712cc13fcc
SHA-256: a56aac2155520894c22e02710bcf31e979ae1fa3909f6297ae95aa395ae11881
 
RHEL Virtualization (v. 5 server)

SRPMS:
xen-3.0.3-135.el5_8.5.src.rpm
File outdated by:  RHBA-2013:0846
    MD5: 2c99ad3a594ec584c1aa6447faf44f87
SHA-256: 82ae1d3dd4d06a02275ebca866e200009908191805e94ae22b6a052786c2cbfa
 
IA-32:
xen-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 0aeb381c7cd5358eda12faba6b55ee7e
SHA-256: 6bb402340cb795a469d3722abde770559ed496e9feaeb7a952d3f87b83598ecf
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 7df55633aa25c26322e4694a035a00a4
SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-devel-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 1a9d992adb1c9c64868b7bbd676ae5dd
SHA-256: ba21af68a2a9df7ae5aef3b62789c5b8ce0eb34f99c4967b361de17af5cb0a06
 
IA-64:
xen-3.0.3-135.el5_8.5.ia64.rpm
File outdated by:  RHBA-2013:0846
    MD5: d510a45c2f202d064d836195942256ab
SHA-256: f2e8335089834b1828128e06d753b6489ad542d7df21c18683489a9236d07da5
xen-debuginfo-3.0.3-135.el5_8.5.ia64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 5888fbc5bc3e82eb01cbfb9b16b143f9
SHA-256: 2f9717a4e884e9c54af6fac8cd37b74975055a54ebedea24c49348b0acf61174
xen-devel-3.0.3-135.el5_8.5.ia64.rpm
File outdated by:  RHBA-2013:0846
    MD5: cf60bd3eddd6b250245d49388cdb70f1
SHA-256: 7b8eef4e9992b0f8f7beec0ec3979fda15e10c89015d18942e9cf2bc9fdf59d1
 
x86_64:
xen-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 3baed2154c293e99edfd87ea64ec5590
SHA-256: 5cdd09a9633e5b83a1130b47a1f6f9f2270171cf78d2e0a59066d3571fc2be69
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 7df55633aa25c26322e4694a035a00a4
SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 344a83eca530e53bdc225954f4c3c8d9
SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-devel-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 1a9d992adb1c9c64868b7bbd676ae5dd
SHA-256: ba21af68a2a9df7ae5aef3b62789c5b8ce0eb34f99c4967b361de17af5cb0a06
xen-devel-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 0062d31e118ef74a0ad3b3712cc13fcc
SHA-256: a56aac2155520894c22e02710bcf31e979ae1fa3909f6297ae95aa395ae11881
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
xen-3.0.3-135.el5_8.5.src.rpm
File outdated by:  RHBA-2013:0846
    MD5: 2c99ad3a594ec584c1aa6447faf44f87
SHA-256: 82ae1d3dd4d06a02275ebca866e200009908191805e94ae22b6a052786c2cbfa
 
IA-32:
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 7df55633aa25c26322e4694a035a00a4
SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-libs-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: f81fb2f9f277ee3d9e01cd9a3797ad6f
SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036
 
IA-64:
xen-debuginfo-3.0.3-135.el5_8.5.ia64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 5888fbc5bc3e82eb01cbfb9b16b143f9
SHA-256: 2f9717a4e884e9c54af6fac8cd37b74975055a54ebedea24c49348b0acf61174
xen-libs-3.0.3-135.el5_8.5.ia64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 1577c07e8f48124460e509591786f145
SHA-256: 721efbd8a6fc48c2d17d1acaaa2724d601f0742638a13f600a1d1a2777ef9479
 
x86_64:
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 7df55633aa25c26322e4694a035a00a4
SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 344a83eca530e53bdc225954f4c3c8d9
SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-libs-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: f81fb2f9f277ee3d9e01cd9a3797ad6f
SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036
xen-libs-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 9e42d3e40b90077673e70ce4b6a3cca2
SHA-256: 48f2e8b590b0e2dd5d5c5e46f3fb1185f570f907ef9b0d95d4205aa2ae702e66
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
xen-3.0.3-135.el5_8.5.src.rpm
File outdated by:  RHBA-2013:0846
    MD5: 2c99ad3a594ec584c1aa6447faf44f87
SHA-256: 82ae1d3dd4d06a02275ebca866e200009908191805e94ae22b6a052786c2cbfa
 
IA-32:
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 7df55633aa25c26322e4694a035a00a4
SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-libs-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: f81fb2f9f277ee3d9e01cd9a3797ad6f
SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036
 
x86_64:
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: 7df55633aa25c26322e4694a035a00a4
SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 344a83eca530e53bdc225954f4c3c8d9
SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-libs-3.0.3-135.el5_8.5.i386.rpm
File outdated by:  RHBA-2013:0846
    MD5: f81fb2f9f277ee3d9e01cd9a3797ad6f
SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036
xen-libs-3.0.3-135.el5_8.5.x86_64.rpm
File outdated by:  RHBA-2013:0846
    MD5: 9e42d3e40b90077673e70ce4b6a3cca2
SHA-256: 48f2e8b590b0e2dd5d5c5e46f3fb1185f570f907ef9b0d95d4205aa2ae702e66
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

851252 - CVE-2012-3515 qemu: VT100 emulation vulnerability


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/