Sicherheit: Zwei Probleme in kvm
||Zwei Probleme in kvm
||Red Hat Enterprise Linux
||Mi, 8. März 2017, 06:24
-----BEGIN PGP SIGNED MESSAGE-----
Red Hat Security Advisory
Synopsis: Important: kvm security update
Advisory ID: RHSA-2017:0454-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0454.html
Issue date: 2017-03-07
CVE Names: CVE-2017-2615 CVE-2017-2620
An update for kvm is now available for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Multi OS (v. 5 client) - x86_64
Red Hat Enterprise Linux Virtualization (v. 5 server) - x86_64
KVM (for Kernel-based Virtual Machine) is a full virtualization solution
for Linux on x86 hardware. Using KVM, one can run multiple virtual machines
running unmodified Linux or Windows images. Each virtual machine has
private virtualized hardware: a network card, disk, graphics adapter, etc.
* Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator
support is vulnerable to an out-of-bounds access issue. It could occur
while copying VGA data via bitblt copy in backward mode. A privileged user
inside a guest could use this flaw to crash the QEMU process resulting in
DoS or potentially execute arbitrary code on the host with privileges of
QEMU process on the host. (CVE-2017-2615)
* Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA Emulator
support is vulnerable to an out-of-bounds access issue. The issue could
occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user
inside guest could use this flaw to crash the QEMU process OR potentially
execute arbitrary code on host with privileges of the QEMU process.
Red Hat would like to thank Wjjzhang (Tencent.com Inc.) and Li Qiang
(360.cn Inc.) for reporting CVE-2017-2615.
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
Note: The procedure in the Solution section must be performed before this
update will take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1418200 - CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt
copy backward mode
1420484 - CVE-2017-2620 Qemu: display: cirrus: potential arbitrary code
execution via cirrus_bitblt_cputovideo
6. Package List:
Red Hat Enterprise Linux Desktop Multi OS (v. 5 client):
Red Hat Enterprise Linux Virtualization (v. 5 server):
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
The Red Hat security contact is <firstname.lastname@example.org>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
Enterprise-watch-list mailing list