drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in kvm
Name: |
Zwei Probleme in kvm |
|
ID: |
RHSA-2017:0454-01 |
|
Distribution: |
Red Hat |
|
Plattformen: |
Red Hat Enterprise Linux |
|
Datum: |
Mi, 8. März 2017, 06:24 |
|
Referenzen: |
https://access.redhat.com/security/cve/CVE-2017-2615
https://access.redhat.com/security/cve/CVE-2017-2620 |
|
Applikationen: |
Linux |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kvm security update Advisory ID: RHSA-2017:0454-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0454.html Issue date: 2017-03-07 CVE Names: CVE-2017-2615 CVE-2017-2620 =====================================================================
1. Summary:
An update for kvm is now available for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Multi OS (v. 5 client) - x86_64 Red Hat Enterprise Linux Virtualization (v. 5 server) - x86_64
3. Description:
KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc.
Security Fix(es):
* Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. (CVE-2017-2615)
* Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. (CVE-2017-2620)
Red Hat would like to thank Wjjzhang (Tencent.com Inc.) and Li Qiang (360.cn Inc.) for reporting CVE-2017-2615.
4. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
Note: The procedure in the Solution section must be performed before this update will take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1418200 - CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode 1420484 - CVE-2017-2620 Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo
6. Package List:
Red Hat Enterprise Linux Desktop Multi OS (v. 5 client):
Source: kvm-83-277.el5_11.src.rpm
x86_64: kmod-kvm-83-277.el5_11.x86_64.rpm kmod-kvm-debug-83-277.el5_11.x86_64.rpm kvm-83-277.el5_11.x86_64.rpm kvm-debuginfo-83-277.el5_11.x86_64.rpm kvm-qemu-img-83-277.el5_11.x86_64.rpm kvm-tools-83-277.el5_11.x86_64.rpm
Red Hat Enterprise Linux Virtualization (v. 5 server):
Source: kvm-83-277.el5_11.src.rpm
x86_64: kmod-kvm-83-277.el5_11.x86_64.rpm kmod-kvm-debug-83-277.el5_11.x86_64.rpm kvm-83-277.el5_11.x86_64.rpm kvm-debuginfo-83-277.el5_11.x86_64.rpm kvm-qemu-img-83-277.el5_11.x86_64.rpm kvm-tools-83-277.el5_11.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2017-2615 https://access.redhat.com/security/cve/CVE-2017-2620 https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFYvpbiXlSAg2UNWIIRApHSAJ9IfMJsxpXxxdsUI0NFoMcuBYBZtQCfZt2X tHRNJqedRPYZzgtRGRNtzSU= =8TuI -----END PGP SIGNATURE-----
-- Enterprise-watch-list mailing list Enterprise-watch-list@redhat.com https://www.redhat.com/mailman/listinfo/enterprise-watch-list
|
|
|
|