Updated qemu-kvm packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having Moderatesecurity impact. Common Vulnerability Scoring System (CVSS) base scores,which give detailed severity ratings, are available for each vulnerabilityfrom the CVE links in the References section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution forLinux on AMD64 and Intel 64 systems. The qemu-kvm package provides theuser-space component for running virtual machines using KVM.Multiple integer overflow, input validation, logic error, and bufferoverflow flaws were discovered in various QEMU block drivers. An attackerable to modify a disk image file loaded by a guest could use these flaws tocrash the guest, or corrupt QEMU process memory on the host, potentiallyresulting in arbitrary code execution on the host with the privileges ofthe QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145,CVE-2014-0147)A buffer overflow flaw was found in the way the virtio_net_handle_mac()function of QEMU processed guest requests to update the table of MACaddresses. A privileged guest user could use this flaw to corrupt QEMUprocess memory on the host, potentially resulting in arbitrary codeexecution on the host with the privileges of the QEMU process.(CVE-2014-0150)A divide-by-zero flaw was found in the seek_to_sector() function of theparallels block driver in QEMU. An attacker able to modify a disk imagefile loaded by a guest could use this flaw to crash the guest.(CVE-2014-0142)A NULL pointer dereference flaw was found in the QCOW2 block driver inQEMU. An attacker able to modify a disk image file loaded by a guest coulduse this flaw to crash the guest. (CVE-2014-0146)It was found that the block driver for Hyper-V VHDX images did notcorrectly calculate BAT (Block Allocation Table) entries due to a missingbounds check. An attacker able to modify a disk image file loaded by aguest could use this flaw to crash the guest. (CVE-2014-0148)The CVE-2014-0143 issues were discovered by Kevin Wolf and Stefan Hajnocziof Red Hat, the CVE-2014-0144 issues were discovered by Fam Zheng, JeffCody, Kevin Wolf, and Stefan Hajnoczi of Red Hat, the CVE-2014-0145 issueswere discovered by Stefan Hajnoczi of Red Hat, the CVE-2014-0150 issue wasdiscovered by Michael S. Tsirkin of Red Hat, the CVE-2014-0142,CVE-2014-0146, and CVE-2014-0147 issues were discovered by Kevin Wolf ofRed Hat, and the CVE-2014-0148 issue was discovered by Jeff Cody ofRed Hat.All qemu-kvm users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. After installing thisupdate, shut down all running virtual machines. Once all virtual machineshave shut down, start them again for this update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/site/articles/11258Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.415.el6_5.8.src.rpm
    MD5: 961ae1183c1d8127143a46b4b750f572SHA-256: 090f04048fe50722e431dcb32bf5ca1ae84c701f43daf5effdd91a11070037e9
 
IA-32:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.i686.rpm
    MD5: 3df4c1556e102ec9e49a27ff2d4d6b94SHA-256: ee9eb55df58db6afc144d0020f6b54199009308e0c4bfcb990b50fadc79819b9
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.i686.rpm
    MD5: ad2a2e1583406502c9375f9e1f559397SHA-256: a2be27bf75be08ba7ccdd4f20fe232bc4bd2c24ed55c5c832a2353fba29a8923
 
x86_64:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 1e55c881e2b5297ff45e3a9cfe086f5dSHA-256: 26b73a206ed7d614fc0eabb4c7cfc0d2e5d34caa3e4d562b8f384d03fbfd8fcb
qemu-img-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 633a5fc0052ea65581850acd3ec3950fSHA-256: 5d404c10951670b5ffc961d0fd682ed7947473e18657ecc6adc8a4fa4c90f4a4
qemu-kvm-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: e24808b69ebe5d96fa853ca24e27b79cSHA-256: 332289fb9a1de5029593b2a511ca193a2662184916572c8c25fd9c23021d21e1
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 8d8c7532bdddbcbff221b7caf735c75fSHA-256: d21e2cf5bbedc2bd19b7639b9f37a2761c3a088aa1a0e7ff8abc6f623801c2c0
qemu-kvm-tools-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: be729555ca05a7dbf02c893b7c092e1aSHA-256: 19dfb5cb4a03570dffce226b1045618dee2be0e839d6ef4d057eb5375c953492
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.415.el6_5.8.src.rpm
    MD5: 961ae1183c1d8127143a46b4b750f572SHA-256: 090f04048fe50722e431dcb32bf5ca1ae84c701f43daf5effdd91a11070037e9
 
x86_64:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 1e55c881e2b5297ff45e3a9cfe086f5dSHA-256: 26b73a206ed7d614fc0eabb4c7cfc0d2e5d34caa3e4d562b8f384d03fbfd8fcb
qemu-img-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 633a5fc0052ea65581850acd3ec3950fSHA-256: 5d404c10951670b5ffc961d0fd682ed7947473e18657ecc6adc8a4fa4c90f4a4
qemu-kvm-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: e24808b69ebe5d96fa853ca24e27b79cSHA-256: 332289fb9a1de5029593b2a511ca193a2662184916572c8c25fd9c23021d21e1
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 8d8c7532bdddbcbff221b7caf735c75fSHA-256: d21e2cf5bbedc2bd19b7639b9f37a2761c3a088aa1a0e7ff8abc6f623801c2c0
qemu-kvm-tools-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: be729555ca05a7dbf02c893b7c092e1aSHA-256: 19dfb5cb4a03570dffce226b1045618dee2be0e839d6ef4d057eb5375c953492
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.415.el6_5.8.src.rpm
    MD5: 961ae1183c1d8127143a46b4b750f572SHA-256: 090f04048fe50722e431dcb32bf5ca1ae84c701f43daf5effdd91a11070037e9
 
IA-32:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.i686.rpm
    MD5: 3df4c1556e102ec9e49a27ff2d4d6b94SHA-256: ee9eb55df58db6afc144d0020f6b54199009308e0c4bfcb990b50fadc79819b9
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.i686.rpm
    MD5: ad2a2e1583406502c9375f9e1f559397SHA-256: a2be27bf75be08ba7ccdd4f20fe232bc4bd2c24ed55c5c832a2353fba29a8923
 
x86_64:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 1e55c881e2b5297ff45e3a9cfe086f5dSHA-256: 26b73a206ed7d614fc0eabb4c7cfc0d2e5d34caa3e4d562b8f384d03fbfd8fcb
qemu-img-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 633a5fc0052ea65581850acd3ec3950fSHA-256: 5d404c10951670b5ffc961d0fd682ed7947473e18657ecc6adc8a4fa4c90f4a4
qemu-kvm-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: e24808b69ebe5d96fa853ca24e27b79cSHA-256: 332289fb9a1de5029593b2a511ca193a2662184916572c8c25fd9c23021d21e1
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 8d8c7532bdddbcbff221b7caf735c75fSHA-256: d21e2cf5bbedc2bd19b7639b9f37a2761c3a088aa1a0e7ff8abc6f623801c2c0
qemu-kvm-tools-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: be729555ca05a7dbf02c893b7c092e1aSHA-256: 19dfb5cb4a03570dffce226b1045618dee2be0e839d6ef4d057eb5375c953492
 
Red Hat Enterprise Linux Server AUS (v. 6.5)

SRPMS:
qemu-kvm-0.12.1.2-2.415.el6_5.8.src.rpm
    MD5: 961ae1183c1d8127143a46b4b750f572SHA-256: 090f04048fe50722e431dcb32bf5ca1ae84c701f43daf5effdd91a11070037e9
 
x86_64:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 1e55c881e2b5297ff45e3a9cfe086f5dSHA-256: 26b73a206ed7d614fc0eabb4c7cfc0d2e5d34caa3e4d562b8f384d03fbfd8fcb
qemu-img-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 633a5fc0052ea65581850acd3ec3950fSHA-256: 5d404c10951670b5ffc961d0fd682ed7947473e18657ecc6adc8a4fa4c90f4a4
qemu-kvm-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: e24808b69ebe5d96fa853ca24e27b79cSHA-256: 332289fb9a1de5029593b2a511ca193a2662184916572c8c25fd9c23021d21e1
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 8d8c7532bdddbcbff221b7caf735c75fSHA-256: d21e2cf5bbedc2bd19b7639b9f37a2761c3a088aa1a0e7ff8abc6f623801c2c0
qemu-kvm-tools-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: be729555ca05a7dbf02c893b7c092e1aSHA-256: 19dfb5cb4a03570dffce226b1045618dee2be0e839d6ef4d057eb5375c953492
 
Red Hat Enterprise Linux Server EUS (v. 6.5.z)

SRPMS:
qemu-kvm-0.12.1.2-2.415.el6_5.8.src.rpm
    MD5: 961ae1183c1d8127143a46b4b750f572SHA-256: 090f04048fe50722e431dcb32bf5ca1ae84c701f43daf5effdd91a11070037e9
 
IA-32:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.i686.rpm
    MD5: 3df4c1556e102ec9e49a27ff2d4d6b94SHA-256: ee9eb55df58db6afc144d0020f6b54199009308e0c4bfcb990b50fadc79819b9
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.i686.rpm
    MD5: ad2a2e1583406502c9375f9e1f559397SHA-256: a2be27bf75be08ba7ccdd4f20fe232bc4bd2c24ed55c5c832a2353fba29a8923
 
x86_64:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 1e55c881e2b5297ff45e3a9cfe086f5dSHA-256: 26b73a206ed7d614fc0eabb4c7cfc0d2e5d34caa3e4d562b8f384d03fbfd8fcb
qemu-img-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 633a5fc0052ea65581850acd3ec3950fSHA-256: 5d404c10951670b5ffc961d0fd682ed7947473e18657ecc6adc8a4fa4c90f4a4
qemu-kvm-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: e24808b69ebe5d96fa853ca24e27b79cSHA-256: 332289fb9a1de5029593b2a511ca193a2662184916572c8c25fd9c23021d21e1
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 8d8c7532bdddbcbff221b7caf735c75fSHA-256: d21e2cf5bbedc2bd19b7639b9f37a2761c3a088aa1a0e7ff8abc6f623801c2c0
qemu-kvm-tools-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: be729555ca05a7dbf02c893b7c092e1aSHA-256: 19dfb5cb4a03570dffce226b1045618dee2be0e839d6ef4d057eb5375c953492
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.415.el6_5.8.src.rpm
    MD5: 961ae1183c1d8127143a46b4b750f572SHA-256: 090f04048fe50722e431dcb32bf5ca1ae84c701f43daf5effdd91a11070037e9
 
IA-32:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.i686.rpm
    MD5: 3df4c1556e102ec9e49a27ff2d4d6b94SHA-256: ee9eb55df58db6afc144d0020f6b54199009308e0c4bfcb990b50fadc79819b9
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.i686.rpm
    MD5: ad2a2e1583406502c9375f9e1f559397SHA-256: a2be27bf75be08ba7ccdd4f20fe232bc4bd2c24ed55c5c832a2353fba29a8923
 
x86_64:
qemu-guest-agent-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 1e55c881e2b5297ff45e3a9cfe086f5dSHA-256: 26b73a206ed7d614fc0eabb4c7cfc0d2e5d34caa3e4d562b8f384d03fbfd8fcb
qemu-img-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 633a5fc0052ea65581850acd3ec3950fSHA-256: 5d404c10951670b5ffc961d0fd682ed7947473e18657ecc6adc8a4fa4c90f4a4
qemu-kvm-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: e24808b69ebe5d96fa853ca24e27b79cSHA-256: 332289fb9a1de5029593b2a511ca193a2662184916572c8c25fd9c23021d21e1
qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: 8d8c7532bdddbcbff221b7caf735c75fSHA-256: d21e2cf5bbedc2bd19b7639b9f37a2761c3a088aa1a0e7ff8abc6f623801c2c0
qemu-kvm-tools-0.12.1.2-2.415.el6_5.8.x86_64.rpm
    MD5: be729555ca05a7dbf02c893b7c092e1aSHA-256: 19dfb5cb4a03570dffce226b1045618dee2be0e839d6ef4d057eb5375c953492
 
(The unlinked packages above are only available from the Red Hat Network)
1078201 – CVE-2014-0142 qemu: crash by possible division by zero1078212 – CVE-2014-0148 Qemu: vhdx: bounds checking for block_size and logical_sector_size1078232 – CVE-2014-0146 Qemu: qcow2: NULL dereference in qcow2_open() error path1078846 – CVE-2014-0150 qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function1078848 – CVE-2014-0147 Qemu: block: possible crash due signed types or logic error1078885 – CVE-2014-0145 Qemu: prevent possible buffer overflows1079140 – CVE-2014-0143 Qemu: block: multiple integer overflow flaws1079240 – CVE-2014-0144 Qemu: block: missing input validation

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply