An updated qemu-kvm package that fixes one security issue and one bug isnow available for Red Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having Important securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution forLinux on AMD64 and Intel 64 systems. The qemu-kvm package provides theuser-space component for running virtual machines using KVM.It was found that the Cirrus blit region checks were insufficient. Aprivileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host’s QEMU process address space withattacker-provided data. (CVE-2014-8106)This issue was found by Paolo Bonzini of Red Hat.This update also fixes the following bug:* Previously, the effective downtime during the last phase of a livemigration would sometimes be much higher than the maximum downtimespecified by ‘migration_downtime’ in vdsm.conf. This problem has beencorrected. The value of ‘migration_downtime’ is now honored and themigration is aborted if the downtime cannot be achieved. (BZ#1142756)All qemu-kvm users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. After installing thisupdate, shut down all running virtual machines. Once all virtual machineshave shut down, start them again for this update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.2.src.rpm
    MD5: 4c502f16c62d7c03094863a040cc9455SHA-256: df9d02c465066df0a215be037b90d161ebd6c17c6d00c79af651f2ca89a92fcd
 
IA-32:
qemu-guest-agent-0.12.1.2-2.448.el6_6.2.i686.rpm
    MD5: 8f5a2e1d2e97327ba3525ca38293a155SHA-256: c3fef899002937f4bfcd355a5c4e21f0753ebdeb299b8290ff28bfbff64b39be
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.2.i686.rpm
    MD5: 2cae0732087168ab13dea95b0a4319cfSHA-256: f4cd4d2fae805cef7781132fe348c130d93d251c07170e66af4357681d5278b1
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 1265daa073c021ca822afbde4a5e5615SHA-256: 692cc973218f28aecdadef905e2df7208c0239525dec0da040c2b01d82049f0e
qemu-img-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 470eff527c6adec342addedb82be2f5fSHA-256: 34faaf2e6e22bc9e683824329d7dc634cf4305694c74d45895a5a9e3fc5b9b93
qemu-kvm-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d4fd1cc13a2939df96ae36f176725661SHA-256: 8848031c934963a36e8fdff712b72eeda1dbc01f2eed2def03e6782a4313523d
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d8085508eda58f18f102dadcc94191faSHA-256: 85dc21ce0ab07db39c73170f5c35beaa928db78eae49cf03b668c00a1ebef798
qemu-kvm-tools-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 6ec9791d34ebebf388b7daab16e28d97SHA-256: 6896c4a5a51170b6b04bfafd0dd38ec02642f18b96e1a2b096219edf2b72ba49
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.2.src.rpm
    MD5: 4c502f16c62d7c03094863a040cc9455SHA-256: df9d02c465066df0a215be037b90d161ebd6c17c6d00c79af651f2ca89a92fcd
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 1265daa073c021ca822afbde4a5e5615SHA-256: 692cc973218f28aecdadef905e2df7208c0239525dec0da040c2b01d82049f0e
qemu-img-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 470eff527c6adec342addedb82be2f5fSHA-256: 34faaf2e6e22bc9e683824329d7dc634cf4305694c74d45895a5a9e3fc5b9b93
qemu-kvm-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d4fd1cc13a2939df96ae36f176725661SHA-256: 8848031c934963a36e8fdff712b72eeda1dbc01f2eed2def03e6782a4313523d
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d8085508eda58f18f102dadcc94191faSHA-256: 85dc21ce0ab07db39c73170f5c35beaa928db78eae49cf03b668c00a1ebef798
qemu-kvm-tools-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 6ec9791d34ebebf388b7daab16e28d97SHA-256: 6896c4a5a51170b6b04bfafd0dd38ec02642f18b96e1a2b096219edf2b72ba49
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.2.src.rpm
    MD5: 4c502f16c62d7c03094863a040cc9455SHA-256: df9d02c465066df0a215be037b90d161ebd6c17c6d00c79af651f2ca89a92fcd
 
IA-32:
qemu-guest-agent-0.12.1.2-2.448.el6_6.2.i686.rpm
    MD5: 8f5a2e1d2e97327ba3525ca38293a155SHA-256: c3fef899002937f4bfcd355a5c4e21f0753ebdeb299b8290ff28bfbff64b39be
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.2.i686.rpm
    MD5: 2cae0732087168ab13dea95b0a4319cfSHA-256: f4cd4d2fae805cef7781132fe348c130d93d251c07170e66af4357681d5278b1
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 1265daa073c021ca822afbde4a5e5615SHA-256: 692cc973218f28aecdadef905e2df7208c0239525dec0da040c2b01d82049f0e
qemu-img-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 470eff527c6adec342addedb82be2f5fSHA-256: 34faaf2e6e22bc9e683824329d7dc634cf4305694c74d45895a5a9e3fc5b9b93
qemu-kvm-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d4fd1cc13a2939df96ae36f176725661SHA-256: 8848031c934963a36e8fdff712b72eeda1dbc01f2eed2def03e6782a4313523d
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d8085508eda58f18f102dadcc94191faSHA-256: 85dc21ce0ab07db39c73170f5c35beaa928db78eae49cf03b668c00a1ebef798
qemu-kvm-tools-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 6ec9791d34ebebf388b7daab16e28d97SHA-256: 6896c4a5a51170b6b04bfafd0dd38ec02642f18b96e1a2b096219edf2b72ba49
 
Red Hat Enterprise Linux Server EUS (v. 6.6.z)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.2.src.rpm
    MD5: 4c502f16c62d7c03094863a040cc9455SHA-256: df9d02c465066df0a215be037b90d161ebd6c17c6d00c79af651f2ca89a92fcd
 
IA-32:
qemu-guest-agent-0.12.1.2-2.448.el6_6.2.i686.rpm
    MD5: 8f5a2e1d2e97327ba3525ca38293a155SHA-256: c3fef899002937f4bfcd355a5c4e21f0753ebdeb299b8290ff28bfbff64b39be
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.2.i686.rpm
    MD5: 2cae0732087168ab13dea95b0a4319cfSHA-256: f4cd4d2fae805cef7781132fe348c130d93d251c07170e66af4357681d5278b1
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 1265daa073c021ca822afbde4a5e5615SHA-256: 692cc973218f28aecdadef905e2df7208c0239525dec0da040c2b01d82049f0e
qemu-img-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 470eff527c6adec342addedb82be2f5fSHA-256: 34faaf2e6e22bc9e683824329d7dc634cf4305694c74d45895a5a9e3fc5b9b93
qemu-kvm-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d4fd1cc13a2939df96ae36f176725661SHA-256: 8848031c934963a36e8fdff712b72eeda1dbc01f2eed2def03e6782a4313523d
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d8085508eda58f18f102dadcc94191faSHA-256: 85dc21ce0ab07db39c73170f5c35beaa928db78eae49cf03b668c00a1ebef798
qemu-kvm-tools-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 6ec9791d34ebebf388b7daab16e28d97SHA-256: 6896c4a5a51170b6b04bfafd0dd38ec02642f18b96e1a2b096219edf2b72ba49
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.2.src.rpm
    MD5: 4c502f16c62d7c03094863a040cc9455SHA-256: df9d02c465066df0a215be037b90d161ebd6c17c6d00c79af651f2ca89a92fcd
 
IA-32:
qemu-guest-agent-0.12.1.2-2.448.el6_6.2.i686.rpm
    MD5: 8f5a2e1d2e97327ba3525ca38293a155SHA-256: c3fef899002937f4bfcd355a5c4e21f0753ebdeb299b8290ff28bfbff64b39be
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.2.i686.rpm
    MD5: 2cae0732087168ab13dea95b0a4319cfSHA-256: f4cd4d2fae805cef7781132fe348c130d93d251c07170e66af4357681d5278b1
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 1265daa073c021ca822afbde4a5e5615SHA-256: 692cc973218f28aecdadef905e2df7208c0239525dec0da040c2b01d82049f0e
qemu-img-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 470eff527c6adec342addedb82be2f5fSHA-256: 34faaf2e6e22bc9e683824329d7dc634cf4305694c74d45895a5a9e3fc5b9b93
qemu-kvm-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d4fd1cc13a2939df96ae36f176725661SHA-256: 8848031c934963a36e8fdff712b72eeda1dbc01f2eed2def03e6782a4313523d
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: d8085508eda58f18f102dadcc94191faSHA-256: 85dc21ce0ab07db39c73170f5c35beaa928db78eae49cf03b668c00a1ebef798
qemu-kvm-tools-0.12.1.2-2.448.el6_6.2.x86_64.rpm
    MD5: 6ec9791d34ebebf388b7daab16e28d97SHA-256: 6896c4a5a51170b6b04bfafd0dd38ec02642f18b96e1a2b096219edf2b72ba49
 
(The unlinked packages above are only available from the Red Hat Network)
1169454 – CVE-2014-8106 qemu: cirrus: insufficient blit region checks

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply