Updated qemu-kvm packages that fix one security issue are now available forRed Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having Important securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution forLinux on AMD64 and Intel 64 systems. The qemu-kvm package provides theuser-space component for running virtual machines using KVM.An out-of-bounds memory access flaw was found in the way QEMU’s virtualFloppy Disk Controller (FDC) handled FIFO buffer access while processingcertain FDC commands. A privileged guest user could use this flaw to crashthe guest or, potentially, execute arbitrary code on the host with theprivileges of the host’s QEMU process corresponding to the guest.(CVE-2015-3456)Red Hat would like to thank Jason Geffner of CrowdStrike for reportingthis issue.All qemu-kvm users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. After installing thisupdate, shut down all running virtual machines. Once all virtual machineshave shut down, start them again for this update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.3.src.rpm
    MD5: 4b66646b62d2b8bf1c768b7a80a0fbebSHA-256: 2eb95cecba24ecdddd325f0d69949cb29bb736eae272fc6b475b1eb785ca505e
 
IA-32:
qemu-guest-agent-0.12.1.2-2.448.el6_6.3.i686.rpm
    MD5: 129ef84ca3fff3021dcc520bf2ea994dSHA-256: 4cc58e3fb1c5719b7599ba0736625fa2b6eef6a00a012d8dc57a7fca083913c7
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.3.i686.rpm
    MD5: 7cf12f7d4e1fc2ad02ec50834fbc2cc9SHA-256: 349591a12f40774d3ee4b074f8ecaa5e7446a87ca335cbd6be07bc90c19cc5c8
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a970e3298d2accc267495aa233c06261SHA-256: 1115c57c00d087511962d9ff3ae7180468fd9c24317244153f30c295877ad297
qemu-img-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: c2f1b73b1024b177dd5318bfa9c113c6SHA-256: 3af9b21ea9bd7954cee40999561a60a4031afe0f30676a3c30a62b98ea986c53
qemu-kvm-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a4752eb0e4fd347391cc00f909158097SHA-256: 779ceb5c9804fa51e40ad75dfc81ae0a33b097099a396d988d1444a04fecf517
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: 9a262f3fee3077391a4a3f9eb179b830SHA-256: 1626f7e216eacce4f646a168a3146a4a6ec0fea5fe0fc82a3b2da1274267f1fb
qemu-kvm-tools-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: b80549d166632f7ee2943e9c2f5d64e8SHA-256: b6371b1882e3c79259c36d2296be2e24b0eefc48856ee71cfafa38694cc9a91b
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.3.src.rpm
    MD5: 4b66646b62d2b8bf1c768b7a80a0fbebSHA-256: 2eb95cecba24ecdddd325f0d69949cb29bb736eae272fc6b475b1eb785ca505e
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a970e3298d2accc267495aa233c06261SHA-256: 1115c57c00d087511962d9ff3ae7180468fd9c24317244153f30c295877ad297
qemu-img-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: c2f1b73b1024b177dd5318bfa9c113c6SHA-256: 3af9b21ea9bd7954cee40999561a60a4031afe0f30676a3c30a62b98ea986c53
qemu-kvm-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a4752eb0e4fd347391cc00f909158097SHA-256: 779ceb5c9804fa51e40ad75dfc81ae0a33b097099a396d988d1444a04fecf517
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: 9a262f3fee3077391a4a3f9eb179b830SHA-256: 1626f7e216eacce4f646a168a3146a4a6ec0fea5fe0fc82a3b2da1274267f1fb
qemu-kvm-tools-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: b80549d166632f7ee2943e9c2f5d64e8SHA-256: b6371b1882e3c79259c36d2296be2e24b0eefc48856ee71cfafa38694cc9a91b
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.3.src.rpm
    MD5: 4b66646b62d2b8bf1c768b7a80a0fbebSHA-256: 2eb95cecba24ecdddd325f0d69949cb29bb736eae272fc6b475b1eb785ca505e
 
IA-32:
qemu-guest-agent-0.12.1.2-2.448.el6_6.3.i686.rpm
    MD5: 129ef84ca3fff3021dcc520bf2ea994dSHA-256: 4cc58e3fb1c5719b7599ba0736625fa2b6eef6a00a012d8dc57a7fca083913c7
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.3.i686.rpm
    MD5: 7cf12f7d4e1fc2ad02ec50834fbc2cc9SHA-256: 349591a12f40774d3ee4b074f8ecaa5e7446a87ca335cbd6be07bc90c19cc5c8
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a970e3298d2accc267495aa233c06261SHA-256: 1115c57c00d087511962d9ff3ae7180468fd9c24317244153f30c295877ad297
qemu-img-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: c2f1b73b1024b177dd5318bfa9c113c6SHA-256: 3af9b21ea9bd7954cee40999561a60a4031afe0f30676a3c30a62b98ea986c53
qemu-kvm-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a4752eb0e4fd347391cc00f909158097SHA-256: 779ceb5c9804fa51e40ad75dfc81ae0a33b097099a396d988d1444a04fecf517
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: 9a262f3fee3077391a4a3f9eb179b830SHA-256: 1626f7e216eacce4f646a168a3146a4a6ec0fea5fe0fc82a3b2da1274267f1fb
qemu-kvm-tools-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: b80549d166632f7ee2943e9c2f5d64e8SHA-256: b6371b1882e3c79259c36d2296be2e24b0eefc48856ee71cfafa38694cc9a91b
 
Red Hat Enterprise Linux Server EUS (v. 6.6.z)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.3.src.rpm
    MD5: 4b66646b62d2b8bf1c768b7a80a0fbebSHA-256: 2eb95cecba24ecdddd325f0d69949cb29bb736eae272fc6b475b1eb785ca505e
 
IA-32:
qemu-guest-agent-0.12.1.2-2.448.el6_6.3.i686.rpm
    MD5: 129ef84ca3fff3021dcc520bf2ea994dSHA-256: 4cc58e3fb1c5719b7599ba0736625fa2b6eef6a00a012d8dc57a7fca083913c7
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.3.i686.rpm
    MD5: 7cf12f7d4e1fc2ad02ec50834fbc2cc9SHA-256: 349591a12f40774d3ee4b074f8ecaa5e7446a87ca335cbd6be07bc90c19cc5c8
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a970e3298d2accc267495aa233c06261SHA-256: 1115c57c00d087511962d9ff3ae7180468fd9c24317244153f30c295877ad297
qemu-img-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: c2f1b73b1024b177dd5318bfa9c113c6SHA-256: 3af9b21ea9bd7954cee40999561a60a4031afe0f30676a3c30a62b98ea986c53
qemu-kvm-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a4752eb0e4fd347391cc00f909158097SHA-256: 779ceb5c9804fa51e40ad75dfc81ae0a33b097099a396d988d1444a04fecf517
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: 9a262f3fee3077391a4a3f9eb179b830SHA-256: 1626f7e216eacce4f646a168a3146a4a6ec0fea5fe0fc82a3b2da1274267f1fb
qemu-kvm-tools-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: b80549d166632f7ee2943e9c2f5d64e8SHA-256: b6371b1882e3c79259c36d2296be2e24b0eefc48856ee71cfafa38694cc9a91b
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
qemu-kvm-0.12.1.2-2.448.el6_6.3.src.rpm
    MD5: 4b66646b62d2b8bf1c768b7a80a0fbebSHA-256: 2eb95cecba24ecdddd325f0d69949cb29bb736eae272fc6b475b1eb785ca505e
 
IA-32:
qemu-guest-agent-0.12.1.2-2.448.el6_6.3.i686.rpm
    MD5: 129ef84ca3fff3021dcc520bf2ea994dSHA-256: 4cc58e3fb1c5719b7599ba0736625fa2b6eef6a00a012d8dc57a7fca083913c7
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.3.i686.rpm
    MD5: 7cf12f7d4e1fc2ad02ec50834fbc2cc9SHA-256: 349591a12f40774d3ee4b074f8ecaa5e7446a87ca335cbd6be07bc90c19cc5c8
 
x86_64:
qemu-guest-agent-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a970e3298d2accc267495aa233c06261SHA-256: 1115c57c00d087511962d9ff3ae7180468fd9c24317244153f30c295877ad297
qemu-img-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: c2f1b73b1024b177dd5318bfa9c113c6SHA-256: 3af9b21ea9bd7954cee40999561a60a4031afe0f30676a3c30a62b98ea986c53
qemu-kvm-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: a4752eb0e4fd347391cc00f909158097SHA-256: 779ceb5c9804fa51e40ad75dfc81ae0a33b097099a396d988d1444a04fecf517
qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: 9a262f3fee3077391a4a3f9eb179b830SHA-256: 1626f7e216eacce4f646a168a3146a4a6ec0fea5fe0fc82a3b2da1274267f1fb
qemu-kvm-tools-0.12.1.2-2.448.el6_6.3.x86_64.rpm
    MD5: b80549d166632f7ee2943e9c2f5d64e8SHA-256: b6371b1882e3c79259c36d2296be2e24b0eefc48856ee71cfafa38694cc9a91b
 
(The unlinked packages above are only available from the Red Hat Network)
1218611 – CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply