Updated qemu-kvm-rhev packages that fix one security issue are nowavailable for Red Hat Enterprise Virtualization 3.5.Red Hat Product Security has rated this update as having Important securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution forLinux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides theuser-space component for running virtual machines using KVM.A flaw was found in the way QEMU’s AMD PCnet Ethernet emulation handledmulti-TMD packets with a length above 4096 bytes. A privileged guest userin a guest with an AMD PCNet ethernet card enabled could potentially usethis flaw to execute arbitrary code on the host with the privileges of thehosting QEMU process. (CVE-2015-3209)Red Hat would like to thank Matt Tait of Google’s Project Zero securityteam for reporting this issue.All qemu-kvm-rhev users are advised to upgrade to these updated packages,which contain a backported patch to correct this issue. After installingthis update, shut down all running virtual machines. Once all virtualmachines have shut down, start them again for this update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Virtualization 3

SRPMS:
qemu-kvm-rhev-0.12.1.2-2.448.el6_6.4.src.rpm
    MD5: 599699e5909f401fa3b62ba05ed5549bSHA-256: ac210c865a049dbbd56956ac97979266832bdc3ec357598dca970ca2f34b9cef
 
x86_64:
qemu-img-rhev-0.12.1.2-2.448.el6_6.4.x86_64.rpm
    MD5: 4284f791e6f1c8aed6418d3e0911f890SHA-256: e2cf7f0c3851a3c2dcfb4a4c02ce3667d5c5c11023ab3c3f6f1e67ab4d459291
qemu-kvm-rhev-0.12.1.2-2.448.el6_6.4.x86_64.rpm
    MD5: 5c00d3fbfff4f3280922f04040935b7bSHA-256: 3389628f7edda6b985e33fe59e49badb4db9a08eedb3ea13fd29f2345be77590
qemu-kvm-rhev-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm
    MD5: e733d7635fe547e4e77594d466a03395SHA-256: 8e3d08456a951b46e392ab4e355c1eed56737e3f1f118b158cdb051a60e26b1c
qemu-kvm-rhev-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm
    MD5: d269569aaa4655068e7abe89417277e1SHA-256: db2701d2b089a7d2f743ee999f0faf71793b9c8180b6164d5f8a6773da8262d6
 
(The unlinked packages above are only available from the Red Hat Network)
1225882 – CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply