Updated qemu-kvm-rhev packages that fix two security issues are nowavailable for Red Hat Enterprise Linux OpenStack Platform 6 and Red HatEnterprise Linux OpenStack Platform 5 for RHEL 7.Red Hat Product Security has rated this update as having Important securityimpact. Common Vulnerability Scoring System (CVSS) base scores, which givedetailed severity ratings, are available for each vulnerability from theCVE links in the References section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution forLinux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides theuser-space component for running virtual machines using KVM.A heap buffer overflow flaw was found in the way QEMU’s IDE subsystemhandled I/O buffer access while processing certain ATAPI commands.A privileged guest user in a guest with the CDROM drive enabled couldpotentially use this flaw to execute arbitrary code on the host with theprivileges of the host’s QEMU process corresponding to the guest.(CVE-2015-5154)An out-of-bounds memory access flaw, leading to memory corruption orpossibly an information leak, was found in QEMU’s pit_ioport_read()function. A privileged guest user in a QEMU guest, which had QEMU PITemulation enabled, could potentially, in rare cases, use this flaw toexecute arbitrary code on the host with the privileges of the hosting QEMUprocess. (CVE-2015-3214)Red Hat would like to thank Matt Tait of Google’s Project Zero securityteam for reporting the CVE-2015-3214 issue. The CVE-2015-5154 issue wasdiscovered by Kevin Wolf of Red Hat.All qemu-kvm-rhev users are advised to upgrade to these updated packages,which contain a backported patch to correct this issue. After installingthis update, shut down all running virtual machines. Once all virtualmachines have shut down, start them again for this update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat OpenStack 5.0 for RHEL 7

SRPMS:
qemu-kvm-rhev-2.1.2-23.el7_1.6.src.rpm
    MD5: c39f7bf32e3abf82ec773a66dda6a933SHA-256: e5aa25f84914c7d028b96a29c7a53446c3e6d71f1b21ed0d5d33cd524597e545
 
x86_64:
libcacard-devel-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: d17c3253a058518ab9d6f1859d37c22cSHA-256: be586b9ec597f13113e7e45bcfd62f5133859fe8729636fd56900815a4bc0d5c
libcacard-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: 655cbbbc51d6caac67fb565f4d607004SHA-256: b64cab66f18245f5ff32faa5970dc0e460e839de1c2efe5564e33f57723a1866
libcacard-tools-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: 31afadc62f5e1101d100cc14e5f83e29SHA-256: 3977e0cc19f37fa948b76cdd1d27e46dfd8fd09cafdf2e1afad2f158dfbf28bc
qemu-img-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: edcba67b80ad91374c54100353d808ddSHA-256: 95861be5a495d6a7571b3ab939151be3818651fdd15200d0b2e07821961c67f8
qemu-kvm-common-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: 37442e9d57a5c450e2d18b5e19635ac4SHA-256: caefb2808458277f8dfb0bbbd13214f9e90266e3128f4d4aa185ab2aa7d30195
qemu-kvm-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: 19ccc36bf056c0ac67dd32e24df830d1SHA-256: db1daea9160f9b6d0664e241f89e52938eba908c7b7df920ff19bbee252a0129
qemu-kvm-rhev-debuginfo-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: e304e222636355497651f1c299c80131SHA-256: 4a325230a8952b3fe193a39ec4065f1ebc347097bfa153595cd7552b510b03f3
qemu-kvm-tools-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: bf53d1ca2fa8dcdba404ce31cdb70dd5SHA-256: 60f8139e7ed8038a830e6ca48b28b2bb1c6acdf59585de097fe21171c897ec42
 
Red Hat OpenStack 6.0 for RHEL 7

SRPMS:
qemu-kvm-rhev-2.1.2-23.el7_1.6.src.rpm
    MD5: c39f7bf32e3abf82ec773a66dda6a933SHA-256: e5aa25f84914c7d028b96a29c7a53446c3e6d71f1b21ed0d5d33cd524597e545
 
x86_64:
libcacard-devel-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: d17c3253a058518ab9d6f1859d37c22cSHA-256: be586b9ec597f13113e7e45bcfd62f5133859fe8729636fd56900815a4bc0d5c
libcacard-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: 655cbbbc51d6caac67fb565f4d607004SHA-256: b64cab66f18245f5ff32faa5970dc0e460e839de1c2efe5564e33f57723a1866
libcacard-tools-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: 31afadc62f5e1101d100cc14e5f83e29SHA-256: 3977e0cc19f37fa948b76cdd1d27e46dfd8fd09cafdf2e1afad2f158dfbf28bc
qemu-img-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: edcba67b80ad91374c54100353d808ddSHA-256: 95861be5a495d6a7571b3ab939151be3818651fdd15200d0b2e07821961c67f8
qemu-kvm-common-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: 37442e9d57a5c450e2d18b5e19635ac4SHA-256: caefb2808458277f8dfb0bbbd13214f9e90266e3128f4d4aa185ab2aa7d30195
qemu-kvm-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: 19ccc36bf056c0ac67dd32e24df830d1SHA-256: db1daea9160f9b6d0664e241f89e52938eba908c7b7df920ff19bbee252a0129
qemu-kvm-rhev-debuginfo-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: e304e222636355497651f1c299c80131SHA-256: 4a325230a8952b3fe193a39ec4065f1ebc347097bfa153595cd7552b510b03f3
qemu-kvm-tools-rhev-2.1.2-23.el7_1.6.x86_64.rpm
    MD5: bf53d1ca2fa8dcdba404ce31cdb70dd5SHA-256: 60f8139e7ed8038a830e6ca48b28b2bb1c6acdf59585de097fe21171c897ec42
 
(The unlinked packages above are only available from the Red Hat Network)
1229640 – CVE-2015-3214 qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function1243563 – CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply