An update for qemu-kvm-rhev is now available for RHEV-H and Agents for RHEL-6.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linuxon AMD64 and Intel 64 systems.

The qemu-kvm-rhev package provides the user-spacecomponent for running virtual machines using KVM in environments managed by RedHat Enterprise Virtualization Manager.Security Fix(es):* An out-of-bounds read/write access flaw was found in the way QEMU’s VGAemulation with VESA BIOS Extensions (VBE) support performed read/writeoperations using I/O port methods.

A privileged guest user could use this flawto execute arbitrary code on the host with the privileges of the host’s QEMUprocess. (CVE-2016-3710)Red Hat would like to thank Wei Xiao (360 Marvel Team) and Qinghao Tang (360Marvel Team) for reporting this issue.
For details on how to apply this update, which includes the changes described inthis advisory, refer to: installing this update, shut down all running virtual machines. Once allvirtual machines have shut down, start them again for this update to takeeffect.Red Hat Enterprise Virtualization 3

    MD5: 2afbf76aeaf500850ce21089ab0827a1SHA-256: ba4147116e4fa9d473aea1e976b11e06d762919a76e19738355578620a3925a6
    MD5: 6ed6deaf9832c5efffc0e9249aaae33aSHA-256: 641056376f8292abbdf13b1bd976a001a2c190418e2e9a3261cea6f05ab9405f
    MD5: 18ea43c052f77a41b0a8ef0d8b813b9aSHA-256: 47218c781001fa0042028408d2e379815d2a00ca462c1b05d615ee2f6153515e
    MD5: ca24aafcbe4329b96b9f9a6273dfbc7cSHA-256: df3eeed73a1354247f475a4a97ef809936eb958083fab5aca6e72322fa18ff16
    MD5: 5a16dca0d3a849a5405f59c6f1b8d605SHA-256: 36dd987e678c6a419afad88bb406d24d98722439930dd51e9ab056a2e44dd195
(The unlinked packages above are only available from the Red Hat Network)

1331401 – CVE-2016-3710 qemu: incorrect banked access bounds checking in vga module

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply