An update for qemu-kvm-rhev is now available for Red Hat Enterprise LinuxOpenStack Platform 5.0 (Icehouse) for RHEL 7.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linuxon AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-spacecomponent for running virtual machines using KVM in environments managed by RedHat Enterprise Virtualization Manager.Security Fix(es):* Quick Emulator(Qemu) built with the Block driver for iSCSI images support(virtio-blk) is vulnerable to a heap buffer overflow issue. It could occur whileprocessing iSCSI asynchronous I/O ioctl(2) calls. A user inside guest could usethis flaw to crash the Qemu process resulting in DoS or potentially leverage itto execute arbitrary code with privileges of the Qemu process on the host.(CVE-2016-5126)* Quick emulator(Qemu) built with the virtio framework is vulnerable to anunbounded memory allocation issue. It was found that a malicious guest usercould submit more requests than the virtqueue size permits. Processing a requestallocates a VirtQueueElement and therefore causes unbounded memory allocation onthe host controlled by the guest. (CVE-2016-5403)Red Hat would like to thank hongzhenhao (Marvel Team) for reportingCVE-2016-5403.
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing this update, shut down all running virtual machines. Once allvirtual machines have shut down, start them again for this update to takeeffect.Red Hat OpenStack 5.0 for RHEL 7

SRPMS:
qemu-kvm-rhev-2.3.0-31.el7_2.21.src.rpm
    MD5: 388489747503bf7e5679a1334e8edea8SHA-256: a94c0e89ace45eac3032f11f18d6d39953a42c6ee261d2d578600b9a38452dff
 
x86_64:
libcacard-devel-rhev-2.3.0-31.el7_2.21.x86_64.rpm
    MD5: b69cefdcf266192b300525fa2a55db44SHA-256: 757414615b1d96df3cea8c01a62ef66975eadfce01f344d8cb4205cd83e6087b
libcacard-rhev-2.3.0-31.el7_2.21.x86_64.rpm
    MD5: 236884551ff81b5f896399f128998d0bSHA-256: 7c50554554d757cfed5786d347bd66191825effa36184875b0ebcf6c4a39ad79
libcacard-tools-rhev-2.3.0-31.el7_2.21.x86_64.rpm
    MD5: cc5e87b0e239b613dcba8c3d52de17f4SHA-256: 60d6c5f595b58134b837fcbfc38e4124c7bb7ff66bc95779a45cd6e9d89c9d3e
qemu-img-rhev-2.3.0-31.el7_2.21.x86_64.rpm
    MD5: 2528cc222087bd4ee7c9a4ac8bf85d70SHA-256: 4cde725205c07e2397f86948aba8a34258d6a0200abe5e19f4825e86759962ab
qemu-kvm-common-rhev-2.3.0-31.el7_2.21.x86_64.rpm
    MD5: ff206f645105d15a1cd85c48c5962482SHA-256: 70516a1ac8707862fd95d32ecf8f4f1552f91e509bfc20e6b5570109068d00f6
qemu-kvm-rhev-2.3.0-31.el7_2.21.x86_64.rpm
    MD5: 8a92dd969c8696e7531b22fe5e1ed68fSHA-256: f3a9662980f6687eeb37e52174a0cdfed256cc38092dee7d6fbd33a764399926
qemu-kvm-rhev-debuginfo-2.3.0-31.el7_2.21.x86_64.rpm
    MD5: 9b5e3c480f49bf2eb5912bdd23b16307SHA-256: e3e9eeb357e7fb33f425308913b12601252caa00f863ba7fd36875ead3bc4e48
qemu-kvm-tools-rhev-2.3.0-31.el7_2.21.x86_64.rpm
    MD5: 88d1ebfc3d8e0d7de2110c02e4cabb33SHA-256: 334203df05dafc3e9a043320a0a48a09bcd7bf4f0c1c5e3b1275ff0d118e52ef
 
(The unlinked packages above are only available from the Red Hat Network)

1340924 – CVE-2016-5126 Qemu: block: iscsi: buffer overflow in iscsi_aio_ioctl1358359 – CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply