- Issued:
- 2011-03-10
- Updated:
- 2011-03-10
RHSA-2011:0345 - Security Advisory
Synopsis
Moderate: qemu-kvm security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated qemu-kvm packages that fix one security issue are now available for
Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Description
KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component
for running virtual machines using KVM. Virtual Network Computing (VNC) is
a remote display system.
A flaw was found in the way the VNC "password" option was handled. Clearing
a password disabled VNC authentication, allowing a remote user able to
connect to the virtual machines' VNC ports to open a VNC session without
authentication. (CVE-2011-0011)
All users of qemu-kvm should upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, shut down all running virtual machines. Once all virtual machines
have shut down, start them again for this update to take effect.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
Fixes
- BZ - 668589 - CVE-2011-0011 qemu-kvm: Setting VNC password to empty string silently disables all authentication
CVEs
Red Hat Enterprise Linux Server 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.113.el6_0.8.src.rpm | SHA-256: 3efba49be532623866cddb90d951277db18f961ead3c834fd9d1a8a3215e5b5b |
| x86_64 | |
| qemu-img-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 933bcf2dabd187f6353df2bd1649c31f5928bbd4eaf7c85abf31329e06c01501 |
| qemu-img-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 933bcf2dabd187f6353df2bd1649c31f5928bbd4eaf7c85abf31329e06c01501 |
| qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 86f1c2e3a7280c6a8b4b29c1e54e9aa11c163640122a327cf091521b30cd84a1 |
| qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 86f1c2e3a7280c6a8b4b29c1e54e9aa11c163640122a327cf091521b30cd84a1 |
| qemu-kvm-debuginfo-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: ca1ec9b7070f8927d134f44bf162f0cc5291db4252442ef1d219d0e37504da20 |
| qemu-kvm-debuginfo-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: ca1ec9b7070f8927d134f44bf162f0cc5291db4252442ef1d219d0e37504da20 |
| qemu-kvm-tools-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 6be3c0978990a14a2226a1122fe83dd42d81ec97a1af562b38aec33cd6ca0fd3 |
| qemu-kvm-tools-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 6be3c0978990a14a2226a1122fe83dd42d81ec97a1af562b38aec33cd6ca0fd3 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.113.el6_0.8.src.rpm | SHA-256: 3efba49be532623866cddb90d951277db18f961ead3c834fd9d1a8a3215e5b5b |
| x86_64 | |
| qemu-img-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 933bcf2dabd187f6353df2bd1649c31f5928bbd4eaf7c85abf31329e06c01501 |
| qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 86f1c2e3a7280c6a8b4b29c1e54e9aa11c163640122a327cf091521b30cd84a1 |
| qemu-kvm-debuginfo-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: ca1ec9b7070f8927d134f44bf162f0cc5291db4252442ef1d219d0e37504da20 |
| qemu-kvm-tools-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 6be3c0978990a14a2226a1122fe83dd42d81ec97a1af562b38aec33cd6ca0fd3 |
Red Hat Enterprise Linux Workstation 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.113.el6_0.8.src.rpm | SHA-256: 3efba49be532623866cddb90d951277db18f961ead3c834fd9d1a8a3215e5b5b |
| x86_64 | |
| qemu-img-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 933bcf2dabd187f6353df2bd1649c31f5928bbd4eaf7c85abf31329e06c01501 |
| qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 86f1c2e3a7280c6a8b4b29c1e54e9aa11c163640122a327cf091521b30cd84a1 |
| qemu-kvm-debuginfo-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: ca1ec9b7070f8927d134f44bf162f0cc5291db4252442ef1d219d0e37504da20 |
| qemu-kvm-tools-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 6be3c0978990a14a2226a1122fe83dd42d81ec97a1af562b38aec33cd6ca0fd3 |
Red Hat Enterprise Linux Desktop 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.113.el6_0.8.src.rpm | SHA-256: 3efba49be532623866cddb90d951277db18f961ead3c834fd9d1a8a3215e5b5b |
| x86_64 | |
| qemu-img-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 933bcf2dabd187f6353df2bd1649c31f5928bbd4eaf7c85abf31329e06c01501 |
| qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 86f1c2e3a7280c6a8b4b29c1e54e9aa11c163640122a327cf091521b30cd84a1 |
| qemu-kvm-debuginfo-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: ca1ec9b7070f8927d134f44bf162f0cc5291db4252442ef1d219d0e37504da20 |
| qemu-kvm-tools-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 6be3c0978990a14a2226a1122fe83dd42d81ec97a1af562b38aec33cd6ca0fd3 |
Red Hat Enterprise Linux for Scientific Computing 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.113.el6_0.8.src.rpm | SHA-256: 3efba49be532623866cddb90d951277db18f961ead3c834fd9d1a8a3215e5b5b |
| x86_64 | |
| qemu-img-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 933bcf2dabd187f6353df2bd1649c31f5928bbd4eaf7c85abf31329e06c01501 |
| qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 86f1c2e3a7280c6a8b4b29c1e54e9aa11c163640122a327cf091521b30cd84a1 |
| qemu-kvm-debuginfo-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: ca1ec9b7070f8927d134f44bf162f0cc5291db4252442ef1d219d0e37504da20 |
| qemu-kvm-tools-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 6be3c0978990a14a2226a1122fe83dd42d81ec97a1af562b38aec33cd6ca0fd3 |
Red Hat Enterprise Linux Server from RHUI 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.113.el6_0.8.src.rpm | SHA-256: 3efba49be532623866cddb90d951277db18f961ead3c834fd9d1a8a3215e5b5b |
| x86_64 | |
| qemu-img-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 933bcf2dabd187f6353df2bd1649c31f5928bbd4eaf7c85abf31329e06c01501 |
| qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 86f1c2e3a7280c6a8b4b29c1e54e9aa11c163640122a327cf091521b30cd84a1 |
| qemu-kvm-debuginfo-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: ca1ec9b7070f8927d134f44bf162f0cc5291db4252442ef1d219d0e37504da20 |
| qemu-kvm-tools-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 6be3c0978990a14a2226a1122fe83dd42d81ec97a1af562b38aec33cd6ca0fd3 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6
| SRPM | |
|---|---|
| qemu-kvm-0.12.1.2-2.113.el6_0.8.src.rpm | SHA-256: 3efba49be532623866cddb90d951277db18f961ead3c834fd9d1a8a3215e5b5b |
| x86_64 | |
| qemu-img-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 933bcf2dabd187f6353df2bd1649c31f5928bbd4eaf7c85abf31329e06c01501 |
| qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 86f1c2e3a7280c6a8b4b29c1e54e9aa11c163640122a327cf091521b30cd84a1 |
| qemu-kvm-debuginfo-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: ca1ec9b7070f8927d134f44bf162f0cc5291db4252442ef1d219d0e37504da20 |
| qemu-kvm-tools-0.12.1.2-2.113.el6_0.8.x86_64.rpm | SHA-256: 6be3c0978990a14a2226a1122fe83dd42d81ec97a1af562b38aec33cd6ca0fd3 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
