Red Hat Product Errata RHSA-2012:1236 - Security Advisory

Issued:: 2012-09-05
Updated:: 2012-09-05

RHSA-2012:1236 - Security Advisory

Overview
Updated Packages

Synopsis

Important: xen security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated xen packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Description

The xen packages contain administration tools and the xend service for
managing the kernel-xen kernel for virtualization on Red Hat Enterprise
Linux.

A flaw was found in the way QEMU handled VT100 terminal escape sequences
when emulating certain character devices. A guest user with privileges to
write to a character device that is emulated on the host using a virtual
console back-end could use this flaw to crash the qemu process on the
host or, possibly, escalate their privileges on the host. (CVE-2012-3515)

This flaw did not affect the default use of the Xen hypervisor
implementation in Red Hat Enterprise Linux 5. This problem only affected
fully-virtualized guests that have a serial or parallel device that uses a
virtual console (vc) back-end. By default, the virtual console back-end is
not used for such devices; only guests explicitly configured to use them
in this way were affected.

Red Hat would like to thank the Xen project for reporting this issue.

All users of xen are advised to upgrade to these updated packages, which
correct this issue. After installing the updated packages, all
fully-virtualized guests must be restarted for this update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

BZ - 851252 - CVE-2012-3515 qemu: VT100 emulation vulnerability

CVEs

CVE-2012-3515

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
xen-3.0.3-135.el5_8.5.src.rpm	SHA-256: 82ae1d3dd4d06a02275ebca866e200009908191805e94ae22b6a052786c2cbfa
x86_64
xen-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 5cdd09a9633e5b83a1130b47a1f6f9f2270171cf78d2e0a59066d3571fc2be69
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-devel-3.0.3-135.el5_8.5.i386.rpm	SHA-256: ba21af68a2a9df7ae5aef3b62789c5b8ce0eb34f99c4967b361de17af5cb0a06
xen-devel-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: a56aac2155520894c22e02710bcf31e979ae1fa3909f6297ae95aa395ae11881
xen-libs-3.0.3-135.el5_8.5.i386.rpm	SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036
xen-libs-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 48f2e8b590b0e2dd5d5c5e46f3fb1185f570f907ef9b0d95d4205aa2ae702e66
ia64
xen-3.0.3-135.el5_8.5.ia64.rpm	SHA-256: f2e8335089834b1828128e06d753b6489ad542d7df21c18683489a9236d07da5
xen-debuginfo-3.0.3-135.el5_8.5.ia64.rpm	SHA-256: 2f9717a4e884e9c54af6fac8cd37b74975055a54ebedea24c49348b0acf61174
xen-debuginfo-3.0.3-135.el5_8.5.ia64.rpm	SHA-256: 2f9717a4e884e9c54af6fac8cd37b74975055a54ebedea24c49348b0acf61174
xen-devel-3.0.3-135.el5_8.5.ia64.rpm	SHA-256: 7b8eef4e9992b0f8f7beec0ec3979fda15e10c89015d18942e9cf2bc9fdf59d1
xen-libs-3.0.3-135.el5_8.5.ia64.rpm	SHA-256: 721efbd8a6fc48c2d17d1acaaa2724d601f0742638a13f600a1d1a2777ef9479
i386
xen-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 6bb402340cb795a469d3722abde770559ed496e9feaeb7a952d3f87b83598ecf
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-devel-3.0.3-135.el5_8.5.i386.rpm	SHA-256: ba21af68a2a9df7ae5aef3b62789c5b8ce0eb34f99c4967b361de17af5cb0a06
xen-libs-3.0.3-135.el5_8.5.i386.rpm	SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036

Red Hat Enterprise Linux Workstation 5

SRPM
xen-3.0.3-135.el5_8.5.src.rpm	SHA-256: 82ae1d3dd4d06a02275ebca866e200009908191805e94ae22b6a052786c2cbfa
x86_64
xen-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 5cdd09a9633e5b83a1130b47a1f6f9f2270171cf78d2e0a59066d3571fc2be69
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-devel-3.0.3-135.el5_8.5.i386.rpm	SHA-256: ba21af68a2a9df7ae5aef3b62789c5b8ce0eb34f99c4967b361de17af5cb0a06
xen-devel-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: a56aac2155520894c22e02710bcf31e979ae1fa3909f6297ae95aa395ae11881
xen-libs-3.0.3-135.el5_8.5.i386.rpm	SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036
xen-libs-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 48f2e8b590b0e2dd5d5c5e46f3fb1185f570f907ef9b0d95d4205aa2ae702e66
i386
xen-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 6bb402340cb795a469d3722abde770559ed496e9feaeb7a952d3f87b83598ecf
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-devel-3.0.3-135.el5_8.5.i386.rpm	SHA-256: ba21af68a2a9df7ae5aef3b62789c5b8ce0eb34f99c4967b361de17af5cb0a06
xen-libs-3.0.3-135.el5_8.5.i386.rpm	SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036

Red Hat Enterprise Linux Desktop 5

SRPM
xen-3.0.3-135.el5_8.5.src.rpm	SHA-256: 82ae1d3dd4d06a02275ebca866e200009908191805e94ae22b6a052786c2cbfa
x86_64
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-libs-3.0.3-135.el5_8.5.i386.rpm	SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036
xen-libs-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 48f2e8b590b0e2dd5d5c5e46f3fb1185f570f907ef9b0d95d4205aa2ae702e66
i386
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-libs-3.0.3-135.el5_8.5.i386.rpm	SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036

Red Hat Enterprise Linux Server from RHUI 5

SRPM
xen-3.0.3-135.el5_8.5.src.rpm	SHA-256: 82ae1d3dd4d06a02275ebca866e200009908191805e94ae22b6a052786c2cbfa
x86_64
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-debuginfo-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 7e23cbf57fda5a4bb91e535ab160476e267a44c3c11c8727dc067914108d88b3
xen-libs-3.0.3-135.el5_8.5.i386.rpm	SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036
xen-libs-3.0.3-135.el5_8.5.x86_64.rpm	SHA-256: 48f2e8b590b0e2dd5d5c5e46f3fb1185f570f907ef9b0d95d4205aa2ae702e66
i386
xen-debuginfo-3.0.3-135.el5_8.5.i386.rpm	SHA-256: 520d51374172f71bf98aac823c7558c9a93beff59652fc9bb560ca2e6f8f66f8
xen-libs-3.0.3-135.el5_8.5.i386.rpm	SHA-256: fafdd485309a4ea27d95a8893131fd484149d37987ff9580b92c10513d5ca036

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories