- Issued:
- 2016-08-24
- Updated:
- 2016-08-24
RHSA-2016:1763 - Security Advisory
Synopsis
Moderate: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 9.0 (Mitaka).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager.
Security Fix(es):
- Quick Emulator(QEMU) built with the Block driver for iSCSI images support (virtio-blk) is vulnerable to a heap-based buffer overflow issue. The flaw could occur while processing iSCSI asynchronous I/O ioctl(2) calls. A user inside a guest could exploit this flaw to crash the QEMU process resulting in denial of service, or potentially leverage it to execute arbitrary code with QEMU-process privileges on the host. (CVE-2016-5126)
- Quick Emulator(QEMU) built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement results in unbounded memory allocation on the host controlled by the guest. (CVE-2016-5403)
Red Hat would like to thank hongzhenhao (Marvel Team) for reporting CVE-2016-5403.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Affected Products
- Red Hat OpenStack 9 x86_64
Fixes
- BZ - 1340924 - CVE-2016-5126 Qemu: block: iscsi: buffer overflow in iscsi_aio_ioctl
- BZ - 1358359 - CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS
Red Hat OpenStack 9
SRPM | |
---|---|
qemu-kvm-rhev-2.3.0-31.el7_2.21.src.rpm | SHA-256: a94c0e89ace45eac3032f11f18d6d39953a42c6ee261d2d578600b9a38452dff |
x86_64 | |
libcacard-rhev-2.3.0-31.el7_2.21.x86_64.rpm | SHA-256: 7c50554554d757cfed5786d347bd66191825effa36184875b0ebcf6c4a39ad79 |
libcacard-tools-rhev-2.3.0-31.el7_2.21.x86_64.rpm | SHA-256: 60d6c5f595b58134b837fcbfc38e4124c7bb7ff66bc95779a45cd6e9d89c9d3e |
qemu-img-rhev-2.3.0-31.el7_2.21.x86_64.rpm | SHA-256: 4cde725205c07e2397f86948aba8a34258d6a0200abe5e19f4825e86759962ab |
qemu-kvm-common-rhev-2.3.0-31.el7_2.21.x86_64.rpm | SHA-256: 70516a1ac8707862fd95d32ecf8f4f1552f91e509bfc20e6b5570109068d00f6 |
qemu-kvm-rhev-2.3.0-31.el7_2.21.x86_64.rpm | SHA-256: f3a9662980f6687eeb37e52174a0cdfed256cc38092dee7d6fbd33a764399926 |
qemu-kvm-rhev-debuginfo-2.3.0-31.el7_2.21.x86_64.rpm | SHA-256: e3e9eeb357e7fb33f425308913b12601252caa00f863ba7fd36875ead3bc4e48 |
qemu-kvm-tools-rhev-2.3.0-31.el7_2.21.x86_64.rpm | SHA-256: 334203df05dafc3e9a043320a0a48a09bcd7bf4f0c1c5e3b1275ff0d118e52ef |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.