This issue does not affect the versions of the kvm and xen packages as shipped with Red Hat Enterprise Linux 5, the versions of the qemu-kvm packages as shipped with Red Hat Enterprise Linux 6 and the Red Hat Enterprise Linux 6 based qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3, because they did not backport the upstream commit that introduced this issue.
This issue does affect the versions of qemu-kvm packages as shipped with Red Hat Enterprise Linux 7 and versions of Red Hat Enterprise Linux 7 based qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3. Future updates for the respective releases will address this flaw.
CVSS v2 metrics
|Access Vector||Adjacent Network|
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
|Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (qemu-kvm-rhev)||RHSA-2015:1508||2015-07-27|
|Red Hat Enterprise Linux 7 (qemu-kvm)||RHSA-2015:1507||2015-07-27|
|Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 (qemu-kvm-rhev)||RHSA-2015:1512||2015-07-28|
|Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 (qemu-kvm-rhev)||RHSA-2015:1512||2015-07-28|
Affected Packages State
|Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7||qemu-kvm-rhev||Not affected|
|Red Hat Enterprise Linux 6||qemu-kvm||Not affected|
|Red Hat Enterprise Linux 5||xen||Not affected|
|Red Hat Enterprise Linux 5||kvm||Not affected|
|RHEV Manager 3||rhev-hypervisor||Affected|