(RHSA-2015:1925) Important: kvm security update

2015-10-2200:00:00

access.redhat.com

0.001 Low

EPSS

Percentile

40.4%

JSON

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems.

A heap buffer overflow flaw was found in the way QEMU’s NE2000 NIC
emulation implementation handled certain packets received over the network.
A privileged user inside a guest could use this flaw to crash the QEMU
instance (denial of service) or potentially execute arbitrary code on
the host. (CVE-2015-5279)

Red Hat would like to thank Qinghao Tang of QIHU 360 Inc. for reporting
this issue.

All kvm users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. Note: The procedure in
the Solution section must be performed before this update will take effect.

OSVersionArchitecturePackageVersionFilename
RedHat5x86_64kvm-debuginfo< 83-274.el5_11kvm-debuginfo-83-274.el5_11.x86_64.rpm
RedHat5x86_64kvm-qemu-img< 83-274.el5_11kvm-qemu-img-83-274.el5_11.x86_64.rpm
RedHat5x86_64kmod-kvm-debug< 83-274.el5_11kmod-kvm-debug-83-274.el5_11.x86_64.rpm
RedHat5x86_64kvm-tools< 83-274.el5_11kvm-tools-83-274.el5_11.x86_64.rpm
RedHat5x86_64kmod-kvm< 83-274.el5_11kmod-kvm-83-274.el5_11.x86_64.rpm
RedHat5srckvm< 83-274.el5_11kvm-83-274.el5_11.src.rpm
RedHat5x86_64kvm< 83-274.el5_11kvm-83-274.el5_11.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	5	x86_64	kvm-debuginfo	< 83-274.el5_11	kvm-debuginfo-83-274.el5_11.x86_64.rpm
RedHat	5	x86_64	kvm-qemu-img	< 83-274.el5_11	kvm-qemu-img-83-274.el5_11.x86_64.rpm
RedHat	5	x86_64	kmod-kvm-debug	< 83-274.el5_11	kmod-kvm-debug-83-274.el5_11.x86_64.rpm
RedHat	5	x86_64	kvm-tools	< 83-274.el5_11	kvm-tools-83-274.el5_11.x86_64.rpm
RedHat	5	x86_64	kmod-kvm	< 83-274.el5_11	kmod-kvm-83-274.el5_11.x86_64.rpm
RedHat	5	src	kvm	< 83-274.el5_11	kvm-83-274.el5_11.src.rpm
RedHat	5	x86_64	kvm	< 83-274.el5_11	kvm-83-274.el5_11.x86_64.rpm