Описание
ELSA-2010-0898: kvm security update (MODERATE)
[kvm-83-164.0.1.el5_5.25]
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
[kvm-83-164.el5_5.25]
- Adding load_gs_index to kmod symbol greylist
- Related: bz#639886 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z])
[kvm-83-164.el5_5.24]
- Updated kversion to 2.6.18-194.17.1.el5 to match build root
- kvm.spec: fix ./configure arguments (ensure spice, kvm-cap-pit and kvm-cap-device-assignment are always enabled)
- kvm-kernel-KVM-Fix-fs-gs-reload-oops-with-invalid-ldt.patch [bz#639886]
- Resolves: bz#639886 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z])
- CVE: CVE-2010-3698
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kmod-kvm
83-164.0.1.el5_5.25
kvm
83-164.0.1.el5_5.25
kvm-qemu-img
83-164.0.1.el5_5.25
kvm-tools
83-164.0.1.el5_5.25
Связанные CVE
Связанные уязвимости
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
The KVM implementation in the Linux kernel before 2.6.36 does not prop ...
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).