Описание
ELSA-2012-0676: kvm security and bug fix update (MODERATE)
[kvm-83-249.0.1.el5_8.4]
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
- Added kvm-Introduce-oel-machine-type.patch
[kvm-83-249.el5_8.4]
- kvm-kernel-KVM-unmap-pages-from-the-iommu-when-slots-are-remove.patch [bz#814151]
- CVE: CVE-2012-2121
- Resolves: bz#814151 (CVE-2012-2121 kvm: device assignment page leak [rhel-5.8])
[kvm-83-249.el5_8.3]
- kvm-fix-l1_map-buffer-overflow.patch [bz#816207]
- Resolves: bz#816207 (qemu-kvm segfault in tb_invalidate_phys_page_range())
[kvm-83-249.el5_8.2]
- kvm-kernel-KVM-Ensure-all-vcpus-are-consistent-with-in-kernel-i.patch [bz#808205]
- Resolves: bz#808205 (CVE-2012-1601 kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency [rhel-5.8.z])
[kvm-83-249.el5_8.1]
- kvm-posix-aio-compat-fix-thread-accounting-leak.patch [bz#802429]
- Resolves: bz#802429 ([RHEL5.8 Snapshot2]RHEL5.8 KVMGuest hung during Guest OS booting up)
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kmod-kvm
83-249.0.1.el5_8.4
kmod-kvm-debug
83-249.0.1.el5_8.4
kvm
83-249.0.1.el5_8.4
kvm-qemu-img
83-249.0.1.el5_8.4
kvm-tools
83-249.0.1.el5_8.4
Связанные CVE
Связанные уязвимости
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.
The KVM implementation in the Linux kernel before 3.3.4 does not prope ...
The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.