Описание
ELSA-2015-0869: kvm security update (IMPORTANT)
[kvm-83-270.0.1.el5_11]
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
- Added kvm-Introduce-oel-machine-type.patch
[kvm-83-270.el5]
- KVM: x86: Check non canonical addresses upon WRMSR
- Resolves: bz#1152982 (CVE-2014-3610 kernel: kvm: noncanonical MSR writes [rhel-5.11.z])
[kvm-83-269.el5]
- KVM: x86: Improve thread safety in pit
- Resolves: bz#1152985 (CVE-2014-3611 kernel: kvm: PIT timer race condition)
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kmod-kvm
83-270.0.1.el5_11
kmod-kvm-debug
83-270.0.1.el5_11
kvm
83-270.0.1.el5_11
kvm-qemu-img
83-270.0.1.el5_11
kvm-tools
83-270.0.1.el5_11
Связанные CVE
Связанные уязвимости
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm ...
The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.