Описание
Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.
A flaw has been found in the QEMU emulator built with IDE Emulation PCI PIIX3/4 support; the emulator is vulnerable to a use-after-free flaw, while writing data to an I/O port inside a guest. This issue is specific to the Xen platform. A privileged(CAP_SYS_RAWIO) guest user on the Xen platform could use this flaw to crash the QEMU instance or attempt to make a guest escape to QEMU-process privileges.
Отчет
This issue does not affect the versions of kvm and xen packages as shipped with Red Hat Enterprise Linux 5. This issue does not affect the versions of the qemu-kvm packages as shipped with Red Hat Enterprise Linux 6. This issue does not affect the Red Hat Enterprise Linux 6 based versions of qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3. This issue does not affect the versions of the qemu-kvm packages as shipped with Red Hat Enterprise Linux 7. This issue does not affect the Red Hat Enterprise Linux 7 based versions of the qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3. This issue does not affect the qemu-kvm-rhev packages as shipped with any currently supported versions of Red Hat Enterprise Linux OpenStack Platform.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Not affected | ||
| Red Hat Enterprise Linux 5 | xen | Not affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-rhev | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse) | qemu-kvm-rhev | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 6 (Juno) | qemu-kvm-rhev | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | qemu-kvm-rhev | Not affected |
Показывать по
Дополнительная информация
Статус:
2.9 Low
CVSS2
Связанные уязвимости
Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.
Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.
Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not ...
Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.
Уязвимость гипервизора Xen, позволяющая нарушителю получить привилегии, позволяющие выполнять отключение блочных устройств
2.9 Low
CVSS2