ELSA-2013-0727

ELSA-2013-0727 - kvm security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2013-04-09

Description

[kvm-83-262.0.1.el5_9.3]
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
- Added kvm-Introduce-oel-machine-type.patch

[kvm-83-262.el5_3]
- kvm-kernel-kvm-accept-unaligned-MSR_KVM_SYSTEM_TIME-writes.patch [bz#947363]
- Resolves: bz#947363
(RHEL.5.8.32 guest hang when installing)

[kvm-83-262.el5_2]
- kvm-kernel-KVM-Fix-for-buffer-overflow-in-handling-of-MSR_KVM_S.patch [bz#917018]
- kvm-kernel-KVM-Convert-MSR_KVM_SYSTEM_TIME-to-use-kvm_write_gue.patch [bz#917022]
- kvm-kernel-KVM-Fix-bounds-checking-in-ioapic-indirect-register-.patch [bz#917028]
- kvm-kernel-do-not-GP-on-unaligned-MSR_KVM_SYSTEM_TIME-write.patch [bz#bz917019]
- Resolves: bz#917018
(CVE-2013-1796 kernel: kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME [rhel-5.9.z])
- Resolves: bz#917022
(CVE-2013-1797 kernel: kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME [rhel-5.9.z])
- Resolves: bz#917028
(CVE-2013-1798 kernel: kvm: out-of-bounds access in ioapic indirect register reads [rhel-5.9.z])

Related CVEs

CVE-2013-1796

CVE-2013-1797

CVE-2013-1798

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 5 (x86_64)	kvm-83-262.0.1.el5_9.3.src.rpm	64de79611f7fd3336bfbac154974f1dd	ELSA-2017-0454
	kmod-kvm-83-262.0.1.el5_9.3.x86_64.rpm	73e0d2d82f335263f6e19060d00a437c	ELSA-2017-0454
	kmod-kvm-debug-83-262.0.1.el5_9.3.x86_64.rpm	86a660515e0d64f4199ad2b71021cb78	ELSA-2017-0454
	kvm-83-262.0.1.el5_9.3.x86_64.rpm	acae91e1622840b427849882a34bfa25	ELSA-2017-0454
	kvm-qemu-img-83-262.0.1.el5_9.3.x86_64.rpm	56e0f638a071b0d26ee865800c7074c1	ELSA-2017-0454
	kvm-tools-83-262.0.1.el5_9.3.x86_64.rpm	5eedcfe13e001ada07adf15583a024a7	ELSA-2017-0454

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team