Stay Connected:

ELSA-2014-0163

ELSA-2014-0163 - kvm security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2014-02-12

Description


[kvm-83-266.0.1.el5_10.1]
- Added kvm-add-oracle-workaround-for-libvirt-bug.patch
- Added kvm-Introduce-oel-machine-type.patch

[kvm-83-266_10.1.el5]
- KVM: x86: prevent cross page vapic_addr access (CVE-2013-6368) [bz#1032219]
- KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) [bz#1032216]
- Resolves: bz#1032219
(CVE-2013-6368 kvm: cross page vapic_addr access [rhel-5.10])
- Resolves: bz#1032216
CVE-2013-6367 kvm: division by zero in apic_get_tmcct() [rhel-5.10.z]

[kvm-83-266.el5]
- Updated kversion to 2.6.18-348.4.1.el5
- kvm-fix-l1_map-buffer-overflow.patch [bz#956511]
- Resolves: bz#956511
(qemu-kvm segfault in tb_invalidate_phys_page_range())

[kvm-83-265.el5]
- kvm-kernel-kvm-accept-unaligned-MSR_KVM_SYSTEM_TIME-writes.patch [bz#924597]
- Resolves: bz#924597
(RHEL.5.8.32 guest hang when installing)

[kvm-83-264.el5]
- kvm-kernel-KVM-Fix-for-buffer-overflow-in-handling-of-MSR_KVM_S.patch [bz#917019]
- kvm-kernel-KVM-Convert-MSR_KVM_SYSTEM_TIME-to-use-kvm_write_gue.patch [bz#917023]
- kvm-kernel-KVM-Fix-bounds-checking-in-ioapic-indirect-register-.patch [bz#917029]
- kvm-kernel-do-not-GP-on-unaligned-MSR_KVM_SYSTEM_TIME-write.patch [bz#bz917019]
- Resolves: bz#917019
(CVE-2013-1796 kernel: kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME [rhel-5.10])
- Resolves: bz#917023
(CVE-2013-1797 kernel: kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME [rhel-5.10])
- Resolves: bz#917029
(CVE-2013-1798 kernel: kvm: out-of-bounds access in ioapic indirect register reads [rhel-5.10])

[kvm-83-263.el5]
- kvm-e1000-Discard-packets-that-are-too-long-if-SBP-and-L.patch [bz#910840]
- kvm-e1000-Discard-oversized-packets-based-on-SBP-LPE.patch [bz#910840]
- Resolves: bz#910840
(CVE-2012-6075 qemu (e1000 device driver): Buffer overflow when processing large packets when SBP and LPE flags are disabled [rhel-5.10])


Related CVEs


CVE-2013-6367
CVE-2013-6368

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 5 (x86_64) kvm-83-266.0.1.el5_10.1.src.rpme70bb7162b1cb086460b789730a30d8571366587ad2f4b2424a58a57223ea08cELSA-2017-0454ol5_u10_x86_64_patch
kvm-83-266.0.1.el5_10.1.src.rpme70bb7162b1cb086460b789730a30d8571366587ad2f4b2424a58a57223ea08cELSA-2017-0454ol5_x86_64_latest
kmod-kvm-83-266.0.1.el5_10.1.x86_64.rpm85fb73be8fe8c08f1a18c6c358781b07951c8acbbc4869ca6ed603a7afbff05cELSA-2017-0454ol5_u10_x86_64_patch
kmod-kvm-83-266.0.1.el5_10.1.x86_64.rpm85fb73be8fe8c08f1a18c6c358781b07951c8acbbc4869ca6ed603a7afbff05cELSA-2017-0454ol5_x86_64_latest
kmod-kvm-debug-83-266.0.1.el5_10.1.x86_64.rpmb71d03d5d2e128507b79357200d9bb83581686e290a5540f406942189c424b1bELSA-2017-0454ol5_u10_x86_64_patch
kmod-kvm-debug-83-266.0.1.el5_10.1.x86_64.rpmb71d03d5d2e128507b79357200d9bb83581686e290a5540f406942189c424b1bELSA-2017-0454ol5_x86_64_latest
kvm-83-266.0.1.el5_10.1.x86_64.rpm71d1ab4aa7b0dd19b3ad6c9fd3ed9209296d5f7d1a791cbaee65e5cd1613e6d5ELSA-2017-0454ol5_u10_x86_64_patch
kvm-83-266.0.1.el5_10.1.x86_64.rpm71d1ab4aa7b0dd19b3ad6c9fd3ed9209296d5f7d1a791cbaee65e5cd1613e6d5ELSA-2017-0454ol5_x86_64_latest
kvm-qemu-img-83-266.0.1.el5_10.1.x86_64.rpm9499ccec8aa8f9fd3948eb1652de76e751dfae27f878ad5761bea8441a183024ELSA-2017-0454ol5_u10_x86_64_patch
kvm-qemu-img-83-266.0.1.el5_10.1.x86_64.rpm9499ccec8aa8f9fd3948eb1652de76e751dfae27f878ad5761bea8441a183024ELSA-2017-0454ol5_x86_64_latest
kvm-tools-83-266.0.1.el5_10.1.x86_64.rpm9fb80856273d89e4b763ebec8d16a2ecb0bd36bae2f6f11e07bf9e8a1a3b7d83ELSA-2017-0454ol5_u10_x86_64_patch
kvm-tools-83-266.0.1.el5_10.1.x86_64.rpm9fb80856273d89e4b763ebec8d16a2ecb0bd36bae2f6f11e07bf9e8a1a3b7d83ELSA-2017-0454ol5_x86_64_latest



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights