CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
89.0%
CentOS Errata and Security Advisory CESA-2013:0608
KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Red Hat Enterprise Linux kernel.
A flaw was found in the way QEMU-KVM emulated the e1000 network interface
card when the host was configured to accept jumbo network frames, and a
guest using the e1000 emulated driver was not. A remote attacker could use
this flaw to crash the guest or, potentially, execute arbitrary code with
root privileges in the guest. (CVE-2012-6075)
All users of kvm are advised to upgrade to these updated packages, which
contain backported patches to correct this issue. Note that the procedure
in the Solution section must be performed before this update will take
effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-March/081432.html
https://lists.centos.org/pipermail/centos-announce/2013-March/094187.html
Affected packages:
kmod-kvm
kmod-kvm-debug
kvm
kvm-qemu-img
kvm-tools
Upstream details at:
https://access.redhat.com/errata/RHSA-2013:0608
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | x86_64 | kmod-kvm | < 83-262.el5.centos.1 | kmod-kvm-83-262.el5.centos.1.x86_64.rpm |
CentOS | 5 | x86_64 | kmod-kvm-debug | < 83-262.el5.centos.1 | kmod-kvm-debug-83-262.el5.centos.1.x86_64.rpm |
CentOS | 5 | x86_64 | kvm | < 83-262.el5.centos.1 | kvm-83-262.el5.centos.1.x86_64.rpm |
CentOS | 5 | x86_64 | kvm-qemu-img | < 83-262.el5.centos.1 | kvm-qemu-img-83-262.el5.centos.1.x86_64.rpm |
CentOS | 5 | x86_64 | kvm-tools | < 83-262.el5.centos.1 | kvm-tools-83-262.el5.centos.1.x86_64.rpm |
CentOS | 5 | x86_64 | kmod-kvm | < 83-262.el5.centos.1 | kmod-kvm-83-262.el5.centos.1.x86_64.rpm |
CentOS | 5 | x86_64 | kmod-kvm-debug | < 83-262.el5.centos.1 | kmod-kvm-debug-83-262.el5.centos.1.x86_64.rpm |
CentOS | 5 | x86_64 | kvm | < 83-262.el5.centos.1 | kvm-83-262.el5.centos.1.x86_64.rpm |
CentOS | 5 | x86_64 | kvm-qemu-img | < 83-262.el5.centos.1 | kvm-qemu-img-83-262.el5.centos.1.x86_64.rpm |
CentOS | 5 | x86_64 | kvm-tools | < 83-262.el5.centos.1 | kvm-tools-83-262.el5.centos.1.x86_64.rpm |