Lucene search

K
centosCentOS ProjectCESA-2016:1943
HistorySep 28, 2016 - 1:59 p.m.

kmod, kvm security update

2016-09-2813:59:56
CentOS Project
lists.centos.org
69

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0.002

Percentile

58.2%

CentOS Errata and Security Advisory CESA-2016:1943

KVM (for Kernel-based Virtual Machine) is a full virtualization solution for
Linux on x86 hardware. Using KVM, one can run multiple virtual machines running
unmodified Linux or Windows images. Each virtual machine has private virtualized
hardware: a network card, disk, graphics adapter, etc.

Security Fix(es):

  • An out-of-bounds read/write access flaw was found in the way QEMU’s VGA
    emulation with VESA BIOS Extensions (VBE) support performed read/write
    operations using I/O port methods. A privileged guest user could use this flaw
    to execute arbitrary code on the host with the privileges of the host’s QEMU
    process. (CVE-2016-3710)

  • Quick Emulator(QEMU) built with the virtio framework is vulnerable to an
    unbounded memory allocation issue. It was found that a malicious guest user
    could submit more requests than the virtqueue size permits. Processing a request
    allocates a VirtQueueElement results in unbounded memory allocation on the host
    controlled by the guest. (CVE-2016-5403)

Red Hat would like to thank Wei Xiao (360 Marvel Team) and Qinghao Tang (360
Marvel Team) for reporting CVE-2016-3710 and hongzhenhao (Marvel Team) for
reporting CVE-2016-5403.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2016-September/084253.html

Affected packages:
kmod-kvm
kmod-kvm-debug
kvm
kvm-qemu-img
kvm-tools

Upstream details at:
https://access.redhat.com/errata/RHSA-2016:1943

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0.002

Percentile

58.2%