QEMU i8254 PIT Emulation Bug

Lenovo Security Advisory: LEN-2015-075 **Potential Impact:**Escalation of Privileges Severity: High

Summary:
A vulnerability was reported in QEMU where a local user on the guest system could potentially obtain elevated privileges on the target host system. This vulnerability was reported to Red Hat and has been assigned CVE-2015-3214.

Description:
QEMU is a generic and open source machine emulator and virtualizer and is used as a foundation and hardware emulation layer for running virtual machines under the Xen and KVM/QEMU hypervisors.
A local privileged user on a guest system that has QEMU programmable interval timer (PIT) enabled can issue a specially crafted read request from the PIT Mode/Command register to obtain potentially sensitive information or cause memory corruption and execute arbitrary code on the target host system.
This vulnerability affects certain LenovoEMC px12 products and has been fixed in code version 1.0.10.33264 and above.

Mitigation Strategy for Customers (what you should do to protect yourself):
Update your product to the latest levels using the steps below:

Product Impact:
Please apply the latest versions of the following software updates:

http://lifelineapps.com/?user_lang=en&device=px12450r&version=&category=&sort=1&redirect_url=

LenovoEMC px12-450r IVX application | Version 1.0.10.33264 and later | See <http://download.lenovo.com/nasupdate/help/lifeline/4.1a/px12-450r/en_US/Content/software_update.html&gt; for instructions on updating to the latest software version | http://lifelineapps.com/?user_lang=en&device=px12450r&version=&category=&sort=1&redirect_url=

Other information and references:

• <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3214&gt;

Revision History:

Revision

|

Date

|

Description

—|—|—
1.0 |** 21 Jul 2015**|** Initial release**