CentOS Update for kmod-kvm CESA-2014:0163 centos5

CentOS Update for kmod-kvm CESA-2014:0163 centos5 - KVM update for CentOS

Reporter	Title	Published	Views	Family All 372
ALT Linux	Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt17	9 Jan 201400:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 7 package kernel-src-kvm version 3.10.21-alt1	20 Dec 201300:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt16	20 Dec 201300:00	–	altlinux
Tenable Nessus	CentOS 6 : kernel (CESA-2013:1801)	13 Dec 201300:00	–	nessus
Tenable Nessus	CentOS 5 : kvm (CESA-2014:0163)	14 Feb 201400:00	–	nessus
Tenable Nessus	Debian DSA-2906-1 : linux-2.6 - privilege escalation/denial of service/information leak	27 Apr 201400:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1475)	13 May 201900:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1486)	13 May 201900:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1506)	13 May 201900:00	–	nessus
Tenable Nessus	Fedora 20 : kernel-3.12.5-302.fc20 (2013-23445)	23 Dec 201300:00	–	nessus

Source	Link
lists	www.lists.centos.org/pipermail/centos-announce/2014-February/020154.html

###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for kmod-kvm CESA-2014:0163 centos5 
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");

if(description)
{
  script_id(881880);
  script_version("$Revision: 6656 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-10 13:49:38 +0200 (Mon, 10 Jul 2017) $");
  script_tag(name:"creation_date", value:"2014-02-17 11:38:58 +0530 (Mon, 17 Feb 2014)");
  script_cve_id("CVE-2013-6367", "CVE-2013-6368");
  script_tag(name:"cvss_base", value:"6.2");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:C/I:C/A:C");
  script_name("CentOS Update for kmod-kvm CESA-2014:0163 centos5 ");

  tag_insight = "KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Red Hat Enterprise Linux kernel.

A divide-by-zero flaw was found in the apic_get_tmcct() function in KVM's
Local Advanced Programmable Interrupt Controller (LAPIC) implementation.
A privileged guest user could use this flaw to crash the host.
(CVE-2013-6367)

A memory corruption flaw was discovered in the way KVM handled virtual APIC
accesses that crossed a page boundary. A local, unprivileged user could use
this flaw to crash the system or, potentially, escalate their privileges on
the system. (CVE-2013-6368)

Red Hat would like to thank Andrew Honig of Google for reporting these
issues.

All kvm users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. Note: the procedure in
the Solution section must be performed before this update will take effect.
";

  tag_affected = "kmod-kvm on CentOS 5";

  tag_solution = "Please Install the Updated Packages.";


  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name: "CESA", value: "2014:0163");
  script_xref(name: "URL" , value: "http://lists.centos.org/pipermail/centos-announce/2014-February/020154.html");
  script_summary("Check for the Version of kmod-kvm");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
  script_family("CentOS Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");

res = "";
if(release == NULL){
  exit(0);
}

if(release == "CentOS5")
{

  if ((res = isrpmvuln(pkg:"kmod-kvm", rpm:"kmod-kvm~83~266.el5.centos.1", rls:"CentOS5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kmod-kvm-debug", rpm:"kmod-kvm-debug~83~266.el5.centos.1", rls:"CentOS5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kvm", rpm:"kvm~83~266.el5.centos.1", rls:"CentOS5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kvm-qemu-img", rpm:"kvm-qemu-img~83~266.el5.centos.1", rls:"CentOS5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kvm-tools", rpm:"kvm-tools~83~266.el5.centos.1", rls:"CentOS5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

10 Jul 2017 00:00Current

7.8High risk

Vulners AI Score7.8

EPSS0.00564