(RHSA-2012:1375) Important: rhev-hypervisor6 security and bug fix update

2012-10-1800:00:00

access.redhat.com

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.13 Low

EPSS

Percentile

94.9%

JSON

The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization
Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor
is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes
everything necessary to run and manage virtual machines: A subset of the
Red Hat Enterprise Linux operating environment and the Red Hat Enterprise
Virtualization Agent.

Note: Red Hat Enterprise Virtualization Hypervisor is only available for
the Intel 64 and AMD64 architectures with virtualization extensions.

A flaw was found in the way socket buffers (skb) requiring TSO (TCP segment
offloading) were handled by the sfc driver. If the skb did not fit within
the minimum-size of the transmission queue, the network card could
repeatedly reset itself. A remote attacker could use this flaw to cause a
denial of service. (CVE-2012-3412)

Red Hat would like to thank Ben Hutchings of Solarflare ™ for reporting
this issue.

This updated package provides updated components that include a fix for
one security issue. This issue had no security impact on Red Hat Enterprise
Virtualization Hypervisor itself, however. The security fix included in
this update addresses the following CVE number:

CVE-2012-4423 (libvirt issue)

This update also fixes the following bug:

A dependency issue was found between the rhev-hypervisor-tools and
rhev-hypervisor6-tools packages. Every time a user with one of the -tools
packages installed ran “yum update”, the -tools package they had installed
was removed and the other one installed. Even though rhev-hypervisor-tools
obsoleted rhev-hypervisor6-tools, this update includes an updated
rhev-hypervisor6-tools package that corrects this issue. Note that the
package does not have meaningful content, is only here to fix the
dependency issue, and may be removed by a future update. (BZ#855391)

This update includes the ovirt-node build from RHBA-2012:1374:

https://rhn.redhat.com/errata/RHBA-2012-1374.html

Users of the Red Hat Enterprise Virtualization Hypervisor are advised to
upgrade to this updated package, which fixes these issues.

OSVersionArchitecturePackageVersionFilename
RedHat6noarchrhev-hypervisor6-tools< 6.3-20121012.0.el6_3rhev-hypervisor6-tools-6.3-20121012.0.el6_3.noarch.rpm
RedHat6srcrhev-hypervisor6< 6.3-20121012.0.el6_3rhev-hypervisor6-6.3-20121012.0.el6_3.src.rpm
RedHat6noarchrhev-hypervisor6< 6.3-20121012.0.el6_3rhev-hypervisor6-6.3-20121012.0.el6_3.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	noarch	rhev-hypervisor6-tools	< 6.3-20121012.0.el6_3	rhev-hypervisor6-tools-6.3-20121012.0.el6_3.noarch.rpm
RedHat	6	src	rhev-hypervisor6	< 6.3-20121012.0.el6_3	rhev-hypervisor6-6.3-20121012.0.el6_3.src.rpm
RedHat	6	noarch	rhev-hypervisor6	< 6.3-20121012.0.el6_3	rhev-hypervisor6-6.3-20121012.0.el6_3.noarch.rpm