(RHSA-2013:0886) Moderate: rhev 3.2 - vdsm security and bug fix update

2013-06-10T04:00:00
ID RHSA-2013:0886
Type redhat
Reporter RedHat
Modified 2018-06-07T08:59:46

Description

VDSM is a management module that serves as a Red Hat Enterprise Virtualization Manager agent on Red Hat Enterprise Virtualization Hypervisor or Red Hat Enterprise Linux hosts.

A flaw was found in the way unexpected fields in guestInfo dictionaries were processed. A privileged guest user could potentially use this flaw to make the host the guest is running on unavailable to the management server. (CVE-2013-0167)

The CVE-2013-0167 issue was discovered by Dan Kenigsberg of the Red Hat Enterprise Virtualization team.

This update also fixes various bugs. Refer to the Technical Notes for information about these changes:

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.2/html/Technical_Notes/chap-RHSA-2013-0886.html

All users managing Red Hat Enterprise Linux Virtualization hosts using Red Hat Enterprise Virtualization Manager are advised to install these updated packages, which fix these issues.

These updated packages will be provided to users of Red Hat Enterprise Virtualization Hypervisor in the next rhev-hypervisor6 errata package.