(RHSA-2015:1713) Important: rhev-hypervisor security, bug fix, and enhancement update

The rhev-hypervisor package provides a Red Hat Enterprise Virtualization
Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor
is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes
everything necessary to run and manage virtual machines: A subset of the
Red Hat Enterprise Linux operating environment and the Red Hat Enterprise
Virtualization Agent.

Note: Red Hat Enterprise Virtualization Hypervisor is only available for
the Intel 64 and AMD64 architectures with virtualization extensions.

A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG
2000 image files. A specially crafted file could cause an application using
JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138)

A race condition flaw, leading to a heap-based memory corruption, was found
in spice’s worker_update_monitors_config() function, which runs under the
QEMU-KVM context on the host. A user in a guest could leverage this flaw to
crash the host QEMU-KVM process or, possibly, execute arbitrary code with
the privileges of the host QEMU-KVM process. (CVE-2015-3247)

A double free flaw was found in the way JasPer parsed ICC color profiles in
JPEG 2000 image files. A specially crafted file could cause an application
using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137)

It was found that the idle timeout in the Red Hat Enterprise Virtualization
Manager Web Admin interface failed to log out a session if a VM has been
selected in the VM grid view. This could allow a local attacker to access
the web interface if it was left unattended. (CVE-2015-1841)

Red Hat would like to thank oCERT for reporting CVE-2014-8137 and
CVE-2014-8138. oCERT acknowledges Jose Duart of the Google Security Team as
the original reporter. The CVE-2015-3247 issue was discovered by Frediano
Ziglio of Red Hat. The CVE-2015-1841 issue was discovered by Einav Cohen
of Red Hat.

This update also fixes the following bug:

• Previously, installing the Red Hat Enterprise Virtualization Hypervisor 7
  RPM on a Red Hat Enterprise Linux 6 host failed, because no such thing was
  available. Now, the Red Hat Enterprise Virtualization Hypervisor 7 RPM is
  available in the rhel-6-server-rhevh-rpms channel, and can be installed on
  a Red Hat Enterprise Linux 6 host. (BZ#1193678)

In addition, this update adds the following enhancement:

• With this release, the Red Hat Enterprise Virtualizaton Hypervisor now
  includes the drivers for the Dell Shared PERC8 RAID Controller.
  (BZ#1186582)

Users of the Red Hat Enterprise Virtualization Hypervisor are advised to
upgrade to this updated package.