 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.881221 |
| Category: | CentOS Local Security Checks |
| Title: | CentOS Update for kmod-kvm CESA-2012:0051 centos5 |
| Summary: | The remote host is missing an update for the 'kmod-kvm'; package(s) announced via the referenced advisory. |
| Description: | Summary: The remote host is missing an update for the 'kmod-kvm' package(s) announced via the referenced advisory. Vulnerability Insight: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-0029) A flaw was found in the way the KVM subsystem of a Linux kernel handled PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was no virtual interrupt controller set up. A malicious user in the kvm group on the host could force this situation to occur, resulting in the host crashing. (CVE-2011-4622) Red Hat would like to thank Nicolae Mogoreanu for reporting CVE-2012-0029. All KVM users should upgrade to these updated packages, which contain backported patches to correct these issues. Note: The procedure in the Solution section must be performed before this update will take effect. Affected Software/OS: kmod-kvm on CentOS 5 Solution: Please install the updated packages. CVSS Score: 7.4 CVSS Vector: AV:A/AC:M/Au:S/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-4622 1026559 http://www.securitytracker.com/id?1026559 51172 http://www.securityfocus.com/bid/51172 RHSA-2012:0051 http://www.redhat.com/support/errata/RHSA-2012-0051.html SUSE-SU-2012:0616 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html [kvm] 20111214 [PATCH 1/2] KVM: x86: Prevent starting PIT timers in the absence of irqchip support http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/83564 [oss-security] 20111221 Re: kernel: kvm: pit timer with no irqchip crashes the system http://www.openwall.com/lists/oss-security/2011/12/21/7 https://bugzilla.redhat.com/show_bug.cgi?id=769721 openSUSE-SU-2013:0925 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2012-0029 47740 http://secunia.com/advisories/47740 47741 http://secunia.com/advisories/47741 47992 http://secunia.com/advisories/47992 48318 http://secunia.com/advisories/48318 50913 http://secunia.com/advisories/50913 51642 http://www.securityfocus.com/bid/51642 FEDORA-2012-8604 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html RHSA-2012:0050 http://www.redhat.com/support/errata/RHSA-2012-0050.html RHSA-2012:0370 http://rhn.redhat.com/errata/RHSA-2012-0370.html SUSE-SU-2012:1320 http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00002.html USN-1339-1 http://www.ubuntu.com/usn/USN-1339-1 http://git.qemu.org/?p=qemu.git%3Ba=log%3Bh=refs/heads/stable-1.0 https://bugzilla.redhat.com/show_bug.cgi?id=772075 openSUSE-SU-2012:0207 http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html qemu-processtxdesc-bo(72656) https://exchange.xforce.ibmcloud.com/vulnerabilities/72656 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |