KVM (Kernel-based Virtual Machine) is a full virtualization solution forLinux on AMD64 and Intel 64 systems. qemu-kvm is the user-space componentfor running virtual machines using KVM.It was found that the virtio subsystem in qemu-kvm did not properlyvalidate virtqueue in and out requests from the guest. A privileged guestuser could use this flaw to trigger a buffer overflow, allowing them tocrash the guest (denial of service) or, possibly, escalate their privilegeson the host. (CVE-2011-2212)It was found that the virtio_queue_notify() function in qemu-kvm did notperform sufficient input validation on the value later used as an indexinto the array of virtqueues. An unprivileged guest user could use thisflaw to crash the guest (denial of service) or, possibly, escalate theirprivileges on the host. (CVE-2011-2512)Red Hat would like to thank Nelson Elhage for reporting CVE-2011-2212.This update also fixes the following bug:All users of qemu-kvm should upgrade to these updated packages, whichcontain backported patches to resolve these issues. After installing thisupdate, shut down all running virtual machines. Once all virtual machineshave shut down, start them again for this update to take effect.