Rapid7 Vulnerability & Exploit Database

RHSA-2015:1189: kvm security update

Back to Search

RHSA-2015:1189: kvm security update

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
06/15/2015
Created
07/25/2018
Added
06/26/2015
Modified
07/04/2017

Description

KVM (Kernel-based Virtual Machine) is a full virtualization solution forLinux on AMD64 and Intel 64 systems.A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handledmulti-TMD packets with a length above 4096 bytes. A privileged guest userin a guest with an AMD PCNet ethernet card enabled could potentially usethis flaw to execute arbitrary code on the host with the privileges of thehosting QEMU process. (CVE-2015-3209)Red Hat would like to thank Matt Tait of Google's Project Zero securityteam for reporting this issue.All kvm users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. Note: The procedure inthe Solution section must be performed before this update will take effect.

Solution(s)

  • redhat-upgrade-kmod-kvm
  • redhat-upgrade-kmod-kvm-debug
  • redhat-upgrade-kvm
  • redhat-upgrade-kvm-debuginfo
  • redhat-upgrade-kvm-qemu-img
  • redhat-upgrade-kvm-tools

References

  • redhat-upgrade-kmod-kvm
  • redhat-upgrade-kmod-kvm-debug
  • redhat-upgrade-kvm
  • redhat-upgrade-kvm-debuginfo
  • redhat-upgrade-kvm-qemu-img
  • redhat-upgrade-kvm-tools

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;