RHSA-2016:0082: qemu-kvm security update

KVM (Kernel-based Virtual Machine) is a full virtualization solution forLinux on AMD64 and Intel 64 systems. The qemu-kvm package provides theuser-space component for running virtual machines using KVM.An out-of-bounds read/write flaw was discovered in the way QEMU's FirmwareConfiguration device emulation processed certain firmware configurations.A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash theQEMU process instance or, potentially, execute arbitrary code on the hostwith privileges of the QEMU process. (CVE-2016-1714)Red Hat would like to thank Donghai Zhu of Alibaba for reporting thisissue.All qemu-kvm users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. After installing thisupdate, shut down all running virtual machines. Once all virtual machineshave shut down, start them again for this update to take effect.