Security update for KVM

SUSE Security Update: Security update for KVM
Announcement ID: SUSE-SU-2014:0816-1
Rating: moderate
References: #864391 #864649 #864650 #864653 #864655 #864665 #864671 #864673 #864678 #864682 #864769 #864796 #864801 #864802 #864804 #864805 #864811 #864812 #864814 #873235 #874749 #874788
Affected Products:
  • SUSE Linux Enterprise Server 11 SP3
  • SUSE Linux Enterprise Desktop 11 SP3
    		•

    An update that solves two vulnerabilities and has 20 fixes is now available. It includes one version update.

    Description:


    Several security issues in KVM have been fixed. Some issues could have
    resulted in arbitrary code execution or crash of the kvm host.

    * virtio-net: buffer overflow in virtio_net_handle_mac() function
    (CVE-2014-0150)
    * Fixed out of bounds buffer accesses, guest triggerable via IDE SMART
    (CVE-2014-2894)
    *

    Fixed various virtio-net buffer overflows
    (CVE-2013-4148,CVE-2013-4149,CVE-2013-4150,CVE-2013-4151)

    *

    Fixed ahci buffer overrun (CVE-2013-4526)

    * Fixed hpet buffer overrun (CVE-2013-4527)
    * Fixed a PCIE-AER buffer overrun (CVE-2013-4529)
    * Fixed a buffer overrun in pl022 (CVE-2013-4530)
    * Fixed a vmstate buffer overflow (CVE-2013-4531)
    * Fixed a pxa2xx buffer overrun (CVE-2013-4533)
    * Fixed a openpic buffer overrun (CVE-2013-4534)
    * Validate virtio num_sg mapping (CVE-2013-4535 / CVE-2013-4536)
    * Fixed ssi-sd buffer overrun (CVE-2013-4537)
    * Fixed ssd0323 buffer overrun (CVE-2013-4538)
    * Fixed tsc210x buffer overrun (CVE-2013-4539)
    * Fixed Zaurus buffer overrun (CVE-2013-4540)
    * Some USB sanity checking added (CVE-2013-4541)
    * Fixed virtio scsi buffer overrun (CVE-2013-4542)
    * Fixed another virtio buffer overrun (CVE-2013-6399)
    * Validate config_len on load in virtio (CVE-2014-0182)

    Security Issue references:

    * CVE-2014-0150

    * CVE-2014-2894

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Server 11 SP3:
      zypper in -t patch slessp3-kvm-9302
    • SUSE Linux Enterprise Desktop 11 SP3:
      zypper in -t patch sledsp3-kvm-9302

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Server 11 SP3 (i586 s390x x86_64) [New Version: 1.4.2]:
      • kvm-1.4.2-0.15.2
    • SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.4.2]:
      • kvm-1.4.2-0.15.2

    References:

    • http://support.novell.com/security/cve/CVE-2014-0150.html
    • http://support.novell.com/security/cve/CVE-2014-2894.html
    • https://bugzilla.novell.com/864391
    • https://bugzilla.novell.com/864649
    • https://bugzilla.novell.com/864650
    • https://bugzilla.novell.com/864653
    • https://bugzilla.novell.com/864655
    • https://bugzilla.novell.com/864665
    • https://bugzilla.novell.com/864671
    • https://bugzilla.novell.com/864673
    • https://bugzilla.novell.com/864678
    • https://bugzilla.novell.com/864682
    • https://bugzilla.novell.com/864769
    • https://bugzilla.novell.com/864796
    • https://bugzilla.novell.com/864801
    • https://bugzilla.novell.com/864802
    • https://bugzilla.novell.com/864804
    • https://bugzilla.novell.com/864805
    • https://bugzilla.novell.com/864811
    • https://bugzilla.novell.com/864812
    • https://bugzilla.novell.com/864814
    • https://bugzilla.novell.com/873235
    • https://bugzilla.novell.com/874749
    • https://bugzilla.novell.com/874788
    • http://download.suse.com/patch/finder/?keywords=2ef41e47e4c1105aba4dcd76e8c0e05e