Security update for kvm
SUSE Security Update: Security update for kvm
kvm has been updated to fix issues in the embedded qemu:
*
CVE-2014-0223: An integer overflow flaw was found in the QEMU block
driver for QCOW version 1 disk images. A user able to alter the QEMU disk
image files loaded by a guest could have used this flaw to corrupt QEMU
process memory on the host, which could potentially have resulted in
arbitrary code execution on the host with the privileges
of the QEMU process.
*
CVE-2014-3461: A user able to alter the savevm data (either on the
disk or over the wire during migration) could have used this flaw to to
corrupt QEMU process memory on the (destination) host, which could have
potentially resulted in arbitrary code execution on the host with the
privileges of the QEMU process.
*
CVE-2014-0222: An integer overflow flaw was found in the QEMU block
driver for QCOW version 1 disk images. A user able to alter the QEMU disk
image files loaded by a guest could have used this flaw to corrupt QEMU
process memory on the host, which could have potentially resulted in
arbitrary code execution on the host with the privileges
of the QEMU process.
Non-security bugs fixed:
* Fix exceeding IRQ routes that could have caused freezes of guests.
(bnc#876842)
* Fix CPUID emulation bugs that may have broken Windows guests with
newer -cpu types (bnc#886535)
Security Issues:
* CVE-2014-0222
* CVE-2014-0223
* CVE-2014-3461
Announcement ID: | SUSE-SU-2014:1278-1 |
Rating: | moderate |
References: | #876842 #877642 #877645 #878541 #886535 |
Affected Products: |
An update that solves three vulnerabilities and has two fixes is now available. It includes one version update.
Description:
kvm has been updated to fix issues in the embedded qemu:
*
CVE-2014-0223: An integer overflow flaw was found in the QEMU block
driver for QCOW version 1 disk images. A user able to alter the QEMU disk
image files loaded by a guest could have used this flaw to corrupt QEMU
process memory on the host, which could potentially have resulted in
arbitrary code execution on the host with the privileges
of the QEMU process.
*
CVE-2014-3461: A user able to alter the savevm data (either on the
disk or over the wire during migration) could have used this flaw to to
corrupt QEMU process memory on the (destination) host, which could have
potentially resulted in arbitrary code execution on the host with the
privileges of the QEMU process.
*
CVE-2014-0222: An integer overflow flaw was found in the QEMU block
driver for QCOW version 1 disk images. A user able to alter the QEMU disk
image files loaded by a guest could have used this flaw to corrupt QEMU
process memory on the host, which could have potentially resulted in
arbitrary code execution on the host with the privileges
of the QEMU process.
Non-security bugs fixed:
* Fix exceeding IRQ routes that could have caused freezes of guests.
(bnc#876842)
* Fix CPUID emulation bugs that may have broken Windows guests with
newer -cpu types (bnc#886535)
Security Issues:
* CVE-2014-0222
* CVE-2014-0223
* CVE-2014-3461
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-kvm-9739
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-kvm-9739
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP3 (i586 s390x x86_64) [New Version: 1.4.2]:
- kvm-1.4.2-0.17.1
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.4.2]:
- kvm-1.4.2-0.17.1
References:
- http://support.novell.com/security/cve/CVE-2014-0222.html
- http://support.novell.com/security/cve/CVE-2014-0223.html
- http://support.novell.com/security/cve/CVE-2014-3461.html
- https://bugzilla.suse.com/show_bug.cgi?id=876842
- https://bugzilla.suse.com/show_bug.cgi?id=877642
- https://bugzilla.suse.com/show_bug.cgi?id=877645
- https://bugzilla.suse.com/show_bug.cgi?id=878541
- https://bugzilla.suse.com/show_bug.cgi?id=886535
- http://download.suse.com/patch/finder/?keywords=edfe5d595d3bf57ca949f09aec30ca76