RHSA-2015:0868: Important: qemu-kvm-rhev security and bug fix update

First published: Tue Apr 21 2015(Updated: )

KVM (Kernel-based Virtual Machine) is a full virtualization solution for<br>Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the<br>user-space component for running virtual machines using KVM in environments<br>managed by Red Hat Enterprise Virtualization Manager.<br>It was found that the Cirrus blit region checks were insufficient. A<br>privileged guest user could use this flaw to write outside of<br>VRAM-allocated buffer boundaries in the host's QEMU process address space<br>with attacker-provided data. (CVE-2014-8106)<br>This issue was discovered by Paolo Bonzini of Red Hat.<br>This update also fixes the following bug:<br><li> Previously, the effective downtime during the last phase of a live</li> migration would sometimes be much higher than the maximum downtime<br>specified by 'migration_downtime' in vdsm.conf. This problem has been<br>corrected. The value of 'migration_downtime' is now honored and the<br>migration is aborted if the downtime cannot be achieved. (BZ#1142756)<br>All users of qemu-kvm-rhev are advised to upgrade to these updated<br>packages, which contain a backported patch to correct this issue. After<br>installing this update, shut down all running virtual machines. Once all<br>virtual machines have shut down, start them again for this update to take<br>effect.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2015:0868
• agent/severity
• agent/title
• agent/references
• agent/tags
• agent/type
• agent/description
• agent/last-modified-date
• agent/remedy
• agent/softwarecombine
• agent/first-publish-date
• agent/event
• package-manager/redhat