kmod-kvm-84-8.AXS3

エラータID: AXSA:2010-131:01

Release date: 
Wednesday, March 3, 2010 - 14:24
Subject: 
kmod-kvm-84-8.AXS3
Affected Channels: 
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity: 
High
Description: 

This package provides the kvm kernel modules built for the Linux kernel.
Security issues fixed with this release:
CVE-2010-0297
Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code on the host OS via a crafted USB packet.
CVE-2010-0298
The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306.

Solution: 

Update packages.

CVEs: 
CVE-2010-0297
Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code on the host OS via a crafted USB packet.
CVE-2010-0298
The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306.
Additional Info: 

N/A

Download: 

SRPMS
  1. kvm-84-8.AXS3.src.rpm
    MD5: be42559cbcfa9195434f42ad30af4b3f
    SHA-256: 72671b8a7d64b4f957b198e76683db19a185a20f2b08386b43ed50896b931003
    Size: 4.25 MB

Asianux Server 3 for x86
  1. kmod-kvm-84-8.AXS3.i686.rpm
    MD5: 5f930e0d06d3c7c38d5a34f760990022
    SHA-256: e37b90aa1791971ef18b3fb6a46801876c93ad56df5be8c4c22132ce2810801b
    Size: 0.96 MB
  2. kmod-kvm-PAE-84-8.AXS3.i686.rpm
    MD5: 6788c1ea2f8bf1d982c255fa0f3a859e
    SHA-256: 297a2442434cc2c6adb4efc8a60f1a4821420fa128f95af936b23d17767cf8ad
    Size: 0.96 MB

Asianux Server 3 for x86_64
  1. kmod-kvm-84-8.AXS3.x86_64.rpm
    MD5: 08c34414d08e8693679834a07fccd2c2
    SHA-256: fe598fa5ae573615b48429c0b8e37fffbd6d59dbe49758e9d4292914e9c0fcef
    Size: 0.98 MB