エラータID: AXSA:2017-2446:08

Release date: 
Thursday, December 7, 2017 - 10:12
Affected Channels: 
Asianux Server 7 for x86_64

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM.

Security Fix(es):

* Quick Emulator (QEMU), compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur due to an integer overflow while loading a kernel image during a guest boot. A user or process could use this flaw to potentially achieve arbitrary code execution on a host. (CVE-2017-14167)

* Quick emulator (QEMU), compiled with the Cirrus CLGD 54xx VGA Emulator support, is vulnerable to an OOB write access issue. The issue could occur while writing to VGA memory via mode4and5 write functions. A privileged user inside guest could use this flaw to crash the QEMU process resulting in Denial of Serivce (DoS). (CVE-2017-15289)

Asianux would like to thank Thomas Garnier (Google.com) for reporting CVE-2017-14167 and Guoxiang Niu (Huawei.com) for reporting CVE-2017-15289.

Integer overflow in the load_multiboot function in hw/i386/multiboot.c
in QEMU (aka Quick Emulator) allows local guest OS users to execute
arbitrary code on the host via crafted multiboot header address
values, which trigger an out-of-bounds write.
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow
local OS guest privileged users to cause a denial of service
(out-of-bounds write access and Qemu process crash) via vectors
related to dst calculation.


Update packages.

Additional Info: 



  1. qemu-kvm-1.5.3-141.el7.4.src.rpm
    MD5: dee3fa27939ca186e9987ec6fa149eeb
    SHA-256: cf61677674dd10da556759540fb2d64e62f08bef4a630275ae66f59ca5511aeb
    Size: 14.63 MB

Asianux Server 7 for x86_64
  1. qemu-img-1.5.3-141.el7.4.x86_64.rpm
    MD5: d39e4d528673e1042596f9ebd1d9557a
    SHA-256: 0166cc47057de63305d0a3c1799cec51fec6e4074c6a001434f335cd911f8c1a
    Size: 676.74 kB
  2. qemu-kvm-1.5.3-141.el7.4.x86_64.rpm
    MD5: 73f7f1c599bbb198bcae760951df88a1
    SHA-256: 997958cec0d5e5e6a0035818d06bcee8486ea8e0c720c01f72df717fd2e04d57
    Size: 1.89 MB
  3. qemu-kvm-common-1.5.3-141.el7.4.x86_64.rpm
    MD5: 8262e0171800561baa91ded4ef494ef4
    SHA-256: a3a8a243ef61866aaa79893c335db3a1d0b4ec785ec68e20b4478129b0424d96
    Size: 414.94 kB
  4. qemu-kvm-tools-1.5.3-141.el7.4.x86_64.rpm
    MD5: 97ee7e39c24f46eb35ca8ebb3ac0a210
    SHA-256: b3f276ac4592f1d3b8389e9c55cec188c36a38d78dbdb49ae520d6cbc1b2e765
    Size: 213.04 kB