[El-errata] ELSA-2010-0088 Important: Enterprise Linux 5 kvm security and bug fix update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Tue Feb 9 18:23:23 PST 2010
Enterprise Linux Security Advisory ELSA-2010-0088
https://rhn.redhat.com/errata/RHSA-2010-0088.html
The following updated rpms for Enterprise Linux 5 have been uploaded to
the Unbreakable Linux Network:
x86_64:
kmod-kvm-83-105.0.1.el5_4.22.x86_64.rpm
kvm-83-105.0.1.el5_4.22.x86_64.rpm
kvm-qemu-img-83-105.0.1.el5_4.22.x86_64.rpm
kvm-tools-83-105.0.1.el5_4.22.x86_64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/kvm-83-105.0.1.el5_4.22.src.rpm
Description of changes:
[kvm-83-105.0.1.el5_4.22]
- Add kvm-add-oracle-workaround-for-libvirt-bug.patch
[kvm-83-105.el5_4.22]
- kvm-CVE-2010-0297-usb-linux.c-fix-buffer-overflow.patch [bz#560769]
- Resolves: bz#560769
(CVE-2010-0297 kvm-userspace-rhel5: usb-linux.c: fix buffer overflow
[rhel-5.4.z])
[kvm-83-105.el5_4.21]
- kvm-kernel-KVM-introduce-kvm_read_guest_virt-kvm_write_guest_vi.patch
[bz#559093]
- kvm-kernel-KVM-remove-the-vmap-usage.patch [bz#559093]
- kvm-kernel-KVM-Use-kvm_-read-write-_guest_virt-to-read-and-writ.patch
[bz#559093]
- kvm-kernel-KVM-fix-memory-access-during-x86-emulation.patch [bz#559093]
- kvm-kernel-Check-IOPL-level-during-io-instruction-emulation.patch
[bz#560697]
- kvm-kernel-Fix-popf-emulation.patch [bz#560697]
- kvm-kernel-Check-CPL-level-during-privilege-instruction-emulati.patch
[bz#560697]
- kvm-kernel-KVM-PIT-control-word-is-write-only.patch [bz#560888]
- Resolves: bz#559093
(EMBARGOED CVE-2010-0298 kvm: emulator privilege escalation [rhel-5.4.z])
- Resolves: bz#560697
(EMBARGOED CVE-2010-0306 kvm: emulator privilege escalation IOPL/CPL
level check [rhel-5.4.z])
- Resolves: bz#560888
(CVE-2010-0309 kvm: cat /dev/port in guest cause the host hang
[rhel-5.4.z])
[kvm-83-105.el5_4.20]
- Updated kversion to 2.6.18-164.11.1.el5 to match build root
- kvm-qemu-add-routines-for-atomic-16-bit-accesses.patch [bz#561022]
- kvm-qemu-virtio-atomic-access-for-index-values.patch [bz#561022]
- Resolves: bz#561022
(QEMU terminates without warning with virtio-net and SMP enabled)
[kvm-83-105.el5_4.19]
- Updated kversion to 2.6.18-164.10.1.el5 to match build root
- kvm-Fix-VDI-audio-stop.patch [bz#552519]
- Resolves: bz#552519
(KVM : QEMU-Audio attempting to stop unactivated audio device
(snd_playback_stop: ASSERT playback_channel->base.active failed).)
[kvm-83-105.el5_4.18]
- kvm-Fix-a-race-in-the-device-that-cuased-guest-stack-on-.patch [bz#553249]
- Resolves: bz#553249
(hypercall device - Vm becomes non responsive on Sysmark benchmark
(when more than 7 vm's running simultaneously))
[kvm-83-105.el5_4.17]
- kvm-kernel-KVM-x86-make-double-triple-fault-promotion-generic-t.patch
[bz#552518]
- kvm-kernel-KVM-x86-raise-TSS-exception-for-NULL-CS-and-SS-segme.patch
[bz#552518]
- Resolves: bz#552518
(Rhev-Block driver causes 'unhandled vm exit' with 32bit win2k3r2sp2
Guest VM on restart)
- kvm-RHEL-5.X-5.4.Z-Makefile-fix-ksm-dir-has-no-ARCH-pref.patch [bz#552530]
- Resolves: bz#552530
(Build tree for RHEL 5.X and RHEL 5.4.z contains build bugs)
[kvm-83-105.el5_4.16]
- kvm-savevm-add-version_id-to-all-savevm-functions.patch [bz#552529]
- kvm-We-need-current-machine-defined-sooner.patch [bz#552529]
- kvm-Add-support-for-DeviceVersion-to-machine-type.patch [bz#552529]
- kvm-Add-machine-name-alias-support.patch [bz#552529]
- kvm-Introduce-rhel5.4.0-machine-type.patch [bz#552529]
- kvm-Introduce-rhel-5.4.4-machine-type.patch [bz#552529]
- kvm-cpu-for-x86-don-t-save-new-fields-if-version-8.patch [bz#552529]
- kvm-RHEL5.4-needs-cpu-at-version-7.patch [bz#552529]
- kvm-RHEL-5.4.0-don-t-have-kvmclock.patch [bz#552529]
- kvm-make-5.4.0-machine-the-default.patch [bz#552529]
- kvm-make-pc-an-alias-of-rhel5.4.0.patch [bz#552529]
- Resolves: bz#552529
(kvm: migration: mechanism to make older savevm versions to be emitted
on some cases)
[kvm-83-105.el5_4.15]
- kvm-The-driver-device-pair-does-not-have-a-reset-option-.patch [bz#552528]
- kvm-1-The-driver-device-pair-does-not-have-a-reset-option].patch
[bz#552528]
- Resolves: bz#552528
(Hypercall driver doesn't reset device on power-down)
[kvm-83-105.el5_4.14]
- Updated kversion to 2.6.18-164.9.1.el5 to match build root
- kmod: filter only known non-whitelisted symbols [bz#547293]
- Resolves: bz#547293
(kvm kmod package should filter only some specific ksym dependencies)
- kvm-kernel-KERNEL-v2-allow-userspace-to-adjust-kvmclock-offset.patch
[bz#537028]
- kvm-kernel-KVM-MMU-remove-prefault-from-invlpg-handler.patch [bz#548368]
- Resolves: bz#537028
(pvclock msr values are not preserved across remote migration)
- Resolves: bz#548368
(BSOD BAD_POOL_HEADER STOP 0x19 during boot of Windows Server 2008 R2
installer)
- kvm-fix-kvm_arch_save_regs-MSR_COUNT.patch [bz#537028]
- kvm-properly-save-kvm-system-time-msr-registers.patch [bz#537028]
- kvm-get-and-set-clock-upon-migration.patch [bz#537028]
- kvm-slirp-Reassign-same-address-to-same-DHCP-client.patch [bz#546562]
- kvm-Fix-race-between-migration-and-cpu-main-loop.patch [bz#546563]
- kvm-Make-SMBIOS-pass-MS-SVVP-test.patch [bz#545874]
- kvm-fix-rtc-td-hack-on-host-without-high-res-timers.patch [bz#547625]
- kvm-qcow2-Fix-grow_refcount_table-error-handling.patch [bz#552159]
- Resolves: bz#537028
(pvclock msr values are not preserved across remote migration)
- Resolves: bz#545874
(Need to generate SMBIOS table 4 data for windows guests)
- Resolves: bz#546562
(Windows XP unattended install doesn't get an IP address after
rebooting, if using -net user)
- Resolves: bz#546563
(Windows Server 2008 R2 shutdown hangs after restore from migration)
- Resolves: bz#547625
(time drift in win2k364 KVM guest)
- Resolves: bz#552159
(qcow2: infinite recursion on grow_refcount_table() error handling)
More information about the El-errata
mailing list