CentOS Local Security Checks : CentOS Update for kvm-83-105.el5

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.880812

Kategorie: CentOS Local Security Checks

Titel: CentOS Update for kvm-83-105.el5_ CESA-2009:1465 centos5 i386

Zusammenfassung: The remote host is missing an update for the 'kvm-83-105.el5_'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'kvm-83-105.el5_'
package(s) announced via the referenced advisory.

Vulnerability Insight:
KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Red Hat Enterprise Linux kernel.

The kvm_emulate_hypercall() implementation was missing a check for the
Current Privilege Level (CPL). A local, unprivileged user in a virtual
machine could use this flaw to cause a local denial of service or escalate
their privileges within that virtual machine. (CVE-2009-3290)

This update also fixes the following bugs:

* non-maskable interrupts (NMI) were not supported on systems with AMD
processors. As a consequence, Windows Server 2008 R2 guests running with
more than one virtual CPU assigned on systems with AMD processors would
hang at the Windows shut down screen when a restart was attempted. This
update adds support for NMI filtering on systems with AMD processors,
allowing clean restarts of Windows Server 2008 R2 guests running with
multiple virtual CPUs. (BZ#520694)

* significant performance issues for guests running 64-bit editions of
Windows. This update improves performance for guests running 64-bit
editions of Windows. (BZ#521793)

* Windows guests may have experienced time drift. (BZ#521794)

* removing the Red Hat VirtIO Ethernet Adapter from a guest running Windows
Server 2008 R2 caused KVM to crash. With this update, device removal should
not cause this issue. (BZ#524557)

All KVM users should upgrade to these updated packages, which contain
backported patches to resolve these issues. Note: The procedure in the
Solution section must be performed before this update takes effect.

Affected Software/OS:
kvm-83-105.el5_ on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-3290
http://www.openwall.com/lists/oss-security/2009/09/18/1
http://www.openwall.com/lists/oss-security/2009/09/21/1
http://www.openwall.com/lists/oss-security/2009/09/22/8
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11328
http://www.redhat.com/support/errata/RHSA-2009-1465.html
http://secunia.com/advisories/37105
http://www.ubuntu.com/usn/USN-852-1

Copyright Copyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.880812
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for kvm-83-105.el5_ CESA-2009:1465 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'kvm-83-105.el5_'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kvm-83-105.el5_' package(s) announced via the referenced advisory. Vulnerability Insight: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. The kvm_emulate_hypercall() implementation was missing a check for the Current Privilege Level (CPL). A local, unprivileged user in a virtual machine could use this flaw to cause a local denial of service or escalate their privileges within that virtual machine. (CVE-2009-3290) This update also fixes the following bugs: * non-maskable interrupts (NMI) were not supported on systems with AMD processors. As a consequence, Windows Server 2008 R2 guests running with more than one virtual CPU assigned on systems with AMD processors would hang at the Windows shut down screen when a restart was attempted. This update adds support for NMI filtering on systems with AMD processors, allowing clean restarts of Windows Server 2008 R2 guests running with multiple virtual CPUs. (BZ#520694) * significant performance issues for guests running 64-bit editions of Windows. This update improves performance for guests running 64-bit editions of Windows. (BZ#521793) * Windows guests may have experienced time drift. (BZ#521794) * removing the Red Hat VirtIO Ethernet Adapter from a guest running Windows Server 2008 R2 caused KVM to crash. With this update, device removal should not cause this issue. (BZ#524557) All KVM users should upgrade to these updated packages, which contain backported patches to resolve these issues. Note: The procedure in the Solution section must be performed before this update takes effect. Affected Software/OS: kvm-83-105.el5_ on CentOS 5 Solution: Please install the updated packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3290 http://www.openwall.com/lists/oss-security/2009/09/18/1 http://www.openwall.com/lists/oss-security/2009/09/21/1 http://www.openwall.com/lists/oss-security/2009/09/22/8 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11328 http://www.redhat.com/support/errata/RHSA-2009-1465.html http://secunia.com/advisories/37105 http://www.ubuntu.com/usn/USN-852-1
Copyright	Copyright (C) 2011 Greenbone Networks GmbH