| Description: | Description:
The remote host is missing updates announced in
advisory RHSA-2010:0088.
KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Red Hat Enterprise Linux kernel.
The x86 emulator implementation was missing a check for the Current
Privilege Level (CPL) and I/O Privilege Level (IOPL). A user in a guest
could leverage these flaws to cause a denial of service (guest crash) or
possibly escalate their privileges within that guest. (CVE-2010-0298,
CVE-2010-0306)
A flaw was found in the Programmable Interval Timer (PIT) emulation. Access
to the internal data structure pit_state, which represents the data state
of the emulated PIT, was not properly validated in the pit_ioport_read()
function. A privileged guest user could use this flaw to crash the host.
(CVE-2010-0309)
A flaw was found in the USB passthrough handling code. A specially-crafted
USB packet sent from inside a guest could be used to trigger a buffer
overflow in the usb_host_handle_control() function, which runs under the
QEMU-KVM context on the host. A user in a guest could leverage this flaw to
cause a denial of service (guest hang or crash) or possibly escalate their
privileges within the host. (CVE-2010-0297)
All KVM users should upgrade to these updated packages, which contain
backported patches to resolve these issues. Note: The procedure in the
Solution section must be performed before this update will take effect.
Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
http://rhn.redhat.com/errata/RHSA-2010-0088.html
http://www.redhat.com/security/updates/classification/#important
Risk factor : High
CVSS Score:
7.2
|
