Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title kvm security update
Informations
Name RHSA-2014:0163 First vendor Publication 2014-02-12
Vendor RedHat Last vendor Modification 2014-02-12
Severity (Vendor) Important Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 1.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated kvm packages that fix two security issues are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Multi OS (v. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64

3. Description:

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel.

A divide-by-zero flaw was found in the apic_get_tmcct() function in KVM's Local Advanced Programmable Interrupt Controller (LAPIC) implementation. A privileged guest user could use this flaw to crash the host. (CVE-2013-6367)

A memory corruption flaw was discovered in the way KVM handled virtual APIC accesses that crossed a page boundary. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-6368)

Red Hat would like to thank Andrew Honig of Google for reporting these issues.

All kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Note: the procedure in the Solution section must be performed before this update will take effect.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258

The following procedure must be performed before this update will take effect:

1) Stop all KVM guest virtual machines.

2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd.

3) Restart the KVM guest virtual machines.

5. Bugs fixed (https://bugzilla.redhat.com/):

1032207 - CVE-2013-6367 kvm: division by zero in apic_get_tmcct() 1032210 - CVE-2013-6368 kvm: cross page vapic_addr access

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2014-0163.html

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-189 Numeric Errors (CWE/SANS Top 25)
50 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:20899
 
Oval ID: oval:org.mitre.oval:def:20899
Title: RHSA-2013:1801: kernel security, bug fix, and enhancement update (Important)
Description: The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
Family: unix Class: patch
Reference(s): RHSA-2013:1801-00
CESA-2013:1801
CVE-2013-2141
CVE-2013-4470
CVE-2013-6367
CVE-2013-6368
Version: 61
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22406
 
Oval ID: oval:org.mitre.oval:def:22406
Title: RHSA-2014:0163: kvm security update (Important)
Description: The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
Family: unix Class: patch
Reference(s): RHSA-2014:0163-00
CESA-2014:0163
CVE-2013-6367
CVE-2013-6368
Version: 23
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23501
 
Oval ID: oval:org.mitre.oval:def:23501
Title: ELSA-2014:0163: kvm security update (Important)
Description: The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
Family: unix Class: patch
Reference(s): ELSA-2014:0163-00
CVE-2013-6367
CVE-2013-6368
Version: 13
Platform(s): Oracle Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23924
 
Oval ID: oval:org.mitre.oval:def:23924
Title: ELSA-2013:1801: kernel security, bug fix, and enhancement update (Important)
Description: The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
Family: unix Class: patch
Reference(s): ELSA-2013:1801-00
CVE-2013-2141
CVE-2013-4470
CVE-2013-6367
CVE-2013-6368
Version: 21
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27259
 
Oval ID: oval:org.mitre.oval:def:27259
Title: DEPRECATED: ELSA-2013-1801 -- kernel security, bug fix, and enhancement update (important)
Description: [2.6.32-431.1.2] - [x86] kvm: fix cross page vapic_addr access (Paolo Bonzini) [1032214 1032215] {CVE-2013-6368} - [x86] kvm: fix division by zero in apic_get_tmcct (Paolo Bonzini) [1032212 1032213] {CVE-2013-6367}
Family: unix Class: patch
Reference(s): ELSA-2013-1801
CVE-2013-2141
CVE-2013-4470
CVE-2013-6367
CVE-2013-6368
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27343
 
Oval ID: oval:org.mitre.oval:def:27343
Title: ELSA-2013-2589 -- unbreakable enterprise kernel security update (important)
Description: kernel-uek [2.6.32-400.33.4uek] - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls (Emese Revfy) [Orabug: 17951083] {CVE-2013-2141} - ip_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951078] {CVE-2013-4470} - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (Andy Honig) [Orabug: 17951073] {CVE-2013-6367}
Family: unix Class: patch
Reference(s): ELSA-2013-2589
CVE-2013-2141
CVE-2013-4470
CVE-2013-6367
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
mlnx_en
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27376
 
Oval ID: oval:org.mitre.oval:def:27376
Title: DEPRECATED: ELSA-2014-0163 -- kvm security update (important)
Description: [kvm-83-266.0.1.el5_10.1] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-266_10.1.el5] - KVM: x86: prevent cross page vapic_addr access (CVE-2013-6368) [bz#1032219] - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) [bz#1032216] - Resolves: bz#1032219 (CVE-2013-6368 kvm: cross page vapic_addr access [rhel-5.10]) - Resolves: bz#1032216 CVE-2013-6367 kvm: division by zero in apic_get_tmcct() [rhel-5.10.z]
Family: unix Class: patch
Reference(s): ELSA-2014-0163
CVE-2013-6367
CVE-2013-6368
Version: 4
Platform(s): Oracle Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27413
 
Oval ID: oval:org.mitre.oval:def:27413
Title: ELSA-2013-2588 -- unbreakable enterprise kernel security update (important)
Description: [2.6.39-400.211.3] - ip6_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951806] {CVE-2013-4470} - ip_output: do skb ufo init for peeked non ufo skb as well (Jiri Pirko) [Orabug: 17951818] {CVE-2013-4470} - KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) (Andy Honig) [Orabug: 17951705] {CVE-2013-6367}
Family: unix Class: patch
Reference(s): ELSA-2013-2588
CVE-2013-4470
CVE-2013-6367
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 1996
Os 1

Nessus® Vulnerability Scanner

Date Description
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2017-02-10 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0437-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0287-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0189-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0140-1.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0284.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1802.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-113.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-114.nasl - Type : ACT_GATHER_INFO
2014-04-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2906.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2138-1.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2136-1.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2135-1.nasl - Type : ACT_GATHER_INFO
2014-03-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2133-1.nasl - Type : ACT_GATHER_INFO
2014-03-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2129-1.nasl - Type : ACT_GATHER_INFO
2014-03-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2128-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2109-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2117-1.nasl - Type : ACT_GATHER_INFO
2014-02-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2113-1.nasl - Type : ACT_GATHER_INFO
2014-02-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0163.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140212_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0163.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3002.nasl - Type : ACT_GATHER_INFO
2014-02-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0163.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140125.nasl - Type : ACT_GATHER_INFO
2014-02-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140124.nasl - Type : ACT_GATHER_INFO
2014-01-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140116.nasl - Type : ACT_GATHER_INFO
2014-01-14 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-001.nasl - Type : ACT_GATHER_INFO
2013-12-23 Name : The remote Fedora host is missing a security update.
File : fedora_2013-23445.nasl - Type : ACT_GATHER_INFO
2013-12-23 Name : The remote Fedora host is missing a security update.
File : fedora_2013-23653.nasl - Type : ACT_GATHER_INFO
2013-12-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2589.nasl - Type : ACT_GATHER_INFO
2013-12-18 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2587.nasl - Type : ACT_GATHER_INFO
2013-12-17 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-2588.nasl - Type : ACT_GATHER_INFO
2013-12-17 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131212_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-12-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1801.nasl - Type : ACT_GATHER_INFO
2013-12-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1801.nasl - Type : ACT_GATHER_INFO
2013-12-13 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1801.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:57:50
  • Multiple Updates
2014-02-12 21:19:57
  • First insertion