oval:org.mitre.oval:def:28198

Definition Id: oval:org.mitre.oval:def:28198

Oval ID:	oval:org.mitre.oval:def:28198
Title:	CESA-2015:1003 -- centos 5 kvm
Description:	KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. An out-of-bounds memory access flaw was found in the way QEMU"s virtual Floppy Disk Controller handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the host"s QEMU process corresponding to the guest. Red Hat would like to thank Jason Geffner of CrowdStrike for reporting this issue. All kvm users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Note: The procedure in the Solution section must be performed before this update will take effect.
Family:	unix	Class:	patch
Reference(s):	CESA-2015:1003 CVE-2015-3456	Version:	3
Platform(s):	CentOS Linux 5	Product(s):	kvm
Definition Synopsis:
The operating system installed on the system is CentOS Linux 5.x AND All dependent packages of kvm kmod-kvm is earlier than 0:83-272.el5.centos for x86_64 AND kmod-kvm-debug is earlier than 0:83-272.el5.centos for x86_64 AND kvm is earlier than 0:83-272.el5.centos for x86_64 AND kvm-qemu-img is earlier than 0:83-272.el5.centos for x86_64 AND kvm-tools is earlier than 0:83-272.el5.centos for x86_64

Definition Id: oval:org.mitre.oval:def:15802

Oval ID:	oval:org.mitre.oval:def:15802
Title:	The operating system installed on the system is CentOS Linux 5.x
Description:	The operating system installed on the system is CentOS Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:centos:centos:5	Version:	7
Platform(s):	CentOS Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND CentOS Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:28198