RHEL 5 : rhev-hypervisor (RHSA-2011:0439)

medium Nessus Plugin ID 79278

Synopsis

The remote Red Hat host is missing a security update.

Description

An updated rhev-hypervisor package that fixes one security issue and one bug is now available.

The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent.

Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions.

A NULL pointer dereference flaw was found in the Generic Receive Offload (GRO) functionality in the Linux kernel's networking implementation. If both GRO and promiscuous mode were enabled on an interface in a virtual LAN (VLAN), it could result in a denial of service when a malformed VLAN frame is received on that interface.
(CVE-2011-1478)

Red Hat would like to thank Ryan Sweat for reporting CVE-2011-1478.

This updated package provides updated components that include fixes for security issues; however, these issues have no security impact for Red Hat Enterprise Virtualization Hypervisor. These fixes are for dbus issue CVE-2010-4352; kernel issues CVE-2010-4346, CVE-2011-0521, CVE-2011-0710, CVE-2011-1010, and CVE-2011-1090; libvirt issue CVE-2011-1146; and openldap issue CVE-2011-1024.

This update also fixes the following bug :

* Previously, network drivers that had Large Receive Offload (LRO) enabled by default caused the system to run slow when using software bridging. With this update, Red Hat Enterprise Virtualization Hypervisor disables LRO as a part of a modprobe configuration.
(BZ#692864)

Also in this erratum, the rhev-hypervisor-pxe RPM has been dropped.

As Red Hat Enterprise Virtualization Hypervisor includes Red Hat Enterprise Virtualization Manager Agent (VDSM), the bug fixes from the VDSM update RHBA-2011:0424 have been included in this update :

https://rhn.redhat.com/errata/RHBA-2011-0424.html

Users of Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which resolves these issues.

Solution

Update the affected rhev-hypervisor package.

See Also

https://access.redhat.com/security/cve/cve-2011-1478

https://access.redhat.com/errata/RHBA-2011:0424

https://access.redhat.com/errata/RHSA-2011:0439

Plugin Details

Severity: Medium

ID: 79278

File Name: redhat-RHSA-2011-0439.nasl

Version: 1.9

Type: local

Agent: unix

Published: 11/17/2014

Updated: 1/14/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5.7

Temporal Score: 5

Vector: CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:redhat:enterprise_linux:5, p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 4/13/2011

Vulnerability Publication Date: 10/23/2011

Reference Information

CVE: CVE-2011-1478

BID: 47056

RHSA: 2011:0439