Detections
Analytics

Scientific Linux Security Update : kvm on SL5.x x86_64 (20150422)

medium Nessus Plugin ID 83029

Language:

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

It was found that KVM's Write to Model Specific Register (WRMSR) instruction emulation would write non-canonical values passed in by the guest to certain MSRs in the host's context. A privileged guest user could use this flaw to crash the host. (CVE-2014-3610)

A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611)

Note: The following procedure must be performed before this update will take effect :

1) Stop all KVM guest virtual machines.

2) Either reboot the hypervisor machine or, as the root user, remove (using 'modprobe -r [module]') and reload (using 'modprobe [module]') all of the following modules which are currently running (determined using 'lsmod'): kvm, ksm, kvm-intel or kvm-amd.

3) Restart the KVM guest virtual machines.

or you may restart your system.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?1f75ab44

Plugin Details

Severity: Medium

ID: 83029

File Name: sl_20150422_kvm_on_SL5_x.nasl

Version: 1.5

Type: local

Agent: unix

Published: 4/23/2015

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:fermilab:scientific_linux:kmod-kvm, p-cpe:/a:fermilab:scientific_linux:kmod-kvm-debug, p-cpe:/a:fermilab:scientific_linux:kvm, p-cpe:/a:fermilab:scientific_linux:kvm-debuginfo, p-cpe:/a:fermilab:scientific_linux:kvm-qemu-img, p-cpe:/a:fermilab:scientific_linux:kvm-tools, x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 4/22/2015

Vulnerability Publication Date: 11/10/2014

Reference Information

CVE: CVE-2014-3610, CVE-2014-3611