Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CentOS Update for kmod-kvm CESA-2015:0869 centos5

Information

Severity

Severity

Medium

Family

Family

CentOS Local Security Checks

CVSSv2 Base

CVSSv2 Base

4.9

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

7 years ago

Modified

Modified

3 years ago

Summary

Check the version of kmod-kvm

Insight

Insight

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. It was found that KVM's Write to Model Specific Register (WRMSR) instruction emulation would write non-canonical values passed in by the guest to certain MSRs in the host's context. A privileged guest user could use this flaw to crash the host. (CVE-2014-3610) A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611) Red Hat would like to thank Lars Bull of Google and Nadav Amit for reporting the CVE-2014-3610 issue, and Lars Bull of Google for reporting the CVE-2014-3611 issue. All kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Note: The procedure in the Solution section must be performed before this update will take effect.

Affected Software

Affected Software

kmod-kvm on CentOS 5

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Please install the updated packages.

Common Vulnerabilities and Exposures (CVE)