- Home
- CVEs with nessus.description==An+updated+rhev-hypervisor6+package+that+fixes+one+security+issue+and+various+bugs+is+now+available.%0A%0AThe+Red+Hat+Security+Response+Team+has+rated+this+update+as+having+important+security+impact.+A+Common+Vulnerability+Scoring+System+%28CVSS%29+base+score%2C+which+gives+a+detailed+severity+rating%2C+is+available+from+the+CVE+link+in+the+References+section.%0A%0AThe+rhev-hypervisor6+package+provides+a+Red+Hat+Enterprise+Virtualization+Hypervisor+ISO+disk+image.+The+Red+Hat+Enterprise+Virtualization+Hypervisor+is+a+dedicated+Kernel-based+Virtual+Machine+%28KVM%29+hypervisor.+It+includes+everything+necessary+to+run+and+manage+virtual+machines%3A+A+subset+of+the+Red+Hat+Enterprise+Linux+operating+environment+and+the+Red+Hat+Enterprise+Virtualization+Agent.%0A%0ANote%3A+Red+Hat+Enterprise+Virtualization+Hypervisor+is+only+available+for+the+Intel+64+and+AMD64+architectures+with+virtualization+extensions.%0A%0AUpgrade+Note%3A+If+you+upgrade+the+Red+Hat+Enterprise+Virtualization+Hypervisor+through+the+3.2+Manager+administration+portal%2C+the+Host+may+appear+with+the+status+of+%27Install+Failed%27.+If+this+happens%2C+place+the+host+into+maintenance+mode%2C+then+activate+it+again+to+get+the+host+back+to+an+%27Up%27+state%0A%0AA+stack-based+buffer+overflow+flaw+was+found+in+the+way+the+reds_handle_ticket%28%29+function+in+the+spice-server+library+handled+decryption+of+ticket+data+provided+by+the+client.+A+remote+attacker+able+to+initiate+a+SPICE+connection+to+the+guest+could+use+this+flaw+to+crash+the+guest.+%28CVE-2013-4282%29%0A%0AThis+issue+was+discovered+by+Tomas+Jamrisko+of+Red+Hat.%0A%0AThis+updated+package+provides+updated+components+that+include+fixes+for+various+security+issues.+These+issues+have+no+security+impact+on+Red+Hat+Enterprise+Virtualization+Hypervisor+itself%2C+however.+The+security+fixes+included+in+this+update+address+the+following+CVE+numbers+%3A%0A%0ACVE-2013-4162+and+CVE-2013-4299+%28kernel+issues%29%0A%0ACVE-2013-4296+and+CVE-2013-4311+%28libvirt+issues%29%0A%0ACVE-2013-4288+%28polkit+issue%29%0A%0AThis+update+also+contains+the+fixes+from+the+following+advisories+%3A%0A%0A%2A+vdsm%3A+https%3A%2F%2Frhn.redhat.com%2Ferrata%2FRHBA-2013-1462.html%0A%0A%2A+ovirt-node%3A+https%3A%2F%2Frhn.redhat.com%2Ferrata%2FRHBA-2013-1461.html%0A%0AUsers+of+the+Red+Hat+Enterprise+Virtualization+Hypervisor+are+advised+to+upgrade+to+this+updated+package%2C+which+corrects+these+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top