what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2013-0888-01

Red Hat Security Advisory 2013-0888-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0888-01 - Red Hat Enterprise Virtualization Manager is a visual tool for centrally managing collections of virtual servers running Red Hat Enterprise Linux and Microsoft Windows. This package also includes the Red Hat Enterprise Virtualization Manager API, a set of scriptable commands that give administrators the ability to perform queries and operations on Red Hat Enterprise Virtualization Manager. It was found that permission checks were not performed on the target storage domain when cloning a virtual machine from a snapshot. An attacker could use this flaw to perform a denial of service attack, exhausting free disk space on the target storage domain.

tags | advisory, denial of service
systems | linux, redhat, windows
advisories | CVE-2013-2144
SHA-256 | d809108a0c0da5f0884217562d2f7b6e41d76a02d2f52d145bd8f09df5362cb8

Red Hat Security Advisory 2013-0888-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: Red Hat Enterprise Virtualization Manager 3.2 update
Advisory ID: RHSA-2013:0888-01
Product: Red Hat Enterprise Virtualization
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0888.html
Issue date: 2013-06-10
CVE Names: CVE-2013-2144
=====================================================================

1. Summary:

Red Hat Enterprise Virtualization Manager 3.2 is now available.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

RHEV-M 3.2 - noarch

3. Description:

Red Hat Enterprise Virtualization Manager is a visual tool for centrally
managing collections of virtual servers running Red Hat Enterprise Linux
and Microsoft Windows. This package also includes the Red Hat Enterprise
Virtualization Manager API, a set of scriptable commands that give
administrators the ability to perform queries and operations on Red Hat
Enterprise Virtualization Manager.

It was found that permission checks were not performed on the target
storage domain when cloning a virtual machine from a snapshot. An attacker
could use this flaw to perform a denial of service attack, exhausting free
disk space on the target storage domain. (CVE-2013-2144)

The CVE-2013-2144 issue was discovered by Daniel Erez of Red Hat.

This update also fixes various bugs. Refer to the Technical Notes for
information about these changes:

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.2/html/Technical_Notes/chap-RHSA-2013-0888.html

All Red Hat Enterprise Virtualization Manager users are advised to upgrade
to these updated packages, which resolve these issues.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

829625 - RESTAPI: API should expose hypervisor version
837907 - PRD32 - RFE: Add support for iLO2 and iLO4 as a fencing (Power Management) options [TEXT]
838457 - PRD32 - webadmin: the default of the tree should be expanded with DCs, at least
838469 - PRD32 - [RFE] Support cpu -host (passthrough) for virtual machines
838470 - PRD32 - [RFE] Allow e1000 to be selected as nic type for Windows VM
839205 - ovirt-engine-restapi : [RFE] There is no way to know which hooks are installed on a host
843058 - Can't run large amount of VMs simultaneously. Getting error Cant find VDS to run the VM.
843410 - PRD32 - Allow non plugin automatic invocation of console session (basic - no cd, disconnect reason, etc.)
845022 - ovirt-engine-backend [Quota]: superuser cannot add or run a vm when quota policy is changed to enforce when there is no quota defined
848398 - remove special restrictions on Windows templates names
854489 - PRD32 - webadmin: Add a new Disks tab under the Storage tab in the UI
854535 - PRD32 - bootstrap: support longer bootstrap duration
854540 - PRD32 - pki: use PKCS#12 format to store keys
854964 - [Storage] There is a scenario when VM might have several bootable disks which is wrong.
855630 - [RFE] Add tool tip for configuration a Quota feature
858742 - PRD32 - Networks Main Tab
859762 - ovirt-engine-backend : search engine does not complete values for disks:bootable and disks:sharable
861098 - RESTAPI: Mapping of empty name in user object
861576 - PRD32 - packaging: use yum API
862797 - Rhev-m admin GUI logs actions done by <UNKNOWN> in the Events tab
866123 - PRD32 - RFE: Allow plugins to add events into the engine's event log
866889 - PRD32 - vdsm-bootstrap rewrite
867543 - PRD32 - RFE: collect host bios information
868626 - RESTAPI: api should allow detailed resource listing via header/matrix parameter
870159 - 3.2 - storage: set block schedule elevator using udev
870352 - [ja_JP] Test case failure: Check the message for Alert/Events/Tasks: The Date part of the message contains minutes in the month-section.
871371 - PRD32 - RFE: allow to define termination protection per vm (block delete without a config change)
871802 - [engine-core] Null Pointer Exception when during “preview mode” action, service ovirt-engine restart (TryBackToAllSnapshotsOfVm threw an exception: java.lang.NullPointerException), and all disks VM enter to Locked state
872506 - Importing a VM from an OVF without the diskAlias property with copyCollapse=false will not auto-generate disk aliases
873581 - PCI addresses are deleted when VM Template is imported
874019 - ovirt-engine-backend: Non-operational Hosts that been switched to 'Maintenance' returns to non-operational status when disconnectStoragePool fails.
874080 - PRD32 - [RFE] engine [Live Storage Migration]: cannot concurrently live migrate several disks of the same VM
875527 - PRD32 - bootstrap: do not get unique id at canDoAction
875528 - PRD32 - bootstrap rewrite (engine)
875814 - Use appropriate caching policy for GWT application resources
876109 - Ovirt-engine-backend: AuditLog throws exception when attempting to Add Direct-Lun to VM.
876235 - PRD32 - Do not force fencing proxy to be in UP status
877818 - [RFE] Need indication that GWT app is loading
878064 - engine: Error while executing action SetVmTicket: Unexpected exception
878509 - Power User Portal (a.k.a User Portal "Extended" tab): Improve performace on IE8 / Windows XP
878778 - engine [RACE]: cancel migration will fail because domain no longer exists in src by the time cancel is sent
879291 - left-pane tree: "expand all" should fully-expand only the selected tree-node (and not the entire tree, unless "System" is selected)
879308 - Tree title should be changed
879930 - ovirt-engine-backend [Scalability]: The queries getstorage_domains_by_storagepoolid && getdisksvmguid caused postmaster processes to consume constantly 100%cpu.
880969 - ovirt-engine-backend [Scalability]:Problematic query 'getallfromvms' causes user portal to become stuck after user login.
881024 - PRD32 - [RFE] Adding the ability to remove a VM without removing its disks
882651 - PRD32 - CDROM payload should not interfere with devices of the same type
882807 - PRD32-GLUSTER - Forced removal of a host
882812 - PRD32-GLUSTER - Configuration sync with Gluster CLI
882813 - PRD32-GLUSTER - Import of existing gluster clusters
882824 - PRD32-GLUSTER - search support for gluster volumes
882837 - PRD32 - engine - if connect storage pool fails on version mismatch, do reconstruct master
882847 - upgrade 3.0 to 3.1: event notification is not sent.
883871 - [RESTAPI] Disk move action missing.
885391 - PRD32 - webadmin: support ui-plugins
886133 - PRD32 - [RFE] Add the ability to scan/import existing disk images in a storage domain using REST-API
886709 - PRD32 - bootstrap: fetch logs to engine
886824 - 'Configure Local Disk' does not work properly in Japanese environment
887230 - Units for statistics of host NICs are wrong: BYTES_PER_SECOND should be MEGABYTES_PER_SECOND.
887741 - ISO uploader: on upgrade, change the default port for 'rhevm' in /etc/ovirt-engine/isouploader.conf to localhost:8443 (and not the default 443)
888689 - [User Portal] An user with UserRole assigned to a pool does not see pool's VMs
889795 - engine: we use gzip -9 to zip files in engine instead of xz (vdsm already uses xz)
889985 - [ovirt-engine] auto-recovery for storage server should change to "True", auto-recovery for hosts should be True by default on engine as in DB.
891279 - [RFE] Backend: 'migration complete' event should include the destination VDS, not the source [TEXT]
891280 - [RFE] [Admin Portal] - Add a Console button in Hosts -->VMs tab.
892532 - [ovirt-engine-backend] DB upgrade from 3.0 to 3.1 fails
892724 - engine: java.lang.IndexOutOfB oundsException for undo/commit of preview on snapshot with no disks
894020 - PRD32 - [RFE] spice seamless migration support in win client
894288 - RHEVM GUI: Failure to language selection in specific case
894345 - PRD32 - [RFE] Spice arbitrary resolution
894396 - PRD32 - [RFE] Spice native usb live migration support in win client
894681 - RFE: Engine should support having configurable entries for ldap servers per domain
895049 - Reports should be able to be installed from scratch on an upgraded system
895103 - Provide native dialog for showDialog() UI plugin API instead of browser window
903287 - When creating a network the default network doesn't get chosen.
905446 - Lexicographic sorting by IP when searching for VMs
905564 - [Upgrade] [Live Storage Migration] Auto generated snapshot for Live Storage migration can not be deleted.
907232 - Custom Materialized Views should be treated differently from regular product Materialized Views
907240 - [SetupNetworks] Slaves data sent by the user is being overridden with engine's data
908745 - RFE: change VdsRefreshTimeout to 3 seconds
912449 - [rhevh] can't upgrade to newer version due to 'ovirt ISOs directory not found'
912697 - When importing a VM with collapseSnapshots=false not all images are actually imported
915036 - REST-API : server replies in yaml instead of xml on GET: /api/vms/xxx/reporteddevices
915675 - Gluster volume is stopped, but brick status on the UI is still 'UP'
915950 - Resizable columns in sub-tabs
916582 - REST API - Omit of prefer header doesn't turn off session based authentication
916728 - [ovirt-engine-backend] Upgrade from 3.1 to 3.2 fails
917522 - [RHEVM] [backend] VNIC plug/unplug is incorrectly reported in logs
917698 - [User Portal] VM action buttons are now missing static IDs (needed for automated testing)
917719 - engine: CreateAllSnapshotsFromVm threw an exception during vdsm restart
919672 - [webadmin] After import vm/template values in subtab general of vm/template stuck.
921201 - rhevm-upgrade is failing between si26.4 to si27.4 (3.1.3) in async task cleanup
923443 - Gateway is not defined after bonding the RHEVM interface.
923614 - procedures are owned by postgres instead of engine user
923992 - engine: engine deletes live storage migration destination copy after finish the copy (storage live migration doesn't work)
924605 - Spice proxy setting in console configuration popup dialog
948282 - Transaction errror during CreateSnapshotFromTemplate (child of AddVmCommand)
950073 - import reported as successful too early
953690 - VM taken by a user from a prestarted pool does not show as "Up" until page refreshed
956378 - please add tool-tips for grid column-headers
957051 - Add spice console invocation method switching to console dialog
957611 - Add the 'mount ISO from SPICE client' functionality back into RHEV
971058 - CVE-2013-2144 rhevm: insufficient target domain permission check when cloning a VM from a snapshot

6. Package List:

RHEV-M 3.2:

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHEV/SRPMS/rhevm-3.2.0-11.30.el6ev.src.rpm

noarch:
rhevm-3.2.0-11.30.el6ev.noarch.rpm
rhevm-backend-3.2.0-11.30.el6ev.noarch.rpm
rhevm-config-3.2.0-11.30.el6ev.noarch.rpm
rhevm-dbscripts-3.2.0-11.30.el6ev.noarch.rpm
rhevm-genericapi-3.2.0-11.30.el6ev.noarch.rpm
rhevm-notification-service-3.2.0-11.30.el6ev.noarch.rpm
rhevm-restapi-3.2.0-11.30.el6ev.noarch.rpm
rhevm-setup-3.2.0-11.30.el6ev.noarch.rpm
rhevm-setup-plugin-allinone-3.2.0-11.30.el6ev.noarch.rpm
rhevm-tools-common-3.2.0-11.30.el6ev.noarch.rpm
rhevm-userportal-3.2.0-11.30.el6ev.noarch.rpm
rhevm-webadmin-portal-3.2.0-11.30.el6ev.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2013-2144.html
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.2/html/Technical_Notes/chap-RHSA-2013-0888.html

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2013 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFRtj7IXlSAg2UNWIIRAiesAJsF2IsIlB29gV2HXx7ogjyjimQ9ugCgo9/K
V5npRp2hAYsl6OKBWL59dJ8=
=fTDx
-----END PGP SIGNATURE-----


--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close