=========================================================== Ubuntu Security Notice USN-776-1 May 12, 2009 kvm vulnerabilities CVE-2008-1945, CVE-2008-2004, CVE-2008-2382, CVE-2008-4539, CVE-2008-5714 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: kvm 1:62+dfsg-0ubuntu8.1 Ubuntu 8.10: kvm 1:72+dfsg-1ubuntu6.1 After a standard system upgrade you need to restart all KVM VMs to effect the necessary changes. Details follow: Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. (CVE-2008-1945, CVE-2008-2004) Alfredo Ortega discovered that KVM's VNC protocol handler did not correctly validate certain messages. A remote attacker could send specially crafted VNC messages that would cause KVM to consume CPU resources, leading to a denial of service. (CVE-2008-2382) Jan Niehusmann discovered that KVM's Cirrus VGA implementation over VNC did not correctly handle certain bitblt operations. A local attacker could exploit this flaw to potentially execute arbitrary code on the VM host or crash KVM, leading to a denial of service. (CVE-2008-4539) It was discovered that KVM's VNC password checks did not use the correct length. A remote attacker could exploit this flaw to cause KVM to crash, leading to a denial of service. (CVE-2008-5714) Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_62+dfsg-0ubuntu8.1.diff.gz Size/MD5: 42599 1c6b8299b3a50806c5992be0db2cce2f http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_62+dfsg-0ubuntu8.1.dsc Size/MD5: 1082 fd477b0999056ccc60f556e9ac1e5abc http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_62+dfsg.orig.tar.gz Size/MD5: 3117412 b992a0ff585020cd5f586ac8046ad335 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/k/kvm/kvm-source_62+dfsg-0ubuntu8.1_all.deb Size/MD5: 146416 e242cbdbe846f33ffdbc77f81008efaf amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_62+dfsg-0ubuntu8.1_amd64.deb Size/MD5: 770136 aa65a634670369404840047a92714a1a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_62+dfsg-0ubuntu8.1_i386.deb Size/MD5: 709378 673b1f1b0dc7299a16101d3639f3098d Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_72+dfsg-1ubuntu6.1.diff.gz Size/MD5: 45842 8b59f530e2547c50e67b140734d44200 http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_72+dfsg-1ubuntu6.1.dsc Size/MD5: 1517 b671c910d142cdb3263b726780eebbab http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_72+dfsg.orig.tar.gz Size/MD5: 3250251 899a66ae2ea94e994e06f637e1afef4a Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/k/kvm/kvm-source_72+dfsg-1ubuntu6.1_all.deb Size/MD5: 190230 113fb528ab82213136087d1036f65822 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_72+dfsg-1ubuntu6.1_amd64.deb Size/MD5: 1028390 946f7de2766b03ee6d8276b8733aca86 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/k/kvm/kvm_72+dfsg-1ubuntu6.1_i386.deb Size/MD5: 957398 699d7cc4987430613f930b726df849f0