ESB-2018.1492 - [RedHat] redhat-virtualization-host: Multiple vulnerabilities 2018-05-16

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.1492
   Important: redhat-virtualization-host bug fix and enhancement update
                                16 May 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           redhat-virtualization-host
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
Impact/Access:     Root Compromise      -- Remote/Unauthenticated
                   Increased Privileges -- Existing Account      
                   Denial of Service    -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-8897 CVE-2018-1111 CVE-2018-1088
                   CVE-2018-1087  

Reference:         ESB-2018.1458
                   ESB-2018.1407
                   ESB-2018.1197

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2018:1524

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: redhat-virtualization-host bug fix and enhancement update
Advisory ID:       RHSA-2018:1524-01
Product:           Red Hat Virtualization
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1524
Issue date:        2018-05-15
CVE Names:         CVE-2018-1087 CVE-2018-1088 CVE-2018-1111 
                   CVE-2018-8897 
=====================================================================

1. Summary:

Updated redhat-virtualization-host packages that fix several bugs and add
various enhancements are now available.

2. Relevant releases/architectures:

RHEL 7-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64
Red Hat Virtualization 4 Hypervisor for RHEL 7 - noarch

3. Description:

The redhat-virtualization-host packages provide the Red Hat Virtualization
Host. These packages include redhat-release-virtualization-host,
ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are
installed using a special build of Red Hat Enterprise Linux with only the
packages required to host virtual machines. RHVH features a Cockpit user
interface for monitoring the host's resources and performing administrative
tasks.

Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111,
kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897.

A list of bugs fixed in this update is available in the Technical Notes
book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/ht
ml/technical_notes/

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/2974891

5. Bugs fixed (https://bugzilla.redhat.com/):

1357247 - rhvh 4: reboot after install shows "4m[terminated]" and takes long to reboot
1374007 - [RFE] RHV-H does not default to LVM Thin Provisioning
1420068 - [RFE] RHV-H should meet NIST 800-53 partitioning requirements by default
1422676 - [Test Only] Test Ansible playbook for registration
1429485 - [RFE] Imgbased layers should be named with '%{name}-%{version}-%{release}' instead of %{name}-%{version}
1433394 - kdump could fill up /var filesystem while writing to /var/crash
1443965 - Libvirt is disabled on RHVH host
1454536 - HostedEngine setup fails if RHV-H timezone < UTC set during installation
1474268 - RHVH host displays "upgrade available" information on the engine after registering until an update is released
1489567 - Host Software tab does not show exact RHVH version anymore
1501161 - The version displays as "4.1" for subscribed product with RHVH 4.2
1502920 - File missing after upgrade of RHVH node from version RHVH-4.1-20170925.0 to latest.
1503148 - [RFE] translate between basic ntp configurations and chrony configurations
1516123 - tuned-adm timeout while adding the host in manager and the deployment will fail/take time to complete
1534855 - RHVH brand is missing on cockpit login screen.
1535791 - Upgrading node brings back previous hosted-engine configuration
1542833 - oVirt Node upgrade fails if SELINUX is disabled
1547864 - There is error report when upgrade to rhvh-4.1-20180218.0 / rhvh-4.2-20180218.0
1549630 - NGN upgrade should fail if it finds a badly placed local storage domain
1554186 - RHVH 4.2.2 version info is incorrect
1555243 - Consume updated cockpit-storaged packages
1555254 - "systemctl status lldpad.service" failed
1558721 - CVE-2018-1088 glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled
1561258 - grub2-mkconfig on node produce incorrect grub2.cfg if a local VG is present
1563530 - Include wrong kernel in redhat-virtualization-host-4.1-20180403.1
1565497 - Imgbase check FAILED in redhat-virtualization-host-4.2-20180409.1
1566837 - CVE-2018-1087 Kernel: KVM: error in exception handling leads to wrong debug stack value
1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS
1567974 - CVE-2018-1111 dhcp: Command injection vulnerability in the DHCP client NetworkManager integration script
1571134 - RHVH 4.2.3 version info is incorrect

6. Package List:

Red Hat Virtualization 4 Hypervisor for RHEL 7:

Source:
redhat-virtualization-host-4.2-20180508.0.el7_5.src.rpm

noarch:
redhat-virtualization-host-image-update-4.2-20180508.0.el7_5.noarch.rpm

RHEL 7-based RHEV-H for RHEV 4 (build requirements):

Source:
imgbased-1.0.16-0.1.el7ev.src.rpm
ovirt-node-ng-4.2.0-0.20170814.0.el7.src.rpm
redhat-release-virtualization-host-4.2-3.0.el7.src.rpm

noarch:
imgbased-1.0.16-0.1.el7ev.noarch.rpm
ovirt-node-ng-nodectl-4.2.0-0.20170814.0.el7.noarch.rpm
python-imgbased-1.0.16-0.1.el7ev.noarch.rpm
redhat-virtualization-host-image-update-placeholder-4.2-3.0.el7.noarch.rpm

x86_64:
redhat-release-virtualization-host-4.2-3.0.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-1087
https://access.redhat.com/security/cve/CVE-2018-1088
https://access.redhat.com/security/cve/CVE-2018-1111
https://access.redhat.com/security/cve/CVE-2018-8897
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWvscLtzjgjWX9erEAQjjaw//ehQRiif4jLIKBvm16rBd2g8KnLdMbwKT
3nqEQ8CeRxGqh5zxmDamu1AYXVc7QoW1e/2Q2ZqQsjTLTxaITrSNALUV+mENOgt7
dMPnJ3W1AZNI1/fw3kclCA5+918IjXUR5pUrKzCA0dYs8rtD0uYDteUwEQT2Wgpp
pkAtdfXNRgMY8l5RVk/vg6RCoJkKddN4ZYMwBz/c2ea9TBIcToI2QqTEI1UiRhHc
+Yt85PV4VmTk6EPmlYxOG0YCNoeTUHliTdwBUQAZAia2uvFBelmPgdD8xiun7cb/
O+qaPGsSvAmGhdT8sSf6J9EkZ27RuMek07JyQfr263gW1s8TL6ccawiq91wbWiCE
TR7W3AsSag0BSb3fvtCpKLvjONUmahU3J22wJLwuQI9ukxhJ23FPwrjrcd5mRnbd
gI1aYerG/PZ/Q7112y48sL1JUBXng9SwuJwgK8zOfpAMYQSylNrcmy45Dq8S0nDj
qVqLQTX5DlUuXS/7eY3Mtl03CF4N453cUW9h7R5rTDFoeh39rVOXK9GElBC0mS4a
l0ixatGb63WZaS9roizwPgdU6b3PbGLQp1lzye+dnjOwtH72qFmk/KBWEalBBb0D
c73ZAUCLdJ7pmXxB+4dQCpeHNdIKYqVv3RthzBXRpmEOJsYg+53kw47fV6iXCYrJ
7DQFY5NrRms=
=CE0W
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWvugo4x+lLeg9Ub1AQg4dg//cQmwjPC8h6ohy3Yk0TVqnTD6ZnMNsIXs
m9NUpDrgjPRIQkguItR97GU4j+OvG7O1FfOYxJZiM5cqsibAj8We9p0AO+aqP5QW
PXNrs6yu4uzbbOHkrw1mDvxpVKmopFDDaoC5a+HLWJ6p8pC92ZlQP2M91PcL+bs5
P7qigVSe7a10rvE0CK+Z6XQr0/CVRn+wgrQJ2uJ7mLEMppWmLfiy2WHUe8LkJEMU
X+h7kxvXEEE9NpPJi0ikYPBicJFnmNB4J0vVUvVFLWBddJSGZcGJ6HZ4I7Yo8Jhh
mPB2YqoFnceTFC7Zr5rMPsOkhvEMjquiwP/tZP57pHicnb1E6wq0e3WWh9qFbMjJ
50B2TMWQfa68mpYnT9+S0ExEXR7uUa3wbiaT9ylnVyHMORZFTkL62czQcYFkocf7
VFPB8kpmdR3elaXhQHmaxIau79xAQVECGRlYI2uppY62N6l1BcE1eCWejTEs3z9g
tqQ55EcKbXAKM6fx7QpSQsHrTRvLLUaEe7cxOP9EJU+COBoEnFSLNnqtGsgcbQo4
A3m/2tbZKYdBoAXWyfRurPusrJ8CAUCySJrGNsA+FQwZyoTekJswAY1hGvXS8LYx
eLZPXnTpEm+IKW8ispRvWfTgHEUDG7XN5kp3jbl2ISQQFa5MeSDLGIK2IHUdeYVz
B9U0l9vR1fo=
=peX3
-----END PGP SIGNATURE-----

« Back to bulletins