ESB-2018.1571 - [RedHat] Red Hat Virtualization: Access privileged data - Existing account 2018-05-23

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.1571
            Important: Red Hat Virtualization security updates
                                23 May 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           rhvm-setup-plugins
                   vdsm
                   org.ovirt.engine-root
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux Server 6
Impact/Access:     Access Privileged Data -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-3639  

Reference:         ASB-2018.0121
                   ESB-2018.1566
                   ESB-2018.1563
                   ESB-2018.1554

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2018:1674
   https://access.redhat.com/errata/RHSA-2018:1675
   https://access.redhat.com/errata/RHSA-2018:1676
   https://access.redhat.com/errata/RHSA-2018:1688
   https://access.redhat.com/errata/RHSA-2018:1689
   https://access.redhat.com/errata/RHSA-2018:1690

Comment: This bulletin contains six (6) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: rhvm-setup-plugins security update
Advisory ID:       RHSA-2018:1674-01
Product:           Red Hat Virtualization
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1674
Issue date:        2018-05-21
CVE Names:         CVE-2018-3639 
=====================================================================

1. Summary:

An update for rhvm-setup-plugins is now available for Red Hat
Virtualization Engine 4.2.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

RHV-M 4.2 - noarch

3. Description:

The rhvm-setup-plugins package adds functionality exclusive only to Red Hat
Virtualization Manager, and is not available for the upstream ovirt-engine.
It includes the configuration of the Red Hat Support plugin, copying
downstream-only artifacts to the ISO domain, and links to the knowledgebase
and other support material.

The following packages have been upgraded to a later upstream version:
rhvm-setup-plugins (4.2.9). (BZ#1579326)

Security Fix(es):

* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass

6. Package List:

RHV-M 4.2:

Source:
rhvm-setup-plugins-4.2.9-1.el7ev.src.rpm

noarch:
rhvm-setup-plugins-4.2.9-1.el7ev.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/ssbd

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWwQwytzjgjWX9erEAQiYrRAAmhyczzTx0uPHsAS9agqFj/RKgj2bIU4v
sfahioE1iY+M/6T6ARyFeXcxUbslW7n9Rzvd0FxWSV86cWAEKb8av6A61X5rCFYX
xnoNcl4hdlIruc+hFtYmxZnkbP7gqym40e8+RwDRrXd2pZuGUcVpzQ23033Jc1CG
9Jnn0UkUztBriwX//wpHeq649Kgi4sI/GbpNLt3HzT4pTQAgO2LnfnMv5eu6wTsw
v/Wv42QU97g5VNuXet3Tjm8TrY7h009zy4cq9GDQ+2dA5BTyQGaIAn4MEcmald0Y
8RPAidGuTeAwF188eESXA8goiIbCgoXfyh5y+Uj1QjKOTJTuv+b82GcIx1JicJwU
I32vAAoQEn6THztRENLg/CDcdf3tJ/TsslKz02mqI09nK388nWwDpTp+2UofMpfv
djPRJVT/XIIH7EoFQAAhSHO6uePF1kNlues66c6u6MHmgRuF1ZW2YvilTn6S9itV
g6ApxUtU0VcOtSxsZngYb/rWHd5j+ru8hh4UXY49qZL2CtpUVtBuWNXQB/aDRwfc
dMv5+mmVvmxbuvy3f3+lkYMZeJ8mOrdYBGyyZwo5OfU3NbJYmP94jJhp1i88WF3R
NT8tkwAmaMsF2CTTYcPIGtkPDt3S7htSXAilSKsOpD4Rs2sSWeRTVTiNAcgnDBVV
xMnrAuIHsL4=
=CJr6
- -----END PGP SIGNATURE-----

- ------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: vdsm security update
Advisory ID:       RHSA-2018:1675-01
Product:           Red Hat Virtualization
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1675
Issue date:        2018-05-21
CVE Names:         CVE-2018-3639 
=====================================================================

1. Summary:

An update for vdsm is now available for Red Hat Virtualization 4 for Red
Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch, ppc64le, x86_64

3. Description:

The VDSM service is required by a Virtualization Manager to manage the
Linux hosts. VDSM manages and monitors the host's storage, memory and
networks as well as virtual machine creation, other host administration
tasks, statistics gathering, and log collection.

Security Fix(es):

* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)

Note: This is the VDSM side of the CVE-2018-3639 mitigation.

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass

6. Package List:

Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts:

Source:
vdsm-4.20.27.2-1.el7ev.src.rpm

noarch:
vdsm-api-4.20.27.2-1.el7ev.noarch.rpm
vdsm-client-4.20.27.2-1.el7ev.noarch.rpm
vdsm-common-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-cpuflags-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-ethtool-options-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-fcoe-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-localdisk-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-macspoof-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-nestedvt-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-openstacknet-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-vfio-mdev-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-vhostmd-4.20.27.2-1.el7ev.noarch.rpm
vdsm-hook-vmfex-dev-4.20.27.2-1.el7ev.noarch.rpm
vdsm-http-4.20.27.2-1.el7ev.noarch.rpm
vdsm-jsonrpc-4.20.27.2-1.el7ev.noarch.rpm
vdsm-python-4.20.27.2-1.el7ev.noarch.rpm
vdsm-yajsonrpc-4.20.27.2-1.el7ev.noarch.rpm

ppc64le:
vdsm-4.20.27.2-1.el7ev.ppc64le.rpm
vdsm-hook-checkips-4.20.27.2-1.el7ev.ppc64le.rpm
vdsm-hook-extra-ipv4-addrs-4.20.27.2-1.el7ev.ppc64le.rpm
vdsm-network-4.20.27.2-1.el7ev.ppc64le.rpm

x86_64:
vdsm-4.20.27.2-1.el7ev.x86_64.rpm
vdsm-hook-checkips-4.20.27.2-1.el7ev.x86_64.rpm
vdsm-hook-extra-ipv4-addrs-4.20.27.2-1.el7ev.x86_64.rpm
vdsm-network-4.20.27.2-1.el7ev.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/ssbd

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWwQwfNzjgjWX9erEAQhE6Q/+PHgCwjvbje8dlckIiIRnK69URy9XRxXs
US6qWQXPXJjpKKTxWdyiC7QI4Di48ltJInns0H/6VQThxBgsESE9owWfyoXqS1di
VgmmJgD3VSZcuVosITIJKCwx0VGvvC5IkLrml3r9s8Ma4WWzx+A5MpurvewQZIhl
ACugZ8PR2TTMVjj4Biviq/8JYvtv5dakz+4+JJRFNY/WEoCQ6M/Wn7sPj6K2bCSQ
kupM9/XpTOifqZ4b2zSY44hG32TGSJalfD42CZaBtlahqPOrGa5+orObBoSl9yiM
ej+IEyWKNUDcss/CL/E08/ucSqMCK8nhik0Y3YCdv2cSeKzgKjCW/GbwrVi9oDh9
NEtnPHfk9bCIeXq4/0MZgJvCTSc8Dadkh3XEiBs8YCH2ccOzB9MpF9WDEGpdNADu
su9KRom3BR6RJesXVUpg3PgN9JbK7HmdkmstVSUwSZBHS04Pb/oS55vh7z4eUbxO
da3yc7Z1FLju7lH2qQ3KJzmCQNW5VdbgxBtwHFHJemurqcrSCyxWNIAaeNS5FwKl
xyKwVKqlYmhhrdnZ5y3HrZ26w439Ls7lyA6XmOHmhdqQIBrcPL6KQVOmtC4z+4Cz
pqB7OpE9gV34h835Q1Dvt8NnfEHM2QNcipAkyV8WOLLZ6QqMy3BA7s72O5eDCpzQ
UgcWpkNV0c8=
=wrqh
- -----END PGP SIGNATURE-----

- ------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: org.ovirt.engine-root security update
Advisory ID:       RHSA-2018:1676-01
Product:           Red Hat Virtualization
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1676
Issue date:        2018-05-21
CVE Names:         CVE-2018-3639 
=====================================================================

1. Summary:

An update for org.ovirt.engine-root is now available for Red Hat
Virtualization Engine 4.2.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

RHV-M 4.2 - noarch

3. Description:

The org.ovirt.engine-root is a core component of oVirt.

Security Fix(es):

* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)

Note: This is the org.ovirt.engine-root side of the CVE-2018-3639
mitigation.

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass

6. Package List:

RHV-M 4.2:

Source:
ovirt-engine-4.2.3.6-0.1.el7.src.rpm

noarch:
ovirt-engine-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-backend-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-dbscripts-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-extensions-api-impl-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-extensions-api-impl-javadoc-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-health-check-bundler-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-lib-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-restapi-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-setup-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-setup-base-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-setup-plugin-ovirt-engine-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-setup-plugin-ovirt-engine-common-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-setup-plugin-websocket-proxy-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-tools-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-tools-backup-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-vmconsole-proxy-helper-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-webadmin-portal-4.2.3.6-0.1.el7.noarch.rpm
ovirt-engine-websocket-proxy-4.2.3.6-0.1.el7.noarch.rpm
rhvm-4.2.3.6-0.1.el7.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/ssbd

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWwQp09zjgjWX9erEAQi6Zg//fD2O5k/IPd+elj2l3z6KXEUeXNB9S5+6
CUSXUPSze8xO7PZ/OZymgjyWPa9mfCCOQfCYctu+mzs+qrq0WQb2rmVpGvbygDPh
dAvXXQ9wc0lTlzS3Bra8A6tPZ8XDtWF2m7W/8n/Mh11McbDTOhof6h/64JprH0Oq
ZLzHJUDXNun6Hug6Ii3QcJakDlBeQ/VQ7yR1NOEuqn5vxJzn019lL6nXwoNgkB0k
W9SJ22b51w9N22YvplKVnLS5PaOvL/ZHCVDq03YAGo57QRQKByEGbRhExiakvKJU
kpkupEbGXGX6UZ6bn+f1GRQH18qw+DslT+uJRFlPpKbO4k8Nr7AaCIhiu+jf2pBm
SAnPZKEurIZh9BmTzs9umDLWScFqBKPS9BiwE7fo/q3o1P9aptwyAPfgwzdkrDsd
8Q2whnyo8uOEOY+kgl2F5kF8T7Iehkj/I0nEiZe1+xwYMPdN7zt1yFjNem7X2QKr
btO+5aw4XeQzIsEF8P49ws9BeeEdU11+dizG26hBMmIsu8X01Mya3Ikj0+Ct7VfE
LVy5Dxnc5KFAHLuO+6VXY1GM5XZEqg4xrWXq77v+0qjqfY81uEo4lihxYt4g2/0C
BDDAqPAK61mX/2OIaNgjGqOVJz/M41o6iUelZbO6rs5NE3cwdwy1ORs2fYMCwvw2
pt3zckp3TYk=
=8GKI
- -----END PGP SIGNATURE-----

- ------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: org.ovirt.engine-root security update
Advisory ID:       RHSA-2018:1688-01
Product:           Red Hat Virtualization
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1688
Issue date:        2018-05-22
CVE Names:         CVE-2018-3639 
=====================================================================

1. Summary:

An update for org.ovirt.engine-root is now available for RHEV Manager
version 3.6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

RHEV-M 3.6 ELS - noarch

3. Description:

The org.ovirt.engine-root is a core component of oVirt.

Security Fix(es):

* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)

Note: This is the org.ovirt.engine-root side of the CVE-2018-3639
mitigation.

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass

6. Package List:

RHEV-M 3.6 ELS:

Source:
rhevm-3.6.13.2-0.1.el6.src.rpm

noarch:
rhevm-3.6.13.2-0.1.el6.noarch.rpm
rhevm-backend-3.6.13.2-0.1.el6.noarch.rpm
rhevm-dbscripts-3.6.13.2-0.1.el6.noarch.rpm
rhevm-extensions-api-impl-3.6.13.2-0.1.el6.noarch.rpm
rhevm-extensions-api-impl-javadoc-3.6.13.2-0.1.el6.noarch.rpm
rhevm-lib-3.6.13.2-0.1.el6.noarch.rpm
rhevm-restapi-3.6.13.2-0.1.el6.noarch.rpm
rhevm-setup-3.6.13.2-0.1.el6.noarch.rpm
rhevm-setup-base-3.6.13.2-0.1.el6.noarch.rpm
rhevm-setup-plugin-ovirt-engine-3.6.13.2-0.1.el6.noarch.rpm
rhevm-setup-plugin-ovirt-engine-common-3.6.13.2-0.1.el6.noarch.rpm
rhevm-setup-plugin-vmconsole-proxy-helper-3.6.13.2-0.1.el6.noarch.rpm
rhevm-setup-plugin-websocket-proxy-3.6.13.2-0.1.el6.noarch.rpm
rhevm-tools-3.6.13.2-0.1.el6.noarch.rpm
rhevm-tools-backup-3.6.13.2-0.1.el6.noarch.rpm
rhevm-userportal-3.6.13.2-0.1.el6.noarch.rpm
rhevm-userportal-debuginfo-3.6.13.2-0.1.el6.noarch.rpm
rhevm-vmconsole-proxy-helper-3.6.13.2-0.1.el6.noarch.rpm
rhevm-webadmin-portal-3.6.13.2-0.1.el6.noarch.rpm
rhevm-webadmin-portal-debuginfo-3.6.13.2-0.1.el6.noarch.rpm
rhevm-websocket-proxy-3.6.13.2-0.1.el6.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/ssbd

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWwQp+9zjgjWX9erEAQjRbA/9FOUSwXrlbDl+1p5bGeW5T9jMY7uX+FSC
jmOsIWoCASsdpBcwVnlcTnPhpma5gQtzQ2aIliu2/rI+Vid3BYCHkyRBX+TNlndo
AtCULiEaCq0hTuUdmZdMGXMkeI/wstq/jGFksn4uL4vw8zlqgxrKNN0D7/Mk0HLU
EFRikLDCTMbk5uPSmOW5i1TLMZ7pe+gNhJX3fkJWj2AxkpAm7aQ7+PTv3Ja9FMMM
X13vQ7P7J1oJtGlBVPSh9JSlReqzEOBm4Yo56FfYSUU6jJVubCMDfpjtq6uOig71
UlAfEQM6u/+Sp7ni/xOb4mFULAjhAvrn7lIxABF3wQ51YB99TIx5BXI2Ih23GMWk
9TTxQhmg327hm/ymIAJnsIp1zEwmd6fyNiI00cR7wGKwuiXPIWYPzCOV5KacMn28
5kgm5hbHY9wIpru22nc4psCQ/jsw+Ulmk6LmUrN1jpMAFBTCIO2hw0xOQWm1h4hh
TgbIFOGqqPB3d3oFLnK+5rp8oIeSvB9L0Y3Qamzv0yrLZx1DVNiKEvfQuKslLp5w
MrgMKNY5S+ngTwTVt5Jm2ECUAd59CMf8F08SIk++X7B+OPoQ43yEpyVNd2HtGH16
zmA56Iz7q11iVUnRX+DDAt74l8F9r69DF+Mt31WcGpw53d7RRik1KxI4lx7AZqtp
2jnhkhnaemo=
=4Zoc
- -----END PGP SIGNATURE-----

- ------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: rhevm-setup-plugins security update
Advisory ID:       RHSA-2018:1689-01
Product:           Red Hat Virtualization
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1689
Issue date:        2018-05-22
CVE Names:         CVE-2018-3639 
=====================================================================

1. Summary:

An update for rhevm-setup-plugins is now available for RHEV Manager version
3.6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

RHEV-M 3.6 ELS - noarch

3. Description:

The rhevm-setup-plugins package adds functionality exclusive only to Red
Hat Virtualization Manager, and is not available for the upstream
ovirt-engine. It includes the configuration of the Red Hat Support plugin,
copying downstream-only artifacts to the ISO domain, and links to the
knowledgebase and other support material.

The following packages have been upgraded to a later upstream version:
rhevm-setup-plugins (3.6.7). (BZ#1579010)

Security Fix(es):

* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)

Note: This is the rhevm-setup-plugins side of the CVE-2018-3639 mitigation.

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass

6. Package List:

RHEV-M 3.6 ELS:

Source:
rhevm-setup-plugins-3.6.7-1.el6ev.src.rpm

noarch:
rhevm-setup-plugins-3.6.7-1.el6ev.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/ssbd

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWwQw0dzjgjWX9erEAQjmSQ/+IcLTw6PSZi/3QDmxTGd7wBHfR5QKHZqh
nrb3NtkeNQ5sKsIx1h6V9siu6nuiX6hMK+P6IWPf5xCbIQG7pFsCr/FlpeDPxvZd
Jj/010M8RzU/90gzVmfKqxOu2UwcRKidBmLL5nsrrAjTR/O1JZqj78szAe0hfKbI
klyZzNXvoQw9DVXvsuiZ6FjWvumUIgg5L8u0yHf1OyDS7Zj1Rv5i5OyY2J3GwOlU
Yg5C92icsW7Pt2+0kn6N2rf8c+zd3XcmCaurUEd9oHwuNh1E9kpQ0eoVBHXyRO45
1fYzzv9nCJb4dShFXweVD5Ht6VOUtUcG1RXj2Ka2XyBGbwctqNcA59N/TseXDxph
f/LcmkgGuEBuzNAr/7QvQGT1o6PcS/Kgh22wcJ0RcEDYaZZFoIpJoor51lPFMyZU
MOM7UMskrtldcf3wT62QbyGbZFHec1uazjKFlvISWRcuLi4yuaxJ70u/M63GTw6v
2nAtDICE3+o51c+QUieLTzA+Gl8hsbNynn99+CzJQs5dyXRP8gznluoeUoQg7tns
lJSe0QecqbifitFOklJBe93KFNqHEiXSfNnJ9ROXLdC3/BZp0hECXflbeiKrDi0G
7C9+FHy7KQ8qlJ+3wp7wNwHRP7DnFyTINBPIQbq4iNyjMSiYwe6hL6n/V2i6acYU
FSHJ7WwnRmo=
=yb7v
- -----END PGP SIGNATURE-----

- ------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: vdsm security update
Advisory ID:       RHSA-2018:1690-01
Product:           Red Hat Virtualization
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1690
Issue date:        2018-05-22
CVE Names:         CVE-2018-3639 
=====================================================================

1. Summary:

An update for vdsm is now available for RHEV 3.X Hypervisor and Agents
Extended Lifecycle Support for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

RHEV-H and VDSM for 7 Hosts ELS - noarch

3. Description:

The VDSM service is required by a Virtualization Manager to manage the
Linux hosts. VDSM manages and monitors the host's storage, memory and
networks as well as virtual machine creation, other host administration
tasks, statistics gathering, and log collection.

Security Fix(es):

* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)

Note: This is the VDSM side of the CVE-2018-3639 mitigation.

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass

6. Package List:

RHEV-H and VDSM for 7 Hosts ELS:

Source:
vdsm-4.17.45-1.el7ev.src.rpm

noarch:
vdsm-4.17.45-1.el7ev.noarch.rpm
vdsm-cli-4.17.45-1.el7ev.noarch.rpm
vdsm-debug-plugin-4.17.45-1.el7ev.noarch.rpm
vdsm-hook-ethtool-options-4.17.45-1.el7ev.noarch.rpm
vdsm-hook-fcoe-4.17.45-1.el7ev.noarch.rpm
vdsm-hook-macspoof-4.17.45-1.el7ev.noarch.rpm
vdsm-hook-openstacknet-4.17.45-1.el7ev.noarch.rpm
vdsm-hook-vhostmd-4.17.45-1.el7ev.noarch.rpm
vdsm-hook-vmfex-dev-4.17.45-1.el7ev.noarch.rpm
vdsm-infra-4.17.45-1.el7ev.noarch.rpm
vdsm-jsonrpc-4.17.45-1.el7ev.noarch.rpm
vdsm-python-4.17.45-1.el7ev.noarch.rpm
vdsm-xmlrpc-4.17.45-1.el7ev.noarch.rpm
vdsm-yajsonrpc-4.17.45-1.el7ev.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/ssbd

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWwQxA9zjgjWX9erEAQgmtw/7B9fO2MAzvMje7zOQWcyC5InjTwRcVE2M
MIHMz5jI+hP+YVNORQh8A1DAf3/W9WBV80FU6lGmy8oDmbPVEcICue9kjimaobJA
k3QRFucn7FjCPx6nOXtwB4Zvwx47F88Vg0A3z8sTwNFirSY9eO1iD8pdZSi80Oyj
HqTv+5G9zAJzaOmqib+eqPt60mrRzy7Rsku7isqXptEBBxp9Ss62mRP3xez/TYLv
YHnzrNjg6fWhEU1RRPHVoxrQYLjB1VnDN409gT4j30MDLP7mbhJTtuMROwFrF3mz
gVVHL7BAayhiHlebXXNH2+D8T/lkyeZ5MAoXi3inkkAQMayKUwwCltbbl2WNWBZg
KO8uoRrzegQt0EZ55WHF26PFHg4g0SCFHi6mh7c2uo/+8sZ+scn9PxaWdrJkFXJI
4Fib/Fh/F1sceWU0vBAEztzIhR+kM8WkG9OzUsjOx61ZgPTq7aYG+HWNcEmANd5G
iqXGXn2dAn+Vpcy4PvPXFhp5ouMSk4d3LZzEFugDUM/O/pQv+Yz10SJBX5ljjvib
TbaopLs53g8Z7Q/swXS5RNA58B4B/qW5LAveY+5eET+KjmwdJOk5YWJt8eTzEZQB
O8yqFTdGRpjOj+V9BIAovJi+ZoaQ2XBjjRPakZlgfJ4BLPzlBWpT2HfvVXs5yKlu
dhRs4/gWVSw=
=Wih8
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWwT6j4x+lLeg9Ub1AQjzixAAq8mS6MZeaLFkDrjMt9E0+A9M+6tNo2lT
WGprlFLG/ZYv5636SbPIPi3oJMvvE4hMs5jAfuxTdyf3Ku2RZVlGpBQA+HbutsKF
j+29h8Fj9Vrws/Y0Nwy/u8lSIzTCGJyETOtyN93op0BVNt9dBj11VkSfMM0ORDQe
7/1DHUa/acwY5U7d/3jJYRgZKUyX0wBOtWsA4upd2hObHJ2TticrrhztNU4xNTg7
9UgTNGqDKl4dF4gKIEMXSxVVLQxqY9YsaAS2gLp0HB3cSfJ44IHZmZ2Kc9ZXNbk0
uIRJ2ixT3nc/pqBXF+rYMdQ95e5K6cA6k3kpqnu+spV8ssgIPoZQD7sSqmKVOdba
jkwOt93gWoUTLOVLiDumevtVnXcBNS7MNlJHWZsTmnnv1cz+HaUrnnkgrfroGP8i
jjMayrUO7jwySd2k9JvGTKTUliYOarWx12bxJfcWQY7ztMaykphbjaqYqnMZe/YZ
KMPV/fVygOCoUM9F7e2WHe8wBOUb8u8y5xu/2h1iLdfXhb1/pNofeJYQXqyCrnb+
7hzrdciKuyFPGw/1yxnRGqi4DKsKJWdI+JQAqRIuoiGOShxV7NdzzIlhtjvIFLBQ
PcnDpbFUXXzMOTdYyBzn7ZamDjy6lWmAxhiCxXCorwcahCAHFCqFInXSrbnmSQmD
l0SuRCcqGJ8=
=3OHF
-----END PGP SIGNATURE-----

« Back to bulletins