[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Fwd: Re: [SECURITY] [DSA-2010-1] New kvm packages fix several vulnerabilities]

On Wed, Mar 10, 2010 at 05:44:10PM -0500, Michael Gilbert wrote:
> On Wed, 10 Mar 2010 17:21:45 -0500, Daniel Kahn Gillmor wrote:
> > We recommend that you upgrade your kvm package.  If your system is
> > currently using a kvm-modules package built from previous versions of
> > the kvm-source package, we recommend that you upgrade your kvm-source
> > package, re-build a new kvm-modules package and install it.  You should
> > subsequently unload the old kvm modules from your kernel and reload the
> > newly built kernel modules.  The simplest way to accomplish this kernel
> > module unload/reload is a system restart.
> a restart is (almost) never the answer. i think a better approach would
> be the following simple instructions
>  if you have previously installed the kvm modules on your system, they
>  need to be refreshed following an upgrade of your kvm packages.  please
>  execute the following commands as root after the new packages are
>  installed:
>   # m-a a-i kvm-source
>   # modprobe kvm

If kvm is running, the above commands will succeed w/o error - but
still leave you with a vulnerable system.

You would need to shutdown all users of kvm and unload the existing
module as well.

dann frazier

Reply to: