В QEMU обнаружена уязвимость, связанная с некорректной проверкой попыток чтения и записи данных через эмулятор работы блочного устройства (ioemu). Используя данную уязвимость злоумышленник из гостевого окружения может вызвать отказ в обслуживании или получить контроль над управляющим процессом, что потенциально позволяет выйти за пределы изолированного окружения.
Проблеме также подвержены виртуальные окружения на базе Xen в которых ioemu задействован для виртуализации дисков (см. ioemu в секции конфигурации disk) для VMX-окружений, предназначенных для запуска немодифицированной ОС.
VMware Player a atins versiunea 2.0.2-59824. Acum VMware Player este disponibil în două architecturi: i386 şi x86_64. Programul poate fi descărcat din repo.fedoramd.org.
A ieşit noua versiune VMware Server 1.0.4 Build: 56528. Au fost corectate numeroase probleme. Această versiune este compatibilă cu Linux kernel 2.6.21 şi mai noi. Puteţi descărca veriunea nouă de pe repo.fedoramd.org
Issues Resolved in VMware Server 1.0.4
In previous releases, when a virtual machine configuration (.vmx) file contained the line serialX.HardwareFlowControl = “TRUE”, the modem control signals were not correctly handled. This release fixes that problem. Modem control signals are now strictly passed through between the virtual and the physical serial port.
This release fixes a problem that caused Fedora Core 7 to fail with an ASSERT when issuing SCSI commands that have illegal targets. This problem is not clearly exploitable by a normal user.
This release fixes a problem that could cause Linux virtual machines with VMI-enabled kernels to run very slowly after being rebooted repeatedly.
This release fixes a problem that could cause a virtual machine to fail at power-on when using a sound card with more than two mixer channels on a Windows 32-bit host.
This release fixes a problem that could cause a 64-bit Solaris 10 virtual machine to fail at power-on after being updated with Solaris Update Patch 125038-04.
This release fixes a problem that resulted from a conflict between Linux guest operating systems with kernel version 2.6.21 and RTC-related processes on the host. This problem caused the virtual machine to quit unexpectedly.
This release fixes a problem that caused the hostd to quit unexpectedly in virtual machines with a corrupted snapshot.
This release fixes a problem that prevented virtual machines running Fedora Core 7 from properly recognizing LSILogic SCSI devices.
This release fixes a problem that prevented the VMware vmmon module from building correctly on hosts running Linux with kernel version 2.6.20-rc1.
This release fixes a problem that prevented the VMware vmnet module from building correctly on hosts running Linux with kernel versions higher than 2.6.21.
This release fixes a problem that could corrupt the guest's memory on hosts running Linux with kernel versions higher than 2.6.21.
This release fixes the following problem: when a user attempts to access a virtual machine through the Windows remote VMware Service Console, and the user does not have execute permission on the virtual machine configuration (.vmx) file, the display is blank with no indication of the actual problem. This release adds an error message in this circumstance, to advise the user that execute access is required to connect to the virtual machine with the VMware Service Console.
This release fixes a problem with virtual machines running Red Hat Linux 7.1, kernel version 2.4.2, that caused the guest operating system to become unresponsive during the installation of VMware Tools, after the user selected the default display size.
This release fixes a problem that prevented VMware Player from launching. This problem was accompanied by the error message VMware Player unrecoverable error: (player) Exception 0xc0000005 (access violation) has occurred. This problem could result in a security vulnerability from some images stored in virtual machines downloaded by the user.