RHEL 5 : rhev-hypervisor (RHSA-2011:0439)

medium Nessus Plugin ID 79278
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote Red Hat host is missing a security update.


An updated rhev-hypervisor package that fixes one security issue and one bug is now available.

The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent.

Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions.

A NULL pointer dereference flaw was found in the Generic Receive Offload (GRO) functionality in the Linux kernel's networking implementation. If both GRO and promiscuous mode were enabled on an interface in a virtual LAN (VLAN), it could result in a denial of service when a malformed VLAN frame is received on that interface.

Red Hat would like to thank Ryan Sweat for reporting CVE-2011-1478.

This updated package provides updated components that include fixes for security issues; however, these issues have no security impact for Red Hat Enterprise Virtualization Hypervisor. These fixes are for dbus issue CVE-2010-4352; kernel issues CVE-2010-4346, CVE-2011-0521, CVE-2011-0710, CVE-2011-1010, and CVE-2011-1090; libvirt issue CVE-2011-1146; and openldap issue CVE-2011-1024.

This update also fixes the following bug :

* Previously, network drivers that had Large Receive Offload (LRO) enabled by default caused the system to run slow when using software bridging. With this update, Red Hat Enterprise Virtualization Hypervisor disables LRO as a part of a modprobe configuration.

Also in this erratum, the rhev-hypervisor-pxe RPM has been dropped.

As Red Hat Enterprise Virtualization Hypervisor includes Red Hat Enterprise Virtualization Manager Agent (VDSM), the bug fixes from the VDSM update RHBA-2011:0424 have been included in this update :


Users of Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which resolves these issues.


Update the affected rhev-hypervisor package.

See Also




Plugin Details

Severity: Medium

ID: 79278

File Name: redhat-RHSA-2011-0439.nasl

Version: 1.9

Type: local

Agent: unix

Published: 11/17/2014

Updated: 1/14/2021

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: Low

Score: 3.6


Risk Factor: Medium

Base Score: 5.7

Temporal Score: 5

Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C

Temporal Vector: E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor, cpe:/o:redhat:enterprise_linux:5

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 4/13/2011

Vulnerability Publication Date: 10/23/2011

Reference Information

CVE: CVE-2011-1478

BID: 47056

RHSA: 2011:0439