 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.122371 |
| Kategorie: | Oracle Linux Local Security Checks |
| Titel: | Oracle: Security Advisory (ELSA-2010-0271) |
| Zusammenfassung: | The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2010-0271 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2010-0271 advisory. Vulnerability Insight: [kvm-83-164.0.1.el5] - Add kvm-Introduce-oel-machine-type.patch - Add kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-164.el5] - kvm-Fix-Windows-guests-SVVP-tests.patch [bz#495844] - Resolves: bz#495844 (KVM SVVP: 'Signed Driver check' failure - on the disabled vCPUs (that the VM's BIOS doesn't hide)) [kvm-83-163.el5] - kvm-kernel-avoid-collision-between-out-of-sync-ksm-and-pci-pass.patch [bz#566385] - Resolves: bz#566385 (KVM host panic due to fault in paging64_sync_page() / panic occurs in connection with PCI passthru devices) [kvm-83-162.el5] - kvm-qemu-img-rebase-Add-f-option.patch [bz#569762] - kvm-mark-PCI-IRQs-as-edge-triggered-in-mptables.patch [bz#536749] - Resolves: bz#536749 (can not boot rhel3.9 with if=virtio) - Resolves: bz#569762 ('qemu-img re-base' broken on block devices) - Moved kver to 2.6.18-191.el5 to match build root [kvm-83-161.el5] - kvm-qemu-img-Fix-segfault-during-rebase.patch [bz#563141] - Resolves: bz#563141 (qemu-img re-base subcommand got Segmentation fault) - Moved kver to 2.6.18-190.el5 to match build root [kvm-83-160.el5] - kvm-qxl-defer-vga-updates-in-case-commands-ring-is-full-.patch [bz#544785] - Resolves: bz#544785 (QEMU process can become non-responsive in case command are not pull from qxl vga ring) [kvm-83-159.el5] - Applied patch to spec file [bz#533453] - Updated kversion to 2.6.18-189.el5 to match build root - Resolves: bz#533453 (kvm kmod package should require a compatible kernel version) [kvm-83-158.el5] - Updated kversion to 2.6.18-187.el5 to match build root - kvm-kernel-KVM-Don-t-check-access-permission-when-loading-segme.patch [bz#563465] - kvm-kernel-KVM-Disable-move-to-segment-registers-and-jump-far-i.patch [bz#563465] - kvm-kernel-KVM-VMX-Check-cpl-before-emulating-debug-register-ac.patch [bz#563517] - Resolves: bz#563465 (EMBARGOED CVE-2010-0419 kvm: emulator privilege escalation segment selector check [rhel-5.5]) - Resolves: bz#563517 (KVM: Check cpl before emulating debug register access [rhel-5.5]) [kvm-83-157.el5] - kvm-CVE-2010-0297-usb-linux.c-fix-buffer-overflow.patch [bz#560770] - Resolves: bz#560770 (CVE-2010-0297 kvm-userspace-rhel5: usb-linux.c: fix buffer overflow [rhel-5.5]) [kvm-83-156.el5] - kvm-kernel-KVM-PIT-control-word-is-write-only.patch [bz#553126] - kvm-kernel-KVM-introduce-kvm_read_guest_virt-kvm_write_guest_vi.patch [bz#559095] - kvm-kernel-KVM-remove-the-vmap-usage.patch [bz#559095] - kvm-kernel-KVM-Use-kvm_-read-write-_guest_virt-to-read-and-writ.patch [bz#559095] - kvm-kernel-KVM-fix-memory-access-during-x86-emulation.patch [bz#559095] - kvm-kernel-Check-IOPL-level-during-io-instruction-emulation.patch [bz#560698] - kvm-kernel-Fix-popf-emulation.patch [bz#560698] - kvm-kernel-Check-CPL-level-during-privilege-instruction-emulati.patch [bz#560698] - Resolves: bz#553126 (CVE-2010-0309 kvm: cat /dev/port in guest cause the host hang [rhel-5.5]) - Resolves: bz#559095 ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kvm' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-0430 RHSA-2010:0271 http://rhn.redhat.com/errata/RHSA-2010-0271.html RHSA-2010:0476 https://rhn.redhat.com/errata/RHSA-2010-0476.html https://bugzilla.redhat.com/show_bug.cgi?id=568702 Common Vulnerability Exposure (CVE) ID: CVE-2010-0741 1023798 http://securitytracker.com/id?1023798 ADV-2010-0760 http://www.vupen.com/english/advisories/2010/0760 http://www.redhat.com/support/errata/RHSA-2010-0271.html [oss-security] 20100329 CVE-2010-0741 qemu: Improper handling of erroneous data provided by Linux virtio-net driver http://openwall.com/lists/oss-security/2010/03/29/4 [qemu-devel] 20091029 Re: qemu-kvm-0.11 regression, crashes on older guests with virtio network http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02480.html [qemu-devel] 20091029 [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...] http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02495.html http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=184bd0484533b725194fa517ddc271ffd74da7c9 https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521 https://bugzilla.redhat.com/show_bug.cgi?id=577218 https://patchwork.kernel.org/patch/56479/ oval:org.mitre.oval:def:11143 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11143 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |