ID de Prueba:	1.3.6.1.4.1.25623.1.0.882939
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for qemu-img CESA-2018:2462 centos7
Resumen:	Check the version of qemu-img
Descripción:	Summary: Check the version of qemu-img Vulnerability Insight: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix(es): * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806) * QEMU: i386: multiboot OOB access while loading kernel image (CVE-2018-7550) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jskz - Zero Day Initiative (trendmicro.com) for reporting CVE-2018-11806 and Cyrille Chatras (Orange.com) and CERT-CC (Orange.com) for reporting CVE-2018-7550. Bug Fix(es): * Previously, live migrating a Windows guest in some cases caused the guest to become unresponsive. This update ensures that Real-time Clock (RTC) interrupts are not missed, which prevents the problem from occurring. (BZ#1596302) Affected Software/OS: qemu-img on CentOS 7 Solution: Please install the updated packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-7550 BugTraq ID: 103181 http://www.securityfocus.com/bid/103181 Debian Security Information: DSA-4213 (Google Search) https://www.debian.org/security/2018/dsa-4213 https://github.com/orangecertcc/security-research/security/advisories/GHSA-f49v-45qp-cv53 https://lists.debian.org/debian-lts-announce/2018/04/msg00015.html https://lists.debian.org/debian-lts-announce/2018/04/msg00016.html https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://lists.gnu.org/archive/html/qemu-devel/2018-02/msg06890.html RedHat Security Advisories: RHSA-2018:1369 https://access.redhat.com/errata/RHSA-2018:1369 RedHat Security Advisories: RHSA-2018:2462 https://access.redhat.com/errata/RHSA-2018:2462 https://usn.ubuntu.com/3649-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-11806 BugTraq ID: 104400 http://www.securityfocus.com/bid/104400 Bugtraq: 20190531 [SECURITY] [DSA 4454-1] qemu security update (Google Search) https://seclists.org/bugtraq/2019/May/76 Debian Security Information: DSA-4454 (Google Search) https://www.debian.org/security/2019/dsa-4454 https://www.zerodayinitiative.com/advisories/ZDI-18-567/ https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html http://www.openwall.com/lists/oss-security/2018/06/07/1 https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html RedHat Security Advisories: RHSA-2018:2762 https://access.redhat.com/errata/RHSA-2018:2762 RedHat Security Advisories: RHSA-2018:2822 https://access.redhat.com/errata/RHSA-2018:2822 RedHat Security Advisories: RHSA-2018:2887 https://access.redhat.com/errata/RHSA-2018:2887 RedHat Security Advisories: RHSA-2019:2892 https://access.redhat.com/errata/RHSA-2019:2892 https://usn.ubuntu.com/3826-1/
Copyright	Copyright (C) 2018 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.