 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.883321 |
| Categoría: | CentOS Local Security Checks |
| Título: | CentOS: Security Advisory for qemu-img (CESA-2021:0347) |
| Resumen: | The remote host is missing an update for the 'qemu-img'; package(s) announced via the CESA-2021:0347 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'qemu-img' package(s) announced via the CESA-2021:0347 advisory. Vulnerability Insight: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix(es): * QEMU: loader: OOB access while loading registered ROM may lead to code execution (CVE-2020-13765) * QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * qemu-kvm FTBFS on rhel7.9 (BZ#1884997) Affected Software/OS: 'qemu-img' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2020-13765 https://git.qemu.org/?p=qemu.git;a=commit;h=e423455c4f23a1a828901c78fe6d03b7dde79319 https://github.com/qemu/qemu/commit/4f1c6cb2f9afafda05eab150fd2bd284edce6676 https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html https://usn.ubuntu.com/4467-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-16092 Debian Security Information: DSA-4760 (Google Search) https://www.debian.org/security/2020/dsa-4760 https://security.gentoo.org/glsa/202208-27 http://www.openwall.com/lists/oss-security/2020/08/10/1 https://lists.nongnu.org/archive/html/qemu-devel/2020-07/msg07563.html https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html SuSE Security Announcement: openSUSE-SU-2020:1664 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00024.html |
| Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |