 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.10.2024.0387 |
| Category: | Mageia Linux Local Security Checks |
| Title: | Mageia: Security Advisory (MGASA-2024-0387) |
| Summary: | The remote host is missing an update for the 'qemu' package(s) announced via the MGASA-2024-0387 advisory. |
| Description: | Summary: The remote host is missing an update for the 'qemu' package(s) announced via the MGASA-2024-0387 advisory. Vulnerability Insight: A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU. (CVE-2023-1544) A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. (CVE-2023-3019) A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service. (CVE-2023-3255) A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot. (CVE-2023-5088) A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a malicious authenticated VNC client to crash QEMU and trigger a denial of service. (CVE-2023-6683) A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. (CVE-2023-6693) QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately. (CVE-2023-42467) QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in esp_do_nodma in hw/scsi/esp.c because of an underflow of async_len. (CVE-2024-24474) An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'qemu' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:L/AC:L/Au:M/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2023-1544 https://access.redhat.com/security/cve/CVE-2023-1544 https://bugzilla.redhat.com/show_bug.cgi?id=2180364 https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html https://security.netapp.com/advisory/ntap-20230511-0005/ Common Vulnerability Exposure (CVE) ID: CVE-2023-3019 RHBZ#2222351 https://bugzilla.redhat.com/show_bug.cgi?id=2222351 RHSA-2024:0135 https://access.redhat.com/errata/RHSA-2024:0135 RHSA-2024:0404 https://access.redhat.com/errata/RHSA-2024:0404 RHSA-2024:0569 https://access.redhat.com/errata/RHSA-2024:0569 RHSA-2024:2135 https://access.redhat.com/errata/RHSA-2024:2135 https://access.redhat.com/security/cve/CVE-2023-3019 https://security.netapp.com/advisory/ntap-20230831-0005/ Common Vulnerability Exposure (CVE) ID: CVE-2023-3255 RHBZ#2218486 https://bugzilla.redhat.com/show_bug.cgi?id=2218486 RHSA-2024:2962 https://access.redhat.com/errata/RHSA-2024:2962 https://access.redhat.com/security/cve/CVE-2023-3255 https://security.netapp.com/advisory/ntap-20231020-0008/ Common Vulnerability Exposure (CVE) ID: CVE-2023-42467 https://gitlab.com/qemu-project/qemu/-/commit/7cfcc79b0ab800959716738aff9419f53fc68c9c https://gitlab.com/qemu-project/qemu/-/issues/1813 Common Vulnerability Exposure (CVE) ID: CVE-2023-5088 RHBZ#2247283 https://bugzilla.redhat.com/show_bug.cgi?id=2247283 https://access.redhat.com/security/cve/CVE-2023-5088 https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/ https://security.netapp.com/advisory/ntap-20231208-0005/ Common Vulnerability Exposure (CVE) ID: CVE-2023-6683 RHBZ#2254825 https://bugzilla.redhat.com/show_bug.cgi?id=2254825 https://access.redhat.com/security/cve/CVE-2023-6683 https://security.netapp.com/advisory/ntap-20240223-0001/ Common Vulnerability Exposure (CVE) ID: CVE-2023-6693 RHBZ#2254580 https://bugzilla.redhat.com/show_bug.cgi?id=2254580 https://access.redhat.com/security/cve/CVE-2023-6693 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYGUN5HVOXESW7MSNM44E4AE2VNXQB6Y/ https://security.netapp.com/advisory/ntap-20240208-0004/ Common Vulnerability Exposure (CVE) ID: CVE-2024-24474 https://gist.github.com/1047524396/5ce07b9d387095c276b1cd234ae5615e https://github.com/qemu/qemu/commit/77668e4b9bca03a856c27ba899a2513ddf52bb52 https://gitlab.com/qemu-project/qemu/-/issues/1810 Common Vulnerability Exposure (CVE) ID: CVE-2024-26327 https://lore.kernel.org/all/20240214-reuse-v4-5-89ad093a07f4@daynix.com/ Common Vulnerability Exposure (CVE) ID: CVE-2024-26328 https://lore.kernel.org/all/20240213055345-mutt-send-email-mst@kernel.org/ Common Vulnerability Exposure (CVE) ID: CVE-2024-3446 RHBZ#2274211 https://bugzilla.redhat.com/show_bug.cgi?id=2274211 https://access.redhat.com/security/cve/CVE-2024-3446 https://patchew.org/QEMU/20240409105537.18308-1-philmd@linaro.org/ Common Vulnerability Exposure (CVE) ID: CVE-2024-3447 Common Vulnerability Exposure (CVE) ID: CVE-2024-4467 Common Vulnerability Exposure (CVE) ID: CVE-2024-7409 Common Vulnerability Exposure (CVE) ID: CVE-2024-8354 Common Vulnerability Exposure (CVE) ID: CVE-2024-8612 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |