Test ID:	1.3.6.1.4.1.25623.1.0.122140
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2011-0919)
Summary:	The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2011-0919 advisory.
Description:	Summary: The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2011-0919 advisory. Vulnerability Insight: [qemu-kvm-0.12.1.2-2.160.el6_1.2] - kvm-virtio-guard-against-negative-vq-notifies.patch [bz#717403] - Resolves: bz#717403 (qemu-kvm: OOB memory access caused by negative vq notifies [rhel-6.1.z]) [qemu-kvm-0.12.1.2-2.160.el6_1] - kvm-Fix-phys-memory-client-pass-guest-physical-address-n.patch [bz#701771] - kvm-virtio-prevent-indirect-descriptor-buffer-overflow.patch [bz#713592] - Resolves: bz#701771 (Fix phys memory client for vhost) - Resolves: bz#713592 (EMBARGOED CVE-2011-2212 virtqueue: too-large indirect descriptor buffer overflow [rhel-6.1.z]) Affected Software/OS: 'qemu-kvm' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.4 CVSS Vector: AV:A/AC:M/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2212 45158 http://secunia.com/advisories/45158 45170 http://secunia.com/advisories/45170 45187 http://secunia.com/advisories/45187 45188 http://secunia.com/advisories/45188 45301 http://secunia.com/advisories/45301 45354 http://secunia.com/advisories/45354 74751 http://www.osvdb.org/74751 DSA-2282 https://www.debian.org/security/2011/dsa-2282 RHSA-2011:0919 http://rhn.redhat.com/errata/RHSA-2011-0919.html SUSE-SU-2011:0806 https://hermes.opensuse.org/messages/9605323 USN-1165-1 http://ubuntu.com/usn/usn-1165-1 https://bugzilla.redhat.com/show_bug.cgi?id=713589 openSUSE-SU-2011:0803 http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00007.html Common Vulnerability Exposure (CVE) ID: CVE-2011-2512 44458 http://secunia.com/advisories/44458 44648 http://secunia.com/advisories/44648 DSA-2270 https://www.debian.org/security/2011/dsa-2270 [oss-security] 20110628 CVE request: qemu-kvm: OOB memory access caused by negative vq notifies http://www.openwall.com/lists/oss-security/2011/06/28/13 [oss-security] 20110629 Re: CVE request: qemu-kvm: OOB memory access caused by negative vq notifies http://www.openwall.com/lists/oss-security/2011/06/29/15 http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=7157e2e23e89adcd436caeab31fdd6b47eded377
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.