Test ID:	1.3.6.1.4.1.25623.1.0.72520
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 201210-04 (ebuild)
Summary:	The remote host is missing updates announced in;advisory GLSA 201210-04.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 201210-04. Vulnerability Insight: Multiple vulnerabilities were found in qemu-kvm, allowing attackers to execute arbitrary code. Solution: All qemu-kvm users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/qemu-kvm-1.1.1-r1' CVSS Score: 7.4 CVSS Vector: AV:A/AC:M/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1750 44132 http://secunia.com/advisories/44132 44393 http://secunia.com/advisories/44393 44658 http://secunia.com/advisories/44658 44660 http://secunia.com/advisories/44660 44900 http://secunia.com/advisories/44900 73756 http://www.osvdb.org/73756 DSA-2230 https://www.debian.org/security/2011/dsa-2230 FEDORA-2012-8604 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html RHSA-2011:0534 http://rhn.redhat.com/errata/RHSA-2011-0534.html SUSE-SU-2011:0533 https://hermes.opensuse.org/messages/8572547 USN-1145-1 https://www.ubuntu.com/usn/USN-1145-1/ [Qemu-devel] 20110330 Re: virtio-blk.c handling of i/o which is not a 512 multiple http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03019.html [Qemu-devel] 20110330 virtio-blk.c handling of i/o which is not a 512 multiple http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03015.html http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=52c050236eaa4f0b5e1d160cd66dc18106445c4d kvm-virtioblk-priv-escalation(67062) https://exchange.xforce.ibmcloud.com/vulnerabilities/67062 openSUSE-SU-2011:0510 http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html Common Vulnerability Exposure (CVE) ID: CVE-2011-1751 44458 http://secunia.com/advisories/44458 44648 http://secunia.com/advisories/44648 47927 http://www.securityfocus.com/bid/47927 73395 http://www.osvdb.org/73395 [Qemu-devel] 20110519 [PATCH] Ignore pci unplug requests for unpluggable devices http://lists.nongnu.org/archive/html/qemu-devel/2011-05/msg01810.html [oss-security] 20110519 CVE-2011-1751 qemu: acpi_piix4: missing hotplug check during device removal http://www.openwall.com/lists/oss-security/2011/05/19/2 http://blog.nelhage.com/2011/08/breaking-out-of-kvm/ http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=505597e4476a6bc219d0ec1362b760d71cb4fdca https://bugzilla.redhat.com/show_bug.cgi?id=699773 https://github.com/nelhage/virtunoid Common Vulnerability Exposure (CVE) ID: CVE-2011-2212 45158 http://secunia.com/advisories/45158 45170 http://secunia.com/advisories/45170 45187 http://secunia.com/advisories/45187 45188 http://secunia.com/advisories/45188 45301 http://secunia.com/advisories/45301 45354 http://secunia.com/advisories/45354 74751 http://www.osvdb.org/74751 DSA-2282 https://www.debian.org/security/2011/dsa-2282 RHSA-2011:0919 http://rhn.redhat.com/errata/RHSA-2011-0919.html SUSE-SU-2011:0806 https://hermes.opensuse.org/messages/9605323 USN-1165-1 http://ubuntu.com/usn/usn-1165-1 https://bugzilla.redhat.com/show_bug.cgi?id=713589 openSUSE-SU-2011:0803 http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00007.html Common Vulnerability Exposure (CVE) ID: CVE-2011-2512 DSA-2270 https://www.debian.org/security/2011/dsa-2270 [oss-security] 20110628 CVE request: qemu-kvm: OOB memory access caused by negative vq notifies http://www.openwall.com/lists/oss-security/2011/06/28/13 [oss-security] 20110629 Re: CVE request: qemu-kvm: OOB memory access caused by negative vq notifies http://www.openwall.com/lists/oss-security/2011/06/29/15 http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=7157e2e23e89adcd436caeab31fdd6b47eded377 Common Vulnerability Exposure (CVE) ID: CVE-2012-0029 47740 http://secunia.com/advisories/47740 47741 http://secunia.com/advisories/47741 47992 http://secunia.com/advisories/47992 48318 http://secunia.com/advisories/48318 50913 http://secunia.com/advisories/50913 51642 http://www.securityfocus.com/bid/51642 RHSA-2012:0050 http://www.redhat.com/support/errata/RHSA-2012-0050.html RHSA-2012:0370 http://rhn.redhat.com/errata/RHSA-2012-0370.html SUSE-SU-2012:1320 http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00002.html USN-1339-1 http://www.ubuntu.com/usn/USN-1339-1 http://git.qemu.org/?p=qemu.git%3Ba=log%3Bh=refs/heads/stable-1.0 https://bugzilla.redhat.com/show_bug.cgi?id=772075 openSUSE-SU-2012:0207 http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html qemu-processtxdesc-bo(72656) https://exchange.xforce.ibmcloud.com/vulnerabilities/72656 Common Vulnerability Exposure (CVE) ID: CVE-2012-2652 50132 http://secunia.com/advisories/50132 50689 http://secunia.com/advisories/50689 53725 http://www.securityfocus.com/bid/53725 DSA-2545 http://www.debian.org/security/2012/dsa-2545 SUSE-SU-2012:1202 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html USN-1522-1 http://www.ubuntu.com/usn/USN-1522-1 http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=eba25057b9a5e19d10ace2bc7716667a31297169 http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log
Copyright	Copyright (C) 2012 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.