Test ID:	1.3.6.1.4.1.25623.1.0.843466
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3575-2)
Summary:	The remote host is missing an update for the 'qemu' package(s) announced via the USN-3575-2 advisory.
Description:	Summary: The remote host is missing an update for the 'qemu' package(s) announced via the USN-3575-2 advisory. Vulnerability Insight: USN-3575-1 fixed vulnerabilities in QEMU. The fix for CVE-2017-11334 caused a regression in Xen environments. This update removes the problematic fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-11334) David Buchanan discovered that QEMU incorrectly handled the VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 17.10. (CVE-2017-13672) Thomas Garnier discovered that QEMU incorrectly handled multiboot. An attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-14167) Tuomas Tynkkynen discovered that QEMU incorrectly handled VirtFS directory sharing. An attacker could use this issue to obtain sensitive information from host memory. (CVE-2017-15038) Eric Blake discovered that QEMU incorrectly handled memory in the NBD server. An attacker could use this issue to cause the NBD server to crash, resulting in a denial of service. This issue only affected Ubuntu 17.10. (CVE-2017-15118) Eric Blake discovered that QEMU incorrectly handled certain options to the NBD server. An attacker could use this issue to cause the NBD server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15119) Daniel Berrange discovered that QEMU incorrectly handled the VNC server. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. This issue was only addressed in Ubuntu 17.10. (CVE-2017-15124) Carl Brassey discovered that QEMU incorrectly handled certain websockets. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. This issue only affected Ubuntu 17.10. (CVE-2017-15268) Guoxiang Niu discovered that QEMU incorrectly handled the Cirrus VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-15289) Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2017-16845) It was discovered that QEMU ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'qemu' package(s) on Ubuntu 14.04, Ubuntu 16.04. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-11334 BugTraq ID: 99895 http://www.securityfocus.com/bid/99895 Debian Security Information: DSA-3925 (Google Search) http://www.debian.org/security/2017/dsa-3925 http://www.openwall.com/lists/oss-security/2017/07/17/4 https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html RedHat Security Advisories: RHSA-2017:3369 https://access.redhat.com/errata/RHSA-2017:3369 RedHat Security Advisories: RHSA-2017:3466 https://access.redhat.com/errata/RHSA-2017:3466 RedHat Security Advisories: RHSA-2017:3470 https://access.redhat.com/errata/RHSA-2017:3470 RedHat Security Advisories: RHSA-2017:3471 https://access.redhat.com/errata/RHSA-2017:3471 RedHat Security Advisories: RHSA-2017:3472 https://access.redhat.com/errata/RHSA-2017:3472 RedHat Security Advisories: RHSA-2017:3473 https://access.redhat.com/errata/RHSA-2017:3473 RedHat Security Advisories: RHSA-2017:3474 https://access.redhat.com/errata/RHSA-2017:3474 https://usn.ubuntu.com/3575-1/ Common Vulnerability Exposure (CVE) ID: CVE-2017-13672 BugTraq ID: 100540 http://www.securityfocus.com/bid/100540 Debian Security Information: DSA-3991 (Google Search) http://www.debian.org/security/2017/dsa-3991 http://www.openwall.com/lists/oss-security/2017/08/30/3 https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04684.html RedHat Security Advisories: RHSA-2018:0816 https://access.redhat.com/errata/RHSA-2018:0816 RedHat Security Advisories: RHSA-2018:1104 https://access.redhat.com/errata/RHSA-2018:1104 RedHat Security Advisories: RHSA-2018:1113 https://access.redhat.com/errata/RHSA-2018:1113 RedHat Security Advisories: RHSA-2018:2162 https://access.redhat.com/errata/RHSA-2018:2162 SuSE Security Announcement: openSUSE-SU-2019:1074 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html Common Vulnerability Exposure (CVE) ID: CVE-2017-14167 BugTraq ID: 100694 http://www.securityfocus.com/bid/100694 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html http://www.openwall.com/lists/oss-security/2017/09/07/2 https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01032.html RedHat Security Advisories: RHSA-2017:3368 https://access.redhat.com/errata/RHSA-2017:3368 Common Vulnerability Exposure (CVE) ID: CVE-2017-15038 Debian Security Information: DSA-4213 (Google Search) https://www.debian.org/security/2018/dsa-4213 http://www.openwall.com/lists/oss-security/2017/10/06/1 https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg00729.html Common Vulnerability Exposure (CVE) ID: CVE-2017-15118 BugTraq ID: 101975 http://www.securityfocus.com/bid/101975 https://www.exploit-db.com/exploits/43194/ http://www.openwall.com/lists/oss-security/2017/11/28/8 https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg05045.html Common Vulnerability Exposure (CVE) ID: CVE-2017-15119 BugTraq ID: 102011 http://www.securityfocus.com/bid/102011 http://www.openwall.com/lists/oss-security/2017/11/28/9 https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg05044.html Common Vulnerability Exposure (CVE) ID: CVE-2017-15124 102295 http://www.securityfocus.com/bid/102295 DSA-4213 RHSA-2018:0816 RHSA-2018:1104 RHSA-2018:1113 RHSA-2018:3062 https://access.redhat.com/errata/RHSA-2018:3062 USN-3575-1 https://bugzilla.redhat.com/show_bug.cgi?id=1525195 Common Vulnerability Exposure (CVE) ID: CVE-2017-15268 BugTraq ID: 101277 http://www.securityfocus.com/bid/101277 https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg02278.html Common Vulnerability Exposure (CVE) ID: CVE-2017-15289 BugTraq ID: 101262 http://www.securityfocus.com/bid/101262 http://www.openwall.com/lists/oss-security/2017/10/12/16 https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg02557.html RedHat Security Advisories: RHSA-2018:0516 https://access.redhat.com/errata/RHSA-2018:0516 Common Vulnerability Exposure (CVE) ID: CVE-2017-16845 BugTraq ID: 101923 http://www.securityfocus.com/bid/101923 https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg02982.html https://usn.ubuntu.com/3649-1/
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.