Test ID:	1.3.6.1.4.1.25623.1.0.845258
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-5307-1)
Summary:	The remote host is missing an update for the 'qemu' package(s) announced via the USN-5307-1 advisory.
Description:	Summary: The remote host is missing an update for the 'qemu' package(s) announced via the USN-5307-1 advisory. Vulnerability Insight: Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20196) Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20203) It was discovered that the QEMU vhost-user GPU device contained several security issues. An attacker inside the guest could use these issues to cause QEMU to crash, resulting in a denial of service, leak sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10. (CVE-2021-3544, CVE-2021-3545, CVE-2021-3546) It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3682) It was discovered that the QEMU UAS device emulation incorrectly handled certain stream numbers. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10. (CVE-2021-3713) It was discovered that the QEMU virtio-net device incorrectly handled certain buffer addresses. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3748) It was discovered that the QEMU SCSI device emulation incorrectly handled certain MODE SELECT commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2021-3930) It was discovered that the QEMU ACPI logic incorrectly handled certain values. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 21.10. (CVE-2021-4158) Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that the QEMU virtiofsd device incorrectly handled permissions when creating files. An attacker inside the guest could use this issue to create files inside the directory shared by virtiofs with unintended permissions, possibly allowing privilege escalation. This issue only affected Ubuntu 21.10. (CVE-2022-0358) Affected Software/OS: 'qemu' package(s) on Ubuntu 18.04, Ubuntu 20.04, Ubuntu 21.10. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-20196 [debian-lts-announce] 20220404 [SECURITY] [DLA 2970-1] qemu security update https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html [debian-lts-announce] 20220905 [SECURITY] [DLA 3099-1] qemu security update https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://bugs.launchpad.net/qemu/+bug/1912780 https://security.netapp.com/advisory/ntap-20210708-0004/ https://www.openwall.com/lists/oss-security/2021/01/28/1 Common Vulnerability Exposure (CVE) ID: CVE-2021-20203 GLSA-202208-27 https://security.gentoo.org/glsa/202208-27 [debian-lts-announce] 20210410 [SECURITY] [DLA 2623-1] qemu security update https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html https://bugs.launchpad.net/qemu/+bug/1913873 https://bugzilla.redhat.com/show_bug.cgi?id=1922441 Common Vulnerability Exposure (CVE) ID: CVE-2021-3544 DSA-4980 https://www.debian.org/security/2021/dsa-4980 [oss-security] 20210531 QEMU: security issues in vhost-user-gpu http://www.openwall.com/lists/oss-security/2021/05/31/1 https://bugzilla.redhat.com/show_bug.cgi?id=1958935 https://security.netapp.com/advisory/ntap-20210720-0008/ Common Vulnerability Exposure (CVE) ID: CVE-2021-3545 https://bugzilla.redhat.com/show_bug.cgi?id=1958955 Common Vulnerability Exposure (CVE) ID: CVE-2021-3546 https://bugzilla.redhat.com/show_bug.cgi?id=1958978 Common Vulnerability Exposure (CVE) ID: CVE-2021-3682 Debian Security Information: DSA-4980 (Google Search) https://bugzilla.redhat.com/show_bug.cgi?id=1989651 https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2021-3713 https://bugzilla.redhat.com/show_bug.cgi?id=1994640 Common Vulnerability Exposure (CVE) ID: CVE-2021-3748 https://bugzilla.redhat.com/show_bug.cgi?id=1998514 https://github.com/qemu/qemu/commit/bedd7e93d01961fcb16a97ae45d93acf357e11f6 https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg00388.html https://ubuntu.com/security/CVE-2021-3748 Common Vulnerability Exposure (CVE) ID: CVE-2021-3930 https://bugzilla.redhat.com/show_bug.cgi?id=2020588 Common Vulnerability Exposure (CVE) ID: CVE-2021-4158 https://access.redhat.com/security/cve/CVE-2021-4158 https://bugzilla.redhat.com/show_bug.cgi?id=2035002 https://gitlab.com/qemu-project/qemu/-/commit/9bd6565ccee68f72d5012e24646e12a1c662827e https://gitlab.com/qemu-project/qemu/-/issues/770 https://www.mail-archive.com/qemu-devel%40nongnu.org/msg857944.html Common Vulnerability Exposure (CVE) ID: CVE-2022-0358 https://access.redhat.com/security/cve/CVE-2022-0358 https://bugzilla.redhat.com/show_bug.cgi?id=2044863 https://gitlab.com/qemu-project/qemu/-/commit/449e8171f96a6a944d1f3b7d3627ae059eae21ca
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.