Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871210
Category:Red Hat Local Security Checks
Title:RedHat Update for qemu-kvm RHSA-2014:0927-01
Summary:The remote host is missing an update for the 'qemu-kvm'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'qemu-kvm'
package(s) announced via the referenced advisory.

Vulnerability Insight:
KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the
user-space component for running virtual machines using KVM.

Two integer overflow flaws were found in the QEMU block driver for QCOW
version 1 disk images. A user able to alter the QEMU disk image files
loaded by a guest could use either of these flaws to corrupt QEMU process
memory on the host, which could potentially result in arbitrary code
execution on the host with the privileges of the QEMU process.
(CVE-2014-0222, CVE-2014-0223)

Multiple buffer overflow, input validation, and out-of-bounds write flaws
were found in the way virtio, virtio-net, virtio-scsi, usb, and hpet
drivers of QEMU handled state loading after migration. A user able to alter
the savevm data (either on the disk or over the wire during migration)
could use either of these flaws to corrupt QEMU process memory on the
(destination) host, which could potentially result in arbitrary code
execution on the host with the privileges of the QEMU process.
(CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4527,
CVE-2013-4529, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542,
CVE-2013-6399, CVE-2014-0182, CVE-2014-3461)

These issues were discovered by Michael S. Tsirkin, Anthony Liguori and
Michael Roth of Red Hat: CVE-2013-4148, CVE-2013-4149, CVE-2013-4150,
CVE-2013-4151, CVE-2013-4527, CVE-2013-4529, CVE-2013-4535, CVE-2013-4536,
CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, and
CVE-2014-3461.

This update also fixes the following bugs:

* Previously, QEMU did not free pre-allocated zero clusters correctly and
the clusters under some circumstances leaked. With this update,
pre-allocated zero clusters are freed appropriately and the cluster leaks
no longer occur. (BZ#1110188)

* Prior to this update, the QEMU command interface did not properly handle
resizing of cache memory during guest migration, causing QEMU to terminate
unexpectedly with a segmentation fault and QEMU to fail. This update fixes
the related code and QEMU no longer crashes in the described situation.
(BZ#1110191)

* Previously, when a guest device was hot unplugged, QEMU correctly removed
the corresponding file descriptor watch but did not re-create it after the
device was re-connected. As a consequence, the guest became unable to
receive any data from the host over this device. With this update, the file
descriptor's watch is re-created and the guest in the above scenario can
communicate with the host as expected. (BZ#1110219)

* Previously, the Q ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
qemu-kvm on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-4148
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html
RedHat Security Advisories: RHSA-2014:0743
http://rhn.redhat.com/errata/RHSA-2014-0743.html
RedHat Security Advisories: RHSA-2014:0744
http://rhn.redhat.com/errata/RHSA-2014-0744.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4149
RedHat Security Advisories: RHSA-2014:0927
http://rhn.redhat.com/errata/RHSA-2014-0927.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4150
Common Vulnerability Exposure (CVE) ID: CVE-2013-4151
Common Vulnerability Exposure (CVE) ID: CVE-2013-4527
Common Vulnerability Exposure (CVE) ID: CVE-2013-4529
http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4535
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=36cf2a37132c7f01fa9adb5f95f5312b27742fd4
https://bugzilla.redhat.com/show_bug.cgi?id=1066401
Common Vulnerability Exposure (CVE) ID: CVE-2013-4536
Common Vulnerability Exposure (CVE) ID: CVE-2013-4541
Common Vulnerability Exposure (CVE) ID: CVE-2013-4542
Common Vulnerability Exposure (CVE) ID: CVE-2013-6399
Common Vulnerability Exposure (CVE) ID: CVE-2014-0182
Common Vulnerability Exposure (CVE) ID: CVE-2014-0222
BugTraq ID: 67357
http://www.securityfocus.com/bid/67357
Debian Security Information: DSA-3044 (Google Search)
http://www.debian.org/security/2014/dsa-3044
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html
https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
SuSE Security Announcement: SUSE-SU-2015:0929 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html
SuSE Security Announcement: openSUSE-SU-2015:1965 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-0223
BugTraq ID: 67391
http://www.securityfocus.com/bid/67391
https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3461
http://article.gmane.org/gmane.comp.emulators.qemu/272092
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.