Test ID:	1.3.6.1.4.1.25623.1.0.882351
Category:	CentOS Local Security Checks
Title:	CentOS: Security Advisory for qemu-guest-agent (CESA-2015:2694)
Summary:	The remote host is missing an update for the 'qemu-guest-agent'; package(s) announced via the CESA-2015:2694 advisory.
Description:	Summary: The remote host is missing an update for the 'qemu-guest-agent' package(s) announced via the CESA-2015:2694 advisory. Vulnerability Insight: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user (with the CAP_SYS_RAWIO capability) inside a guest could use this flaw to crash the host QEMU process (resulting in denial of service) or, potentially, execute arbitrary code with privileges of the host QEMU process. (CVE-2015-7504) A buffer overflow flaw was found in the way QEMU's AMD PC-Net II emulation validated certain received packets from a remote host in non-loopback mode. A remote, unprivileged attacker could potentially use this flaw to execute arbitrary code on the host with the privileges of the QEMU process. Note that to exploit this flaw, the guest network interface must have a large MTU limit. (CVE-2015-7512) Red Hat would like to thank Qinghao Tang of QIHU 360 Marvel Team and Ling Liu of Qihoo 360 Inc. for reporting the CVE-2015-7504 issue, and Ling Liu of Qihoo 360 Inc. for reporting the CVE-2015-7512 issue. The CVE-2015-7512 issue was independently discovered by Jason Wang of Red Hat. All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. Affected Software/OS: 'qemu-guest-agent' package(s) on CentOS 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7504 1034268 http://www.securitytracker.com/id/1034268 78227 http://www.securityfocus.com/bid/78227 DSA-3469 http://www.debian.org/security/2016/dsa-3469 DSA-3470 http://www.debian.org/security/2016/dsa-3470 DSA-3471 http://www.debian.org/security/2016/dsa-3471 GLSA-201602-01 https://security.gentoo.org/glsa/201602-01 GLSA-201604-03 https://security.gentoo.org/glsa/201604-03 RHSA-2015:2694 http://rhn.redhat.com/errata/RHSA-2015-2694.html RHSA-2015:2695 http://rhn.redhat.com/errata/RHSA-2015-2695.html RHSA-2015:2696 http://rhn.redhat.com/errata/RHSA-2015-2696.html [Qemu-devel] 20151130 [PATCH for 2.5 1/2] net: pcnet: add check to validate receive data size(CVE-2015-7504) https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06342.html [oss-security] 20151130 CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in loopback mode http://www.openwall.com/lists/oss-security/2015/11/30/2 http://xenbits.xen.org/xsa/advisory-162.html Common Vulnerability Exposure (CVE) ID: CVE-2015-7512 1034527 http://www.securitytracker.com/id/1034527 78230 http://www.securityfocus.com/bid/78230 [oss-security] 20151130 CVE-2015-7512 Qemu: net: pcnet: buffer overflow in non-loopback mode http://www.openwall.com/lists/oss-security/2015/11/30/3 http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8b98a2f07175d46c3f7217639bd5e03f http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.