Test ID:	1.3.6.1.4.1.25623.1.1.1.2.2016.652
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DLA-652-1)
Summary:	The remote host is missing an update for the Debian 'qemu' package(s) announced via the DLA-652-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'qemu' package(s) announced via the DLA-652-1 advisory. Vulnerability Insight: Multiple vulnerabilities have been found in QEMU: CVE-2016-7161 Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet. CVE-2016-7170 The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) is vulnerable to an OOB memory access. CVE-2016-7908 The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags. For Debian 7 Wheezy, these problems have been fixed in version 1.1.2+dfsg-6+deb7u16. We recommend that you upgrade your qemu packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references] Affected Software/OS: 'qemu' package(s) on Debian 7. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7161 BugTraq ID: 93141 http://www.securityfocus.com/bid/93141 https://security.gentoo.org/glsa/201611-11 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html http://www.openwall.com/lists/oss-security/2016/09/23/6 http://www.openwall.com/lists/oss-security/2016/09/23/8 https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01598.html https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01877.html SuSE Security Announcement: openSUSE-SU-2016:3237 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html Common Vulnerability Exposure (CVE) ID: CVE-2016-7170 92904 http://www.securityfocus.com/bid/92904 [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update [oss-security] 20160909 CVE Request Qemu: vmware_vga: OOB stack memory access when processing svga command http://www.openwall.com/lists/oss-security/2016/09/09/4 [oss-security] 20160909 Re: CVE Request Qemu: vmware_vga: OOB stack memory access when processing svga command http://www.openwall.com/lists/oss-security/2016/09/09/7 [qemu-devel] 20160908 [PATCH] vmsvga: correct bitmap and pixmap size checks https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=167d97a3def77ee2dbf6e908b0ecbfe2103977db openSUSE-SU-2016:3237 Common Vulnerability Exposure (CVE) ID: CVE-2016-7908 93273 http://www.securityfocus.com/bid/93273 GLSA-201611-11 [oss-security] 20161003 CVE request Qemu: net: Infinite loop in mcf_fec_do_tx http://www.openwall.com/lists/oss-security/2016/10/03/2 [oss-security] 20161003 Re: CVE request Qemu: net: Infinite loop in mcf_fec_do_tx http://www.openwall.com/lists/oss-security/2016/10/03/5 [qemu-devel] 20160922 [PATCH v2] net: mcf: limit buffer descriptor count https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=070c4b92b8cd5390889716677a0b92444d6e087a
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.