 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.2.2021.2046 |
| Category: | Huawei EulerOS Local Security Checks |
| Title: | Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2021-2046) |
| Summary: | The remote host is missing an update for the Huawei EulerOS 'qemu-kvm' package(s) announced via the EulerOS-SA-2021-2046 advisory. |
| Description: | Summary: The remote host is missing an update for the Huawei EulerOS 'qemu-kvm' package(s) announced via the EulerOS-SA-2021-2046 advisory. Vulnerability Insight: An out-of-bounds access flaw was found in the Message Signalled Interrupt (MSI-X) device support of QEMU. This issue occurs while performing MSI-X mmio operations when a guest sent address goes beyond the mmio region. A guest user or process may use this flaw to crash the QEMU process resulting in a denial of service.(CVE-2020-13754) hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.(CVE-2020-25743) pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.(CVE-2020-25742) QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.(CVE-2020-25085) The patch for CVE-2020-17380 and CVE-2020-25085, both involving a heap buffer overflow in the SDHCI controller emulation code of QEMU, was found to be incomplete. A malicious privileged guest could reproduce the same issues with specially crafted input, inducing a bogus transfer and subsequent out-of-bounds read/write access in sdhci_do_adma() or sdhci_sdma_transfer_multi_blocks(). CVE-2021-3409 was assigned to facilitate the tracking and backporting of the new patch.(CVE-2021-3409) A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.(CVE-2021-3392) A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.(CVE-2021-3416) Affected Software/OS: 'qemu-kvm' package(s) on Huawei EulerOS Virtualization 3.0.6.6. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-20382 Debian Security Information: DSA-4665 (Google Search) https://www.debian.org/security/2020/dsa-4665 http://www.openwall.com/lists/oss-security/2020/03/05/1 https://git.qemu.org/?p=qemu.git;a=commit;h=6bf21f3d83e95bcc4ba35a7a07cc6655e8b010b0 https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html SuSE Security Announcement: openSUSE-SU-2020:0468 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html https://usn.ubuntu.com/4372-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-13754 Debian Security Information: DSA-4728 (Google Search) https://www.debian.org/security/2020/dsa-4728 https://security.gentoo.org/glsa/202011-09 https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00004.html http://www.openwall.com/lists/oss-security/2020/06/15/8 https://usn.ubuntu.com/4467-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-25085 https://bugs.launchpad.net/qemu/+bug/1892960 https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg00733.html https://lists.debian.org/debian-lts-announce/2020/11/msg00047.html https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html http://www.openwall.com/lists/oss-security/2021/03/09/1 Common Vulnerability Exposure (CVE) ID: CVE-2020-25742 https://bugzilla.redhat.com/show_bug.cgi?id=1883178 https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1 Common Vulnerability Exposure (CVE) ID: CVE-2020-25743 https://bugzilla.redhat.com/show_bug.cgi?id=1881409 https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05967.html https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1b Common Vulnerability Exposure (CVE) ID: CVE-2021-3392 https://bugs.launchpad.net/qemu/+bug/1914236 https://bugzilla.redhat.com/show_bug.cgi?id=1924042 https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2021-3409 GLSA-202208-27 https://security.gentoo.org/glsa/202208-27 [debian-lts-announce] 20210410 [SECURITY] [DLA 2623-1] qemu security update https://bugzilla.redhat.com/show_bug.cgi?id=1928146 https://security.netapp.com/advisory/ntap-20210507-0001/ https://www.openwall.com/lists/oss-security/2021/03/09/1 Common Vulnerability Exposure (CVE) ID: CVE-2021-3416 [debian-lts-announce] 20220905 [SECURITY] [DLA 3099-1] qemu security update https://bugzilla.redhat.com/show_bug.cgi?id=1932827 https://security.netapp.com/advisory/ntap-20210507-0002/ https://www.openwall.com/lists/oss-security/2021/02/26/1 |
| Copyright | Copyright (C) 2021 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |