English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.123166
Kategorie:Oracle Linux Local Security Checks
Titel:Oracle: Security Advisory (ELSA-2015-0349)
Zusammenfassung:The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2015-0349 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2015-0349 advisory.

Vulnerability Insight:
[1.5.3-86.el7]
- kvm-vfio-pci-Fix-interrupt-disabling.patch [bz#1180942]
- kvm-cirrus-fix-blit-region-check.patch [bz#1169456]
- kvm-cirrus-don-t-overflow-CirrusVGAState-cirrus_bltbuf.patch [bz#1169456]
- Resolves: bz#1169456
(CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks [rhel-7.1])
- Resolves: bz#1180942
(qemu core dumped when unhotplug gpu card assigned to guest)

[1.5.3-85.el7]
- kvm-block-delete-cow-block-driver.patch [bz#1175325]
- Resolves: bz#1175325
(Delete cow block driver)

[1.5.3-84.el7]
- kvm-qemu-iotests-Test-case-for-backing-file-deletion.patch [bz#1002493]
- kvm-qemu-iotests-Add-sample-image-and-test-for-VMDK-vers.patch [bz#1134237]
- kvm-vmdk-Check-VMFS-extent-line-field-number.patch [bz#1134237]
- kvm-qemu-iotests-Introduce-_unsupported_imgopts.patch [bz#1002493]
- kvm-qemu-iotests-Add-_unsupported_imgopts-for-vmdk-subfo.patch [bz#1002493]
- kvm-vmdk-Fix-big-flat-extent-IO.patch [bz#1134241]
- kvm-vmdk-Check-for-overhead-when-opening.patch [bz#1134251]
- kvm-block-vmdk-add-basic-.bdrv_check-support.patch [bz#1134251]
- kvm-qemu-iotest-Make-077-raw-only.patch [bz#1134237]
- kvm-qemu-iotests-Don-t-run-005-on-vmdk-split-formats.patch [bz#1002493]
- kvm-vmdk-extract-vmdk_read_desc.patch [bz#1134251]
- kvm-vmdk-push-vmdk_read_desc-up-to-caller.patch [bz#1134251]
- kvm-vmdk-do-not-try-opening-a-file-as-both-image-and-des.patch [bz#1134251]
- kvm-vmdk-correctly-propagate-errors.patch [bz#1134251]
- kvm-block-vmdk-do-not-report-file-offset-for-compressed-.patch [bz#1134251]
- kvm-vmdk-Fix-d-and-lld-to-PRI-in-format-strings.patch [bz#1134251]
- kvm-vmdk-Fix-x-to-PRIx32-in-format-strings-for-cid.patch [bz#1134251]
- kvm-qemu-img-Convert-by-cluster-size-if-target-is-compre.patch [bz#1134283]
- kvm-vmdk-Implement-.bdrv_write_compressed.patch [bz#1134283]
- kvm-vmdk-Implement-.bdrv_get_info.patch [bz#1134283]
- kvm-qemu-iotests-Test-converting-to-streamOptimized-from.patch [bz#1134283]
- kvm-vmdk-Fix-local_err-in-vmdk_create.patch [bz#1134283]
- kvm-fpu-softfloat-drop-INLINE-macro.patch [bz#1002493]
- kvm-block-New-bdrv_nb_sectors.patch [bz#1002493]
- kvm-vmdk-Optimize-cluster-allocation.patch [bz#1002493]
- kvm-vmdk-Handle-failure-for-potentially-large-allocation.patch [bz#1002493]
- kvm-vmdk-Use-bdrv_nb_sectors-where-sectors-not-bytes-are.patch [bz#1002493]
- kvm-vmdk-fix-vmdk_parse_extents-extent_file-leaks.patch [bz#1002493]
- kvm-vmdk-fix-buf-leak-in-vmdk_parse_extents.patch [bz#1002493]
- kvm-vmdk-Fix-integer-overflow-in-offset-calculation.patch [bz#1002493]
- kvm-migration-fix-parameter-validation-on-ram-load-CVE-2.patch [bz#1163078]
- Resolves: bz#1002493
(qemu-img convert rate about 100k/second from qcow2/raw to vmdk format on nfs system file)
- Resolves: bz#1134237
(Opening malformed VMDK description file should fail)
- Resolves: bz#1134241
(QEMU fails to correctly read/write on VMDK with big flat extent)
- Resolves: ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'qemu-kvm' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-3640
DSA-3044
http://www.debian.org/security/2014/dsa-3044
DSA-3045
http://www.debian.org/security/2014/dsa-3045
RHSA-2015:0349
http://rhn.redhat.com/errata/RHSA-2015-0349.html
RHSA-2015:0624
http://rhn.redhat.com/errata/RHSA-2015-0624.html
USN-2409-1
http://www.ubuntu.com/usn/USN-2409-1
[Qemu-devel] 20140918 [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html
[Qemu-devel] 20140923 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04598.html
[Qemu-devel] 20140924 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04707.html
https://bugzilla.redhat.com/show_bug.cgi?id=1144818
Common Vulnerability Exposure (CVE) ID: CVE-2014-7815
61484
http://secunia.com/advisories/61484
62143
http://secunia.com/advisories/62143
62144
http://secunia.com/advisories/62144
DSA-3066
http://www.debian.org/security/2014/dsa-3066
DSA-3067
http://www.debian.org/security/2014/dsa-3067
SUSE-SU-2015:1782
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e6908bfe8e07f2b452e78e677da1b45b1c0f6829
http://support.citrix.com/article/CTX200892
https://bugzilla.redhat.com/show_bug.cgi?id=1157641
Common Vulnerability Exposure (CVE) ID: CVE-2014-7840
[qemu-devel] 20141112 [PATCH 0/4] migration: fix CVE-2014-7840
http://thread.gmane.org/gmane.comp.emulators.qemu/306117
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=0be839a2701369f669532ea5884c15bead1c6e08
https://bugzilla.redhat.com/show_bug.cgi?id=1163075
qemu-cve20147840-code-exec(99194)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99194
Common Vulnerability Exposure (CVE) ID: CVE-2014-8106
60364
http://secunia.com/advisories/60364
71477
http://www.securityfocus.com/bid/71477
DSA-3087
http://www.debian.org/security/2014/dsa-3087
DSA-3088
http://www.debian.org/security/2014/dsa-3088
FEDORA-2015-5482
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154656.html
RHSA-2015:0643
http://rhn.redhat.com/errata/RHSA-2015-0643.html
RHSA-2015:0795
http://rhn.redhat.com/errata/RHSA-2015-0795.html
RHSA-2015:0867
http://rhn.redhat.com/errata/RHSA-2015-0867.html
RHSA-2015:0868
http://rhn.redhat.com/errata/RHSA-2015-0868.html
RHSA-2015:0891
http://rhn.redhat.com/errata/RHSA-2015-0891.html
[Qemu-devel] 20141204 [PULL for-2.2 0/2] cirrus: fix blit region check (cve-2014-8106)
http://lists.gnu.org/archive/html/qemu-devel/2014-12/msg00508.html
[oss-security] 20141204 CVE-2014-8106 qemu: cirrus: insufficient blit region checks
http://www.openwall.com/lists/oss-security/2014/12/04/8
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=bf25983345ca44aec3dd92c57142be45452bd38a
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d3532a0db02296e687711b8cdc7791924efccea0
qemu-cve20148106-sec-bypass(99126)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99126
CopyrightCopyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.