English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.123367
Kategorie:Oracle Linux Local Security Checks
Titel:Oracle: Security Advisory (ELSA-2014-0927)
Zusammenfassung:The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2014-0927 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2014-0927 advisory.

Vulnerability Insight:
[1.5.3-60.el7_0.5]
- kvm-Allow-mismatched-virtio-config-len.patch [bz#1095782]
- Resolves: bz#1095782
(CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid config_len [rhel-7.0.z])

[1.5.3-60.el7_0.4]
- kvm-zero-initialize-KVM_SET_GSI_ROUTING-input.patch [bz#1110693]
- kvm-skip-system-call-when-msi-route-is-unchanged.patch [bz#1110693]
- Resolves: bz#1110693
(2x RHEL 5.10 VM running on RHEL 7 KVM have low TCP_STREAM throughput)

[1.5.3-60.el7_0.3]
- kvm-virtio-net-fix-buffer-overflow-on-invalid-state-load.patch [bz#1095677]
- kvm-virtio-net-out-of-bounds-buffer-write-on-load.patch [bz#1095684]
- kvm-virtio-net-out-of-bounds-buffer-write-on-invalid-sta.patch [bz#1095689]
- kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch [bz#1095694]
- kvm-virtio-avoid-buffer-overrun-on-incoming-migration.patch [bz#1095737]
- kvm-virtio-scsi-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095741]
- kvm-virtio-validate-config_len-on-load.patch [bz#1095782]
- kvm-virtio-validate-num_sg-when-mapping.patch [bz#1095765]
- kvm-virtio-allow-mapping-up-to-max-queue-size.patch [bz#1095765]
- kvm-vmstate-add-VMS_MUST_EXIST.patch [bz#1095706]
- kvm-vmstate-add-VMSTATE_VALIDATE.patch [bz#1095706]
- kvm-hpet-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095706]
- kvm-hw-pci-pcie_aer.c-fix-buffer-overruns-on-invalid-sta.patch [bz#1095714]
- kvm-usb-sanity-check-setup_index-setup_len-in-post_load.patch [bz#1095746]
- kvm-usb-sanity-check-setup_index-setup_len-in-post_l2.patch [bz#1095746]
- kvm-usb-fix-up-post-load-checks.patch [bz#1096828]
- kvm-XBZRLE-Fix-qemu-crash-when-resize-the-xbzrle-cache.patch [bz#1110191]
- kvm-Provide-init-function-for-ram-migration.patch [bz#1110191]
- kvm-Init-the-XBZRLE.lock-in-ram_mig_init.patch [bz#1110191]
- kvm-XBZRLE-Fix-one-XBZRLE-corruption-issues.patch [bz#1110191]
- kvm-Count-used-RAMBlock-pages-for-migration_dirty_pages.patch [bz#1110189]
- kvm-qcow-correctly-propagate-errors.patch [bz#1097229]
- kvm-qcow1-Make-padding-in-the-header-explicit.patch [bz#1097229]
- kvm-qcow1-Check-maximum-cluster-size.patch [bz#1097229]
- kvm-qcow1-Validate-L2-table-size-CVE-2014-0222.patch [bz#1097229]
- kvm-qcow1-Validate-image-size-CVE-2014-0223.patch [bz#1097236]
- kvm-qcow1-Stricter-backing-file-length-check.patch [bz#1097236]
- kvm-char-restore-read-callback-on-a-reattached-hotplug-c.patch [bz#1110219]
- kvm-qcow2-Free-preallocated-zero-clusters.patch [bz#1110188]
- kvm-qemu-iotests-Discard-preallocated-zero-clusters.patch [bz#1110188]
- Resolves: bz#1095677
(CVE-2013-4148 qemu-kvm: qemu: virtio-net: buffer overflow on invalid state load [rhel-7.0.z])
- Resolves: bz#1095684
(CVE-2013-4149 qemu-kvm: qemu: virtio-net: out-of-bounds buffer write on load [rhel-7.0.z])
- Resolves: bz#1095689
(CVE-2013-4150 qemu-kvm: qemu: virtio-net: out-of-bounds buffer write on invalid state load [rhel-7.0.z])
- Resolves: ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'qemu-kvm' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-4148
FEDORA-2014-6288
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
RHSA-2014:0743
http://rhn.redhat.com/errata/RHSA-2014-0743.html
RHSA-2014:0744
http://rhn.redhat.com/errata/RHSA-2014-0744.html
[Qemu-stable] 20140723 [ANNOUNCE] QEMU 1.7.2 Stable released
http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=71f7fe48e10a8437c9d42d859389f37157f59980
Common Vulnerability Exposure (CVE) ID: CVE-2013-4149
RHSA-2014:0927
http://rhn.redhat.com/errata/RHSA-2014-0927.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=98f93ddd84800f207889491e0b5d851386b459cf
Common Vulnerability Exposure (CVE) ID: CVE-2013-4150
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=eea750a5623ddac7a61982eec8f1c93481857578
Common Vulnerability Exposure (CVE) ID: CVE-2013-4151
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=cc45995294b92d95319b4782750a3580cabdbc0c
Common Vulnerability Exposure (CVE) ID: CVE-2013-4527
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=3f1c49e2136fa08ab1ef3183fd55def308829584
Common Vulnerability Exposure (CVE) ID: CVE-2013-4529
[Qemu-devel] 20131213 [PATCH 00/23] qemu state loading issues
http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4535
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=36cf2a37132c7f01fa9adb5f95f5312b27742fd4
https://bugzilla.redhat.com/show_bug.cgi?id=1066401
Common Vulnerability Exposure (CVE) ID: CVE-2013-4536
Common Vulnerability Exposure (CVE) ID: CVE-2013-4541
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=9f8e9895c504149d7048e9fc5eb5cbb34b16e49a
Common Vulnerability Exposure (CVE) ID: CVE-2013-4542
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=3c3ce981423e0d6c18af82ee62f1850c2cda5976
Common Vulnerability Exposure (CVE) ID: CVE-2013-6399
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=4b53c2c72cb5541cf394033b528a6fe2a86c0ac1
Common Vulnerability Exposure (CVE) ID: CVE-2014-0182
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc
Common Vulnerability Exposure (CVE) ID: CVE-2014-0222
67357
http://www.securityfocus.com/bid/67357
DSA-3044
http://www.debian.org/security/2014/dsa-3044
FEDORA-2014-6970
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html
SUSE-SU-2015:0929
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html
[Qemu-devel] 20140512 [PATCH 3/5] qcow1: Validate L2 table size (CVE-2014-0222)
https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
openSUSE-SU-2015:1965
http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-0223
67391
http://www.securityfocus.com/bid/67391
[Qemu-devel] 20140512 [PATCH 4/5] qcow1: Validate image size (CVE-2014-0223)
https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3461
[qemu-devel] 20140512 [PATCH] usb: fix up post load checks
http://article.gmane.org/gmane.comp.emulators.qemu/272092
CopyrightCopyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.