Test Kennung:	1.3.6.1.4.1.25623.1.0.882489
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for libcacard CESA-2016:0724 centos7
Zusammenfassung:	Check the version of libcacard
Beschreibung:	Summary: Check the version of libcacard Vulnerability Insight: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix(es): * An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions (VBE) support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process. (CVE-2016-3710) Red Hat would like to thank Wei Xiao (360 Marvel Team) and Qinghao Tang (360 Marvel Team) for reporting this issue. Affected Software/OS: libcacard on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3710 1035794 http://www.securitytracker.com/id/1035794 90316 http://www.securityfocus.com/bid/90316 DSA-3573 http://www.debian.org/security/2016/dsa-3573 RHSA-2016:0724 http://rhn.redhat.com/errata/RHSA-2016-0724.html RHSA-2016:0725 http://rhn.redhat.com/errata/RHSA-2016-0725.html RHSA-2016:0997 http://rhn.redhat.com/errata/RHSA-2016-0997.html RHSA-2016:0999 http://rhn.redhat.com/errata/RHSA-2016-0999.html RHSA-2016:1000 http://rhn.redhat.com/errata/RHSA-2016-1000.html RHSA-2016:1001 http://rhn.redhat.com/errata/RHSA-2016-1001.html RHSA-2016:1002 http://rhn.redhat.com/errata/RHSA-2016-1002.html RHSA-2016:1019 http://rhn.redhat.com/errata/RHSA-2016-1019.html RHSA-2016:1224 https://access.redhat.com/errata/RHSA-2016:1224 RHSA-2016:1943 http://rhn.redhat.com/errata/RHSA-2016-1943.html USN-2974-1 http://www.ubuntu.com/usn/USN-2974-1 [Qemu-devel] 20160509 [PULL 1/5] vga: fix banked access bounds checking (CVE-2016-3710) https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01197.html [oss-security] 20160509 CVE-2016-3710 Qemu: vga: out-of-bounds r/w access issue http://www.openwall.com/lists/oss-security/2016/05/09/3 http://support.citrix.com/article/CTX212736 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://xenbits.xen.org/xsa/advisory-179.html https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.