 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.882637 |
| Kategorie: | CentOS Local Security Checks |
| Titel: | CentOS Update for qemu-img CESA-2017:0083 centos7 |
| Zusammenfassung: | Check the version of qemu-img |
| Beschreibung: | Summary: Check the version of qemu-img Vulnerability Insight: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix(es): * An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could use this flaw to crash the QEMU process (denial of service). (CVE-2016-2857) Red Hat would like to thank Ling Liu (Qihoo 360 Inc.) for reporting this issue. Bug Fix(es): * Previously, rebooting a guest virtual machine more than 128 times in a short period of time caused the guest to shut down instead of rebooting, because the virtqueue was not cleaned properly. This update ensures that the virtqueue is cleaned more reliably, which prevents the described problem from occurring. (BZ#1393484) Affected Software/OS: qemu-img on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 3.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-2857 84130 http://www.securityfocus.com/bid/84130 RHSA-2016:2670 http://rhn.redhat.com/errata/RHSA-2016-2670.html RHSA-2016:2671 http://rhn.redhat.com/errata/RHSA-2016-2671.html RHSA-2016:2704 http://rhn.redhat.com/errata/RHSA-2016-2704.html RHSA-2016:2705 http://rhn.redhat.com/errata/RHSA-2016-2705.html RHSA-2016:2706 http://rhn.redhat.com/errata/RHSA-2016-2706.html RHSA-2017:0083 http://rhn.redhat.com/errata/RHSA-2017-0083.html RHSA-2017:0309 http://rhn.redhat.com/errata/RHSA-2017-0309.html RHSA-2017:0334 http://rhn.redhat.com/errata/RHSA-2017-0334.html RHSA-2017:0344 http://rhn.redhat.com/errata/RHSA-2017-0344.html RHSA-2017:0350 http://rhn.redhat.com/errata/RHSA-2017-0350.html USN-2974-1 http://www.ubuntu.com/usn/USN-2974-1 [debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html [oss-security] 20160303 CVE request Qemu: net: out of bounds read in net_checksum_calculate http://www.openwall.com/lists/oss-security/2016/03/03/9 [oss-security] 20160306 Re: CVE request Qemu: net: out of bounds read in net_checksum_calculate http://www.openwall.com/lists/oss-security/2016/03/07/3 http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=362786f14a753d8a5256ef97d7c10ed576d6572b |
| Copyright | Copyright (C) 2017 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |