 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.882732 |
| Kategorie: | CentOS Local Security Checks |
| Titel: | CentOS Update for qemu-img CESA-2017:1430 centos7 |
| Zusammenfassung: | Check the version of qemu-img |
| Beschreibung: | Summary: Check the version of qemu-img Vulnerability Insight: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix(es): * An out-of-bounds r/w access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data via various bitblt functions. A privileged user inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. (CVE-2017-7980) * An out-of-bounds access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data using bitblt functions (for example, cirrus_bitblt_rop_fwd_transp_). A privileged user inside a guest could use this flaw to crash the QEMU process, resulting in denial of service. (CVE-2017-7718) Red Hat would like to thank Jiangxin (PSIRT Huawei Inc) and Li Qiang (Qihoo 360 Gear Team) for reporting CVE-2017-7980 and Jiangxin (PSIRT Huawei Inc) for reporting CVE-2017-7718. Bug Fix(es): * Previously, guest virtual machines in some cases became unresponsive when the 'pty' back end of a serial device performed an irregular I/O communication. This update improves the handling of serial I/O on guests, which prevents the described problem from occurring. (BZ#1452332) Affected Software/OS: qemu-img on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-7718 BugTraq ID: 97957 http://www.securityfocus.com/bid/97957 https://security.gentoo.org/glsa/201706-03 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html http://www.openwall.com/lists/oss-security/2017/04/19/4 RedHat Security Advisories: RHSA-2017:0980 https://access.redhat.com/errata/RHSA-2017:0980 RedHat Security Advisories: RHSA-2017:0981 https://access.redhat.com/errata/RHSA-2017:0981 RedHat Security Advisories: RHSA-2017:0982 https://access.redhat.com/errata/RHSA-2017:0982 RedHat Security Advisories: RHSA-2017:0983 https://access.redhat.com/errata/RHSA-2017:0983 RedHat Security Advisories: RHSA-2017:0984 https://access.redhat.com/errata/RHSA-2017:0984 RedHat Security Advisories: RHSA-2017:0988 https://access.redhat.com/errata/RHSA-2017:0988 RedHat Security Advisories: RHSA-2017:1205 https://access.redhat.com/errata/RHSA-2017:1205 RedHat Security Advisories: RHSA-2017:1206 https://access.redhat.com/errata/RHSA-2017:1206 RedHat Security Advisories: RHSA-2017:1430 https://access.redhat.com/errata/RHSA-2017:1430 RedHat Security Advisories: RHSA-2017:1431 https://access.redhat.com/errata/RHSA-2017:1431 RedHat Security Advisories: RHSA-2017:1441 https://access.redhat.com/errata/RHSA-2017:1441 Common Vulnerability Exposure (CVE) ID: CVE-2017-7980 BugTraq ID: 102129 http://www.securityfocus.com/bid/102129 BugTraq ID: 97955 http://www.securityfocus.com/bid/97955 http://www.openwall.com/lists/oss-security/2017/04/21/1 http://ubuntu.com/usn/usn-3289-1 |
| Copyright | Copyright (C) 2017 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |