 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.122371 |
| Categoría: | Oracle Linux Local Security Checks |
| Título: | Oracle: Security Advisory (ELSA-2010-0271) |
| Resumen: | The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2010-0271 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2010-0271 advisory. Vulnerability Insight: [kvm-83-164.0.1.el5] - Add kvm-Introduce-oel-machine-type.patch - Add kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-164.el5] - kvm-Fix-Windows-guests-SVVP-tests.patch [bz#495844] - Resolves: bz#495844 (KVM SVVP: 'Signed Driver check' failure - on the disabled vCPUs (that the VM's BIOS doesn't hide)) [kvm-83-163.el5] - kvm-kernel-avoid-collision-between-out-of-sync-ksm-and-pci-pass.patch [bz#566385] - Resolves: bz#566385 (KVM host panic due to fault in paging64_sync_page() / panic occurs in connection with PCI passthru devices) [kvm-83-162.el5] - kvm-qemu-img-rebase-Add-f-option.patch [bz#569762] - kvm-mark-PCI-IRQs-as-edge-triggered-in-mptables.patch [bz#536749] - Resolves: bz#536749 (can not boot rhel3.9 with if=virtio) - Resolves: bz#569762 ('qemu-img re-base' broken on block devices) - Moved kver to 2.6.18-191.el5 to match build root [kvm-83-161.el5] - kvm-qemu-img-Fix-segfault-during-rebase.patch [bz#563141] - Resolves: bz#563141 (qemu-img re-base subcommand got Segmentation fault) - Moved kver to 2.6.18-190.el5 to match build root [kvm-83-160.el5] - kvm-qxl-defer-vga-updates-in-case-commands-ring-is-full-.patch [bz#544785] - Resolves: bz#544785 (QEMU process can become non-responsive in case command are not pull from qxl vga ring) [kvm-83-159.el5] - Applied patch to spec file [bz#533453] - Updated kversion to 2.6.18-189.el5 to match build root - Resolves: bz#533453 (kvm kmod package should require a compatible kernel version) [kvm-83-158.el5] - Updated kversion to 2.6.18-187.el5 to match build root - kvm-kernel-KVM-Don-t-check-access-permission-when-loading-segme.patch [bz#563465] - kvm-kernel-KVM-Disable-move-to-segment-registers-and-jump-far-i.patch [bz#563465] - kvm-kernel-KVM-VMX-Check-cpl-before-emulating-debug-register-ac.patch [bz#563517] - Resolves: bz#563465 (EMBARGOED CVE-2010-0419 kvm: emulator privilege escalation segment selector check [rhel-5.5]) - Resolves: bz#563517 (KVM: Check cpl before emulating debug register access [rhel-5.5]) [kvm-83-157.el5] - kvm-CVE-2010-0297-usb-linux.c-fix-buffer-overflow.patch [bz#560770] - Resolves: bz#560770 (CVE-2010-0297 kvm-userspace-rhel5: usb-linux.c: fix buffer overflow [rhel-5.5]) [kvm-83-156.el5] - kvm-kernel-KVM-PIT-control-word-is-write-only.patch [bz#553126] - kvm-kernel-KVM-introduce-kvm_read_guest_virt-kvm_write_guest_vi.patch [bz#559095] - kvm-kernel-KVM-remove-the-vmap-usage.patch [bz#559095] - kvm-kernel-KVM-Use-kvm_-read-write-_guest_virt-to-read-and-writ.patch [bz#559095] - kvm-kernel-KVM-fix-memory-access-during-x86-emulation.patch [bz#559095] - kvm-kernel-Check-IOPL-level-during-io-instruction-emulation.patch [bz#560698] - kvm-kernel-Fix-popf-emulation.patch [bz#560698] - kvm-kernel-Check-CPL-level-during-privilege-instruction-emulati.patch [bz#560698] - Resolves: bz#553126 (CVE-2010-0309 kvm: cat /dev/port in guest cause the host hang [rhel-5.5]) - Resolves: bz#559095 ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'kvm' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-0430 RHSA-2010:0271 http://rhn.redhat.com/errata/RHSA-2010-0271.html RHSA-2010:0476 https://rhn.redhat.com/errata/RHSA-2010-0476.html https://bugzilla.redhat.com/show_bug.cgi?id=568702 Common Vulnerability Exposure (CVE) ID: CVE-2010-0741 1023798 http://securitytracker.com/id?1023798 ADV-2010-0760 http://www.vupen.com/english/advisories/2010/0760 http://www.redhat.com/support/errata/RHSA-2010-0271.html [oss-security] 20100329 CVE-2010-0741 qemu: Improper handling of erroneous data provided by Linux virtio-net driver http://openwall.com/lists/oss-security/2010/03/29/4 [qemu-devel] 20091029 Re: qemu-kvm-0.11 regression, crashes on older guests with virtio network http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02480.html [qemu-devel] 20091029 [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...] http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02495.html http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=184bd0484533b725194fa517ddc271ffd74da7c9 https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521 https://bugzilla.redhat.com/show_bug.cgi?id=577218 https://patchwork.kernel.org/patch/56479/ oval:org.mitre.oval:def:11143 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11143 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |