Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2015-2694)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122811

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2015-2694)

Resumen: The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2015-2694 advisory.

Descripción: Summary:
The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2015-2694 advisory.

Vulnerability Insight:
[0.12.1.2-2.479.el6_7.3]
- kvm-net-pcnet-add-check-to-validate-receive-data-size-CV.patch [bz#1287950]
- kvm-pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch [bz#1287950]
- Resolves: bz#1287950
(CVE-2015-7504 CVE-2015-7512 qemu-kvm: various flaws [rhel-6.7.z])

Affected Software/OS:
'qemu-kvm' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-7504
1034268
http://www.securitytracker.com/id/1034268
78227
http://www.securityfocus.com/bid/78227
DSA-3469
http://www.debian.org/security/2016/dsa-3469
DSA-3470
http://www.debian.org/security/2016/dsa-3470
DSA-3471
http://www.debian.org/security/2016/dsa-3471
GLSA-201602-01
https://security.gentoo.org/glsa/201602-01
GLSA-201604-03
https://security.gentoo.org/glsa/201604-03
RHSA-2015:2694
http://rhn.redhat.com/errata/RHSA-2015-2694.html
RHSA-2015:2695
http://rhn.redhat.com/errata/RHSA-2015-2695.html
RHSA-2015:2696
http://rhn.redhat.com/errata/RHSA-2015-2696.html
[Qemu-devel] 20151130 [PATCH for 2.5 1/2] net: pcnet: add check to validate receive data size(CVE-2015-7504)
https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06342.html
[oss-security] 20151130 CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in loopback mode
http://www.openwall.com/lists/oss-security/2015/11/30/2
http://xenbits.xen.org/xsa/advisory-162.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7512
1034527
http://www.securitytracker.com/id/1034527
78230
http://www.securityfocus.com/bid/78230
[oss-security] 20151130 CVE-2015-7512 Qemu: net: pcnet: buffer overflow in non-loopback mode
http://www.openwall.com/lists/oss-security/2015/11/30/3
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8b98a2f07175d46c3f7217639bd5e03f
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122811
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-2694)
Resumen:	The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2015-2694 advisory.
Descripción:	Summary: The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2015-2694 advisory. Vulnerability Insight: [0.12.1.2-2.479.el6_7.3] - kvm-net-pcnet-add-check-to-validate-receive-data-size-CV.patch [bz#1287950] - kvm-pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch [bz#1287950] - Resolves: bz#1287950 (CVE-2015-7504 CVE-2015-7512 qemu-kvm: various flaws [rhel-6.7.z]) Affected Software/OS: 'qemu-kvm' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7504 1034268 http://www.securitytracker.com/id/1034268 78227 http://www.securityfocus.com/bid/78227 DSA-3469 http://www.debian.org/security/2016/dsa-3469 DSA-3470 http://www.debian.org/security/2016/dsa-3470 DSA-3471 http://www.debian.org/security/2016/dsa-3471 GLSA-201602-01 https://security.gentoo.org/glsa/201602-01 GLSA-201604-03 https://security.gentoo.org/glsa/201604-03 RHSA-2015:2694 http://rhn.redhat.com/errata/RHSA-2015-2694.html RHSA-2015:2695 http://rhn.redhat.com/errata/RHSA-2015-2695.html RHSA-2015:2696 http://rhn.redhat.com/errata/RHSA-2015-2696.html [Qemu-devel] 20151130 [PATCH for 2.5 1/2] net: pcnet: add check to validate receive data size(CVE-2015-7504) https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06342.html [oss-security] 20151130 CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in loopback mode http://www.openwall.com/lists/oss-security/2015/11/30/2 http://xenbits.xen.org/xsa/advisory-162.html Common Vulnerability Exposure (CVE) ID: CVE-2015-7512 1034527 http://www.securitytracker.com/id/1034527 78230 http://www.securityfocus.com/bid/78230 [oss-security] 20151130 CVE-2015-7512 Qemu: net: pcnet: buffer overflow in non-loopback mode http://www.openwall.com/lists/oss-security/2015/11/30/3 http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8b98a2f07175d46c3f7217639bd5e03f http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Copyright	Copyright (C) 2015 Greenbone AG