 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.123367 |
| Categoría: | Oracle Linux Local Security Checks |
| Título: | Oracle: Security Advisory (ELSA-2014-0927) |
| Resumen: | The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2014-0927 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'qemu-kvm' package(s) announced via the ELSA-2014-0927 advisory. Vulnerability Insight: [1.5.3-60.el7_0.5] - kvm-Allow-mismatched-virtio-config-len.patch [bz#1095782] - Resolves: bz#1095782 (CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid config_len [rhel-7.0.z]) [1.5.3-60.el7_0.4] - kvm-zero-initialize-KVM_SET_GSI_ROUTING-input.patch [bz#1110693] - kvm-skip-system-call-when-msi-route-is-unchanged.patch [bz#1110693] - Resolves: bz#1110693 (2x RHEL 5.10 VM running on RHEL 7 KVM have low TCP_STREAM throughput) [1.5.3-60.el7_0.3] - kvm-virtio-net-fix-buffer-overflow-on-invalid-state-load.patch [bz#1095677] - kvm-virtio-net-out-of-bounds-buffer-write-on-load.patch [bz#1095684] - kvm-virtio-net-out-of-bounds-buffer-write-on-invalid-sta.patch [bz#1095689] - kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch [bz#1095694] - kvm-virtio-avoid-buffer-overrun-on-incoming-migration.patch [bz#1095737] - kvm-virtio-scsi-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095741] - kvm-virtio-validate-config_len-on-load.patch [bz#1095782] - kvm-virtio-validate-num_sg-when-mapping.patch [bz#1095765] - kvm-virtio-allow-mapping-up-to-max-queue-size.patch [bz#1095765] - kvm-vmstate-add-VMS_MUST_EXIST.patch [bz#1095706] - kvm-vmstate-add-VMSTATE_VALIDATE.patch [bz#1095706] - kvm-hpet-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095706] - kvm-hw-pci-pcie_aer.c-fix-buffer-overruns-on-invalid-sta.patch [bz#1095714] - kvm-usb-sanity-check-setup_index-setup_len-in-post_load.patch [bz#1095746] - kvm-usb-sanity-check-setup_index-setup_len-in-post_l2.patch [bz#1095746] - kvm-usb-fix-up-post-load-checks.patch [bz#1096828] - kvm-XBZRLE-Fix-qemu-crash-when-resize-the-xbzrle-cache.patch [bz#1110191] - kvm-Provide-init-function-for-ram-migration.patch [bz#1110191] - kvm-Init-the-XBZRLE.lock-in-ram_mig_init.patch [bz#1110191] - kvm-XBZRLE-Fix-one-XBZRLE-corruption-issues.patch [bz#1110191] - kvm-Count-used-RAMBlock-pages-for-migration_dirty_pages.patch [bz#1110189] - kvm-qcow-correctly-propagate-errors.patch [bz#1097229] - kvm-qcow1-Make-padding-in-the-header-explicit.patch [bz#1097229] - kvm-qcow1-Check-maximum-cluster-size.patch [bz#1097229] - kvm-qcow1-Validate-L2-table-size-CVE-2014-0222.patch [bz#1097229] - kvm-qcow1-Validate-image-size-CVE-2014-0223.patch [bz#1097236] - kvm-qcow1-Stricter-backing-file-length-check.patch [bz#1097236] - kvm-char-restore-read-callback-on-a-reattached-hotplug-c.patch [bz#1110219] - kvm-qcow2-Free-preallocated-zero-clusters.patch [bz#1110188] - kvm-qemu-iotests-Discard-preallocated-zero-clusters.patch [bz#1110188] - Resolves: bz#1095677 (CVE-2013-4148 qemu-kvm: qemu: virtio-net: buffer overflow on invalid state load [rhel-7.0.z]) - Resolves: bz#1095684 (CVE-2013-4149 qemu-kvm: qemu: virtio-net: out-of-bounds buffer write on load [rhel-7.0.z]) - Resolves: bz#1095689 (CVE-2013-4150 qemu-kvm: qemu: virtio-net: out-of-bounds buffer write on invalid state load [rhel-7.0.z]) - Resolves: ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'qemu-kvm' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-4148 FEDORA-2014-6288 http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html RHSA-2014:0743 http://rhn.redhat.com/errata/RHSA-2014-0743.html RHSA-2014:0744 http://rhn.redhat.com/errata/RHSA-2014-0744.html [Qemu-stable] 20140723 [ANNOUNCE] QEMU 1.7.2 Stable released http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=71f7fe48e10a8437c9d42d859389f37157f59980 Common Vulnerability Exposure (CVE) ID: CVE-2013-4149 RHSA-2014:0927 http://rhn.redhat.com/errata/RHSA-2014-0927.html http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=98f93ddd84800f207889491e0b5d851386b459cf Common Vulnerability Exposure (CVE) ID: CVE-2013-4150 http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=eea750a5623ddac7a61982eec8f1c93481857578 Common Vulnerability Exposure (CVE) ID: CVE-2013-4151 http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=cc45995294b92d95319b4782750a3580cabdbc0c Common Vulnerability Exposure (CVE) ID: CVE-2013-4527 http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=3f1c49e2136fa08ab1ef3183fd55def308829584 Common Vulnerability Exposure (CVE) ID: CVE-2013-4529 [Qemu-devel] 20131213 [PATCH 00/23] qemu state loading issues http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4535 http://git.qemu.org/?p=qemu.git;a=commitdiff;h=36cf2a37132c7f01fa9adb5f95f5312b27742fd4 https://bugzilla.redhat.com/show_bug.cgi?id=1066401 Common Vulnerability Exposure (CVE) ID: CVE-2013-4536 Common Vulnerability Exposure (CVE) ID: CVE-2013-4541 http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=9f8e9895c504149d7048e9fc5eb5cbb34b16e49a Common Vulnerability Exposure (CVE) ID: CVE-2013-4542 http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=3c3ce981423e0d6c18af82ee62f1850c2cda5976 Common Vulnerability Exposure (CVE) ID: CVE-2013-6399 http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=4b53c2c72cb5541cf394033b528a6fe2a86c0ac1 Common Vulnerability Exposure (CVE) ID: CVE-2014-0182 http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc Common Vulnerability Exposure (CVE) ID: CVE-2014-0222 67357 http://www.securityfocus.com/bid/67357 DSA-3044 http://www.debian.org/security/2014/dsa-3044 FEDORA-2014-6970 http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html SUSE-SU-2015:0929 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html [Qemu-devel] 20140512 [PATCH 3/5] qcow1: Validate L2 table size (CVE-2014-0222) https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html openSUSE-SU-2015:1965 http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0223 67391 http://www.securityfocus.com/bid/67391 [Qemu-devel] 20140512 [PATCH 4/5] qcow1: Validate image size (CVE-2014-0223) https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3461 [qemu-devel] 20140512 [PATCH] usb: fix up post load checks http://article.gmane.org/gmane.comp.emulators.qemu/272092 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |