ID de Prueba:	1.3.6.1.4.1.25623.1.0.856749
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:4094-1)
Resumen:	The remote host is missing an update for the 'qemu' package(s) announced via the SUSE-SU-2024:4094-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'qemu' package(s) announced via the SUSE-SU-2024:4094-1 advisory. Vulnerability Insight: - CVE-2024-8354: Fixed assertion failure in usb_ep_get() (bsc#1230834) - CVE-2024-8612: Fixed information leak in virtio devices (bsc#1230915) Update version to 8.2.7: Security fixes: - CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007) - CVE-2024-4693: Fixed improper release of configure vector in virtio-pci that lead to guest triggerable crash (bsc#1224132) Other fixes: - added missing fix for ppc64 emulation that caused corruption in userspace (bsc#1230140) - target/ppc: Fix lxvx/stxvx facility check (bsc#1229929) - accel/kvm: check for KVM_CAP_READONLY_MEM on VM (bsc#1231519) Full changelog here: [link moved to references] Affected Software/OS: 'qemu' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-4693 RHBZ#2279965 https://bugzilla.redhat.com/show_bug.cgi?id=2279965 https://access.redhat.com/security/cve/CVE-2024-4693 Common Vulnerability Exposure (CVE) ID: CVE-2024-7409 Common Vulnerability Exposure (CVE) ID: CVE-2024-8354 Common Vulnerability Exposure (CVE) ID: CVE-2024-8612
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.