Búsqueda de    
Vulnerabilidad   
    Buscar 211766 Descripciones CVE y
97459 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2018.2679.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2018:2679-1)
Resumen:The remote host is missing an update for the 'qemu' package(s) announced via the SUSE-SU-2018:2679-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'qemu' package(s) announced via the SUSE-SU-2018:2679-1 advisory.

Vulnerability Insight:
This update for qemu fixes the following issues:

This security issue was fixed:
CVE-2018-12617: qmp_guest_file_read had an integer overflow that could
have been exploited by sending a crafted QMP command (including
guest-file-read with a large count value) to the agent via the listening
socket causing DoS (bsc#1098735)

These non-security issues were fixed:
Allow kvm group access to /dev/sev (bsc#1102604).

Fix for the value used for reduced_phys_bits. Please update the
reduced_phys_bits value used on the commandline or in libvirt XML to the
value 1 (explicitly set now in QEMU code). (bsc#1103628)

Fix (again) the qemu guest agent udev rule file, which got unfixed in a
series of unfortunate events (bsc#1094898 and now bsc#1105279)

Affected Software/OS:
'qemu' package(s) on SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Basesystem 15

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-12617
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 97459 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2021 E-Soft Inc. Todos los derechos reservados.