Búsqueda de    
Vulnerabilidad   
    Buscar 211766 Descripciones CVE y
97459 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2021.0521.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2021:0521-1)
Resumen:The remote host is missing an update for the 'qemu' package(s) announced via the SUSE-SU-2021:0521-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'qemu' package(s) announced via the SUSE-SU-2021:0521-1 advisory.

Vulnerability Insight:
This update for qemu fixes the following issues:

Fixed potential privilege escalation in virtfs (CVE-2021-20181
bsc#1182137)

Fixed out-of-bound access in iscsi (CVE-2020-11947 bsc#1180523)

Fixed out-of-bound access in vmxnet3 emulation (CVE-2021-20203
bsc#1181639)

Fixed out-of-bound access in ARM interrupt handling (CVE-2021-20221
bsc#1181933)

Fixed vfio-pci device on s390 enters error state (bsc#1179717
bsc#1179719)

Fixed 'Failed to try-restart qemu-ga@.service' error while updating the
qemu-guest-agent. (bsc#1178565)

Apply fixes to qemu scsi passthrough with respect to timeout and error
conditions, including using more correct status codes. Add more qemu
tracing which helped track down these issues (bsc#1178049)

Affected Software/OS:
'qemu' package(s) on SUSE Linux Enterprise Module for Server Applications 15-SP2, SUSE Linux Enterprise Module for Basesystem 15-SP2

Solution:
Please install the updated package(s).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-11947
Common Vulnerability Exposure (CVE) ID: CVE-2021-20181
Common Vulnerability Exposure (CVE) ID: CVE-2021-20203
Common Vulnerability Exposure (CVE) ID: CVE-2021-20221
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 97459 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2021 E-Soft Inc. Todos los derechos reservados.