Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.891694
Category:Debian Local Security Checks
Title:Debian LTS: Security Advisory for qemu (DLA-1694-1)
Summary:, 902725, 921525;;Several vulnerabilities were found in QEMU, a fast processor emulator:;;CVE-2018-12617;;The qmp_guest_file_read function (qga/commands-posix.c) is affected;by an integer overflow and subsequent memory allocation failure. This;weakness might be leveraged by remote attackers to cause denial of;service (application crash).;;CVE-2018-16872;;The usb_mtp_get_object, usb_mtp_get_partial_object and;usb_mtp_object_readdir functions (hw/usb/dev-mtp.c) are affected by a;symlink attack. Remote attackers might leverage this vulnerability to;perform information disclosure.;;CVE-2019-6778;;The tcp_emu function (slirp/tcp_subr.c) is affected by a heap buffer;overflow caused by insufficient validation of available space in the;sc_rcv->sb_data buffer. Remote attackers might leverage this flaw to;cause denial of service, or any other unspecified impact.
Description:Summary:
, 902725, 921525

Several vulnerabilities were found in QEMU, a fast processor emulator:

CVE-2018-12617

The qmp_guest_file_read function (qga/commands-posix.c) is affected
by an integer overflow and subsequent memory allocation failure. This
weakness might be leveraged by remote attackers to cause denial of
service (application crash).

CVE-2018-16872

The usb_mtp_get_object, usb_mtp_get_partial_object and
usb_mtp_object_readdir functions (hw/usb/dev-mtp.c) are affected by a
symlink attack. Remote attackers might leverage this vulnerability to
perform information disclosure.

CVE-2019-6778

The tcp_emu function (slirp/tcp_subr.c) is affected by a heap buffer
overflow caused by insufficient validation of available space in the
sc_rcv->sb_data buffer. Remote attackers might leverage this flaw to
cause denial of service, or any other unspecified impact.

Affected Software/OS:
qemu on Debian Linux

Solution:
For Debian 8 'Jessie', these problems have been fixed in version
1:2.1+dfsg-12+deb8u10.

We recommend that you upgrade your qemu packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-6778
BugTraq ID: 106758
http://www.securityfocus.com/bid/106758
Bugtraq: 20190531 [SECURITY] [DSA 4454-1] qemu security update (Google Search)
https://seclists.org/bugtraq/2019/May/76
Debian Security Information: DSA-4454 (Google Search)
https://www.debian.org/security/2019/dsa-4454
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/
[Qemu-devel][PULL 65/65] 20190114 slirp: check data length while emulating ident
https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html
[oss-security] 20190124 CVE-2019-6778 QEMU: slirp: heap buffer overflow in tcp_emu()
http://www.openwall.com/lists/oss-security/2019/01/24/5
RedHat Security Advisories: RHSA-2019:1883
https://access.redhat.com/errata/RHSA-2019:1883
RedHat Security Advisories: RHSA-2019:1968
https://access.redhat.com/errata/RHSA-2019:1968
RedHat Security Advisories: RHSA-2019:2425
https://access.redhat.com/errata/RHSA-2019:2425
RedHat Security Advisories: RHSA-2019:2892
https://access.redhat.com/errata/RHSA-2019:2892
SuSE Security Announcement: SUSE-SA-2019:0254-1 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00073.html
SuSE Security Announcement: openSUSE-SU-2019:1074 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html
SuSE Security Announcement: openSUSE-SU-2019:1226 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html
SuSE Security Announcement: openSUSE-SU-2019:2044 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html
SuSE Security Announcement: openSUSE-SU-2020:0468 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
https://usn.ubuntu.com/3923-1/
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.