RHEL 7 : qemu-kvm-rhev (RHSA-2017:2392)

high Nessus Plugin ID 102158

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2392 advisory.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

The following packages have been upgraded to a later upstream version: qemu-kvm-rhev (2.9.0). (BZ#1387372, BZ#1387600, BZ#1400962)

Security Fix(es):

* A stack buffer overflow flaw was found in the Quick Emulator (QEMU) built with the Network Block Device (NBD) client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request.
A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process. (CVE-2017-2630)

* An integer overflow flaw was found in Quick Emulator (QEMU) in the CCID Card device support. The flaw could occur while passing messages via command/response packets to and from the host. A privileged user inside a guest could use this flaw to crash the QEMU process. (CVE-2017-5898)

* An information exposure flaw was found in Quick Emulator (QEMU) in Task Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw could occur while accessing TPR. A privileged user inside a guest could use this issue to read portions of the host memory. (CVE-2016-4020)

* A memory-leak flaw was found in the Quick Emulator(QEMU) built with USB xHCI controller emulation support. The flaw could occur while doing a USB-device unplug operation. Unplugging the device repeatedly resulted in leaking host memory, affecting other services on the host. A privileged user inside the guest could exploit this flaw to cause a denial of service on the host or potentially crash the host's QEMU process instance. (CVE-2016-7466)

* Multiple CVEs(CVE-2016-10155, CVE-2016-4020, CVE-2016-6835, CVE-2016-6888, CVE-2016-7422, CVE-2016-7466, CVE-2016-8576, CVE-2016-8669, CVE-2016-8909, CVE-2016-8910, CVE-2016-9907, CVE-2016-9911, CVE-2016-9921, CVE-2016-9922, CVE-2017-2630, CVE-2017-5579, CVE-2017-5898, CVE-2017-5973, CVE-2017-9310, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375) were fixed as result of rebase to QEMU version 2.9.0.

Red Hat would like to thank Li Qiang (Qihoo 360 Inc.) for reporting CVE-2016-6835 and CVE-2016-6888; Li Qiang (360.cn Inc.) for reporting CVE-2017-5898, CVE-2016-7466, CVE-2016-10155, CVE-2017-5579, and CVE-2017-5973; Donghai Zdh (Alibaba Inc.) for reporting CVE-2016-4020; Qinghao Tang (Marvel Team 360.cn Inc.) and Zhenhao Hong (Marvel Team 360.cn Inc.) for reporting CVE-2016-7422; PSIRT (Huawei Inc.) for reporting CVE-2016-8669; Andrew Henderson (Intelligent Automation Inc.) for reporting CVE-2016-8910;
Qinghao Tang (Qihoo 360), Li Qiang (Qihoo 360), and Jiangxin (Huawei Inc.) for reporting CVE-2016-9921 and CVE-2016-9922; and Li Qiang (Qihoo 360 Gear Team) for reporting CVE-2017-9310, CVE-2017-9373, CVE-2017-9374, and CVE-2017-9375.

Additional Changes:

This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1262277

https://bugzilla.redhat.com/show_bug.cgi?id=1262676

https://bugzilla.redhat.com/show_bug.cgi?id=1264255

https://bugzilla.redhat.com/show_bug.cgi?id=1264258

https://bugzilla.redhat.com/show_bug.cgi?id=1271060

https://bugzilla.redhat.com/show_bug.cgi?id=1274567

https://bugzilla.redhat.com/show_bug.cgi?id=1281407

https://bugzilla.redhat.com/show_bug.cgi?id=1285928

https://bugzilla.redhat.com/show_bug.cgi?id=1291284

https://bugzilla.redhat.com/show_bug.cgi?id=1293975

https://bugzilla.redhat.com/show_bug.cgi?id=1295637

https://bugzilla.redhat.com/show_bug.cgi?id=1299876

https://bugzilla.redhat.com/show_bug.cgi?id=1300768

https://bugzilla.redhat.com/show_bug.cgi?id=1300770

https://bugzilla.redhat.com/show_bug.cgi?id=1313686

https://bugzilla.redhat.com/show_bug.cgi?id=1314131

https://bugzilla.redhat.com/show_bug.cgi?id=1329145

https://bugzilla.redhat.com/show_bug.cgi?id=1333425

https://bugzilla.redhat.com/show_bug.cgi?id=1334398

http://www.nessus.org/u?f102d7a0

https://access.redhat.com/errata/RHSA-2017:2392

https://access.redhat.com/security/updates/classification/#important

https://bugzilla.redhat.com/show_bug.cgi?id=1032873

https://bugzilla.redhat.com/show_bug.cgi?id=1038963

https://bugzilla.redhat.com/show_bug.cgi?id=1046612

https://bugzilla.redhat.com/show_bug.cgi?id=1055093

https://bugzilla.redhat.com/show_bug.cgi?id=1086193

https://bugzilla.redhat.com/show_bug.cgi?id=1159726

https://bugzilla.redhat.com/show_bug.cgi?id=1159728

https://bugzilla.redhat.com/show_bug.cgi?id=1175113

https://bugzilla.redhat.com/show_bug.cgi?id=1179045

https://bugzilla.redhat.com/show_bug.cgi?id=1185172

https://bugzilla.redhat.com/show_bug.cgi?id=1189998

https://bugzilla.redhat.com/show_bug.cgi?id=1193826

https://bugzilla.redhat.com/show_bug.cgi?id=1219541

https://bugzilla.redhat.com/show_bug.cgi?id=1231739

https://bugzilla.redhat.com/show_bug.cgi?id=1248279

https://bugzilla.redhat.com/show_bug.cgi?id=1254422

https://bugzilla.redhat.com/show_bug.cgi?id=1256618

https://bugzilla.redhat.com/show_bug.cgi?id=1335808

https://bugzilla.redhat.com/show_bug.cgi?id=1340439

https://bugzilla.redhat.com/show_bug.cgi?id=1342434

https://bugzilla.redhat.com/show_bug.cgi?id=1347172

https://bugzilla.redhat.com/show_bug.cgi?id=1352620

https://bugzilla.redhat.com/show_bug.cgi?id=1352769

https://bugzilla.redhat.com/show_bug.cgi?id=1354177

https://bugzilla.redhat.com/show_bug.cgi?id=1357808

https://bugzilla.redhat.com/show_bug.cgi?id=1360301

https://bugzilla.redhat.com/show_bug.cgi?id=1361487

https://bugzilla.redhat.com/show_bug.cgi?id=1362084

https://bugzilla.redhat.com/show_bug.cgi?id=1362729

https://bugzilla.redhat.com/show_bug.cgi?id=1363938

https://bugzilla.redhat.com/show_bug.cgi?id=1365708

https://bugzilla.redhat.com/show_bug.cgi?id=1366919

https://bugzilla.redhat.com/show_bug.cgi?id=1367369

https://bugzilla.redhat.com/show_bug.cgi?id=1367731

https://bugzilla.redhat.com/show_bug.cgi?id=1368040

https://bugzilla.redhat.com/show_bug.cgi?id=1368406

https://bugzilla.redhat.com/show_bug.cgi?id=1368422

https://bugzilla.redhat.com/show_bug.cgi?id=1369012

https://bugzilla.redhat.com/show_bug.cgi?id=1369031

https://bugzilla.redhat.com/show_bug.cgi?id=1369641

https://bugzilla.redhat.com/show_bug.cgi?id=1369795

https://bugzilla.redhat.com/show_bug.cgi?id=1373264

https://bugzilla.redhat.com/show_bug.cgi?id=1373600

https://bugzilla.redhat.com/show_bug.cgi?id=1373604

https://bugzilla.redhat.com/show_bug.cgi?id=1373710

https://bugzilla.redhat.com/show_bug.cgi?id=1373816

https://bugzilla.redhat.com/show_bug.cgi?id=1374237

https://bugzilla.redhat.com/show_bug.cgi?id=1375444

https://bugzilla.redhat.com/show_bug.cgi?id=1375520

https://bugzilla.redhat.com/show_bug.cgi?id=1376000

https://bugzilla.redhat.com/show_bug.cgi?id=1376755

https://bugzilla.redhat.com/show_bug.cgi?id=1376760

https://bugzilla.redhat.com/show_bug.cgi?id=1377063

https://bugzilla.redhat.com/show_bug.cgi?id=1377160

https://bugzilla.redhat.com/show_bug.cgi?id=1377837

https://bugzilla.redhat.com/show_bug.cgi?id=1378334

https://bugzilla.redhat.com/show_bug.cgi?id=1378536

https://bugzilla.redhat.com/show_bug.cgi?id=1378538

https://bugzilla.redhat.com/show_bug.cgi?id=1378694

https://bugzilla.redhat.com/show_bug.cgi?id=1378816

https://bugzilla.redhat.com/show_bug.cgi?id=1379034

https://bugzilla.redhat.com/show_bug.cgi?id=1379206

https://bugzilla.redhat.com/show_bug.cgi?id=1380258

https://bugzilla.redhat.com/show_bug.cgi?id=1381630

https://bugzilla.redhat.com/show_bug.cgi?id=1383012

https://bugzilla.redhat.com/show_bug.cgi?id=1384124

https://bugzilla.redhat.com/show_bug.cgi?id=1384909

https://bugzilla.redhat.com/show_bug.cgi?id=1387372

https://bugzilla.redhat.com/show_bug.cgi?id=1387600

https://bugzilla.redhat.com/show_bug.cgi?id=1388046

https://bugzilla.redhat.com/show_bug.cgi?id=1388052

https://bugzilla.redhat.com/show_bug.cgi?id=1389238

https://bugzilla.redhat.com/show_bug.cgi?id=1390316

https://bugzilla.redhat.com/show_bug.cgi?id=1390734

https://bugzilla.redhat.com/show_bug.cgi?id=1390737

https://bugzilla.redhat.com/show_bug.cgi?id=1390991

https://bugzilla.redhat.com/show_bug.cgi?id=1391942

https://bugzilla.redhat.com/show_bug.cgi?id=1392328

https://bugzilla.redhat.com/show_bug.cgi?id=1392359

https://bugzilla.redhat.com/show_bug.cgi?id=1393322

https://bugzilla.redhat.com/show_bug.cgi?id=1393698

https://bugzilla.redhat.com/show_bug.cgi?id=1394140

https://bugzilla.redhat.com/show_bug.cgi?id=1396536

https://bugzilla.redhat.com/show_bug.cgi?id=1397697

https://bugzilla.redhat.com/show_bug.cgi?id=1397870

https://bugzilla.redhat.com/show_bug.cgi?id=1400059

https://bugzilla.redhat.com/show_bug.cgi?id=1400785

https://bugzilla.redhat.com/show_bug.cgi?id=1400962

https://bugzilla.redhat.com/show_bug.cgi?id=1402222

https://bugzilla.redhat.com/show_bug.cgi?id=1402265

https://bugzilla.redhat.com/show_bug.cgi?id=1402272

https://bugzilla.redhat.com/show_bug.cgi?id=1402645

https://bugzilla.redhat.com/show_bug.cgi?id=1404137

https://bugzilla.redhat.com/show_bug.cgi?id=1404303

https://bugzilla.redhat.com/show_bug.cgi?id=1404673

https://bugzilla.redhat.com/show_bug.cgi?id=1405123

https://bugzilla.redhat.com/show_bug.cgi?id=1406827

https://bugzilla.redhat.com/show_bug.cgi?id=1409973

https://bugzilla.redhat.com/show_bug.cgi?id=1410284

https://bugzilla.redhat.com/show_bug.cgi?id=1410618

https://bugzilla.redhat.com/show_bug.cgi?id=1410674

https://bugzilla.redhat.com/show_bug.cgi?id=1411105

https://bugzilla.redhat.com/show_bug.cgi?id=1412327

https://bugzilla.redhat.com/show_bug.cgi?id=1412470

https://bugzilla.redhat.com/show_bug.cgi?id=1412472

https://bugzilla.redhat.com/show_bug.cgi?id=1414694

https://bugzilla.redhat.com/show_bug.cgi?id=1415199

https://bugzilla.redhat.com/show_bug.cgi?id=1415947

https://bugzilla.redhat.com/show_bug.cgi?id=1416157

https://bugzilla.redhat.com/show_bug.cgi?id=1416681

https://bugzilla.redhat.com/show_bug.cgi?id=1417840

https://bugzilla.redhat.com/show_bug.cgi?id=1418166

https://bugzilla.redhat.com/show_bug.cgi?id=1418575

https://bugzilla.redhat.com/show_bug.cgi?id=1418927

https://bugzilla.redhat.com/show_bug.cgi?id=1419466

https://bugzilla.redhat.com/show_bug.cgi?id=1419699

https://bugzilla.redhat.com/show_bug.cgi?id=1427466

https://bugzilla.redhat.com/show_bug.cgi?id=1428534

https://bugzilla.redhat.com/show_bug.cgi?id=1428810

https://bugzilla.redhat.com/show_bug.cgi?id=1430620

https://bugzilla.redhat.com/show_bug.cgi?id=1431224

https://bugzilla.redhat.com/show_bug.cgi?id=1431939

https://bugzilla.redhat.com/show_bug.cgi?id=1432295

https://bugzilla.redhat.com/show_bug.cgi?id=1432382

https://bugzilla.redhat.com/show_bug.cgi?id=1432588

https://bugzilla.redhat.com/show_bug.cgi?id=1433193

https://bugzilla.redhat.com/show_bug.cgi?id=1433921

https://bugzilla.redhat.com/show_bug.cgi?id=1434666

https://bugzilla.redhat.com/show_bug.cgi?id=1434706

https://bugzilla.redhat.com/show_bug.cgi?id=1434743

https://bugzilla.redhat.com/show_bug.cgi?id=1434784

https://bugzilla.redhat.com/show_bug.cgi?id=1435086

https://bugzilla.redhat.com/show_bug.cgi?id=1435521

https://bugzilla.redhat.com/show_bug.cgi?id=1436562

https://bugzilla.redhat.com/show_bug.cgi?id=1436616

https://bugzilla.redhat.com/show_bug.cgi?id=1437310

https://bugzilla.redhat.com/show_bug.cgi?id=1437337

https://bugzilla.redhat.com/show_bug.cgi?id=1437393

https://bugzilla.redhat.com/show_bug.cgi?id=1438566

https://bugzilla.redhat.com/show_bug.cgi?id=1440619

https://bugzilla.redhat.com/show_bug.cgi?id=1440667

https://bugzilla.redhat.com/show_bug.cgi?id=1440677

https://bugzilla.redhat.com/show_bug.cgi?id=1441069

https://bugzilla.redhat.com/show_bug.cgi?id=1443029

https://bugzilla.redhat.com/show_bug.cgi?id=1443040

https://bugzilla.redhat.com/show_bug.cgi?id=1444003

https://bugzilla.redhat.com/show_bug.cgi?id=1444326

https://bugzilla.redhat.com/show_bug.cgi?id=1445174

https://bugzilla.redhat.com/show_bug.cgi?id=1446003

https://bugzilla.redhat.com/show_bug.cgi?id=1446498

https://bugzilla.redhat.com/show_bug.cgi?id=1447184

https://bugzilla.redhat.com/show_bug.cgi?id=1447257

https://bugzilla.redhat.com/show_bug.cgi?id=1447551

https://bugzilla.redhat.com/show_bug.cgi?id=1447581

https://bugzilla.redhat.com/show_bug.cgi?id=1447590

https://bugzilla.redhat.com/show_bug.cgi?id=1447592

https://bugzilla.redhat.com/show_bug.cgi?id=1447874

https://bugzilla.redhat.com/show_bug.cgi?id=1448813

https://bugzilla.redhat.com/show_bug.cgi?id=1449031

https://bugzilla.redhat.com/show_bug.cgi?id=1449037

https://bugzilla.redhat.com/show_bug.cgi?id=1449490

https://bugzilla.redhat.com/show_bug.cgi?id=1449939

https://bugzilla.redhat.com/show_bug.cgi?id=1450759

https://bugzilla.redhat.com/show_bug.cgi?id=1451191

https://bugzilla.redhat.com/show_bug.cgi?id=1451483

https://bugzilla.redhat.com/show_bug.cgi?id=1451629

https://bugzilla.redhat.com/show_bug.cgi?id=1451631

https://bugzilla.redhat.com/show_bug.cgi?id=1451849

https://bugzilla.redhat.com/show_bug.cgi?id=1451862

https://bugzilla.redhat.com/show_bug.cgi?id=1452048

https://bugzilla.redhat.com/show_bug.cgi?id=1452066

https://bugzilla.redhat.com/show_bug.cgi?id=1452148

https://bugzilla.redhat.com/show_bug.cgi?id=1452512

https://bugzilla.redhat.com/show_bug.cgi?id=1452605

https://bugzilla.redhat.com/show_bug.cgi?id=1452620

https://bugzilla.redhat.com/show_bug.cgi?id=1452702

https://bugzilla.redhat.com/show_bug.cgi?id=1452752

https://bugzilla.redhat.com/show_bug.cgi?id=1453169

https://bugzilla.redhat.com/show_bug.cgi?id=1454582

https://bugzilla.redhat.com/show_bug.cgi?id=1454641

https://bugzilla.redhat.com/show_bug.cgi?id=1455150

https://bugzilla.redhat.com/show_bug.cgi?id=1456424

https://bugzilla.redhat.com/show_bug.cgi?id=1456456

https://bugzilla.redhat.com/show_bug.cgi?id=1457088

https://bugzilla.redhat.com/show_bug.cgi?id=1457740

https://bugzilla.redhat.com/show_bug.cgi?id=1458270

https://bugzilla.redhat.com/show_bug.cgi?id=1458705

https://bugzilla.redhat.com/show_bug.cgi?id=1458744

https://bugzilla.redhat.com/show_bug.cgi?id=1458782

https://bugzilla.redhat.com/show_bug.cgi?id=1459132

https://bugzilla.redhat.com/show_bug.cgi?id=1461561

https://bugzilla.redhat.com/show_bug.cgi?id=1461827

https://bugzilla.redhat.com/show_bug.cgi?id=750801

https://bugzilla.redhat.com/show_bug.cgi?id=971799

https://bugzilla.redhat.com/show_bug.cgi?id=1419899

https://bugzilla.redhat.com/show_bug.cgi?id=1420195

https://bugzilla.redhat.com/show_bug.cgi?id=1420216

https://bugzilla.redhat.com/show_bug.cgi?id=1420679

https://bugzilla.redhat.com/show_bug.cgi?id=1421626

https://bugzilla.redhat.com/show_bug.cgi?id=1421788

https://bugzilla.redhat.com/show_bug.cgi?id=1422415

https://bugzilla.redhat.com/show_bug.cgi?id=1422846

https://bugzilla.redhat.com/show_bug.cgi?id=1425151

https://bugzilla.redhat.com/show_bug.cgi?id=1425178

https://bugzilla.redhat.com/show_bug.cgi?id=1425273

https://bugzilla.redhat.com/show_bug.cgi?id=1425700

https://bugzilla.redhat.com/show_bug.cgi?id=1425765

Plugin Details

Severity: High

ID: 102158

File Name: redhat-RHSA-2017-2392.nasl

Version: 3.11

Type: local

Agent: unix

Published: 8/3/2017

Updated: 3/20/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

Vendor

Vendor Severity: Important

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2017-2630

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-rhev, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-rhev, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev, p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 8/1/2017

Vulnerability Publication Date: 5/25/2016

Reference Information

CVE: CVE-2016-10155, CVE-2016-4020, CVE-2016-6835, CVE-2016-6888, CVE-2016-7422, CVE-2016-7466, CVE-2016-8576, CVE-2016-8669, CVE-2016-8909, CVE-2016-8910, CVE-2016-9907, CVE-2016-9911, CVE-2016-9921, CVE-2016-9922, CVE-2017-2630, CVE-2017-5579, CVE-2017-5898, CVE-2017-5973, CVE-2017-9310, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375

CWE: 119, 121, 122, 190, 200, 244, 369, 476, 772, 835

RHSA: 2017:2392