openSUSE Security Update : qemu (openSUSE-2017-1072)

high Nessus Plugin ID 103292

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for qemu fixes the following issues :

Security issues fixed :

- CVE-2017-10664: Fix DOS vulnerability in qemu-nbd (bsc#1046636)

- CVE-2017-10806: Fix DOS from stack overflow in debug messages of usb redirection support (bsc#1047674)

- CVE-2017-11334: Fix OOB access during DMA operation (bsc#1048902)

- CVE-2017-11434: Fix OOB access parsing dhcp slirp options (bsc#1049381)

Following non-security issues were fixed :

- Postrequire acl for setfacl

- Prerequire shadow for groupadd

- The recent security fix for CVE-2017-11334 adversely affects Xen. Include two additional patches to make sure Xen is going to be OK.

- Pre-add group kvm for qemu-tools (bsc#1011144)

- Fixed a few more inaccuracies in the support docs.

- Fix support docs to indicate ARM64 is now fully L3 supported in SLES 12 SP3. Apply a few additional clarifications in the support docs. (bsc#1050268)

- Adjust to libvdeplug-devel package naming changes.

- Fix migration with xhci (bsc#1048296)

- Increase VNC delay to fix missing keyboard input events (bsc#1031692)

- Remove build dependency package iasl used for seabios

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Solution

Update the affected qemu packages.

Plugin Details

Severity: High

ID: 103292

File Name: openSUSE-2017-1072.nasl

Version: 3.4

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 9/18/2017

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:qemu-block-iscsi, p-cpe:/a:novell:opensuse:qemu-seabios, p-cpe:/a:novell:opensuse:qemu-block-ssh, p-cpe:/a:novell:opensuse:qemu-vgabios, p-cpe:/a:novell:opensuse:qemu-extra-debuginfo, p-cpe:/a:novell:opensuse:qemu-linux-user-debugsource, p-cpe:/a:novell:opensuse:qemu-lang, p-cpe:/a:novell:opensuse:qemu-linux-user-debuginfo, p-cpe:/a:novell:opensuse:qemu-ppc, p-cpe:/a:novell:opensuse:qemu-x86, p-cpe:/a:novell:opensuse:qemu-block-ssh-debuginfo, p-cpe:/a:novell:opensuse:qemu-debugsource, p-cpe:/a:novell:opensuse:qemu-kvm, p-cpe:/a:novell:opensuse:qemu-sgabios, p-cpe:/a:novell:opensuse:qemu-s390-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-rbd-debuginfo, p-cpe:/a:novell:opensuse:qemu-extra, p-cpe:/a:novell:opensuse:qemu-block-iscsi-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-curl, p-cpe:/a:novell:opensuse:qemu-block-dmg, p-cpe:/a:novell:opensuse:qemu-arm-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo, p-cpe:/a:novell:opensuse:qemu-block-rbd, p-cpe:/a:novell:opensuse:qemu-s390, p-cpe:/a:novell:opensuse:qemu-x86-debuginfo, p-cpe:/a:novell:opensuse:qemu-testsuite, cpe:/o:novell:opensuse:42.3, p-cpe:/a:novell:opensuse:qemu-ipxe, p-cpe:/a:novell:opensuse:qemu-tools, p-cpe:/a:novell:opensuse:qemu-ppc-debuginfo, p-cpe:/a:novell:opensuse:qemu-tools-debuginfo, p-cpe:/a:novell:opensuse:qemu-linux-user, p-cpe:/a:novell:opensuse:qemu-arm, p-cpe:/a:novell:opensuse:qemu-guest-agent-debuginfo, p-cpe:/a:novell:opensuse:qemu-ksm, p-cpe:/a:novell:opensuse:qemu, p-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo, p-cpe:/a:novell:opensuse:qemu-guest-agent

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 9/17/2017

Reference Information

CVE: CVE-2017-10664, CVE-2017-10806, CVE-2017-11334, CVE-2017-11434

Detections

Analytics