Detections
Analytics
RHEL 7 : qemu-kvm-rhev (RHSA-2018:1369)
high Nessus Plugin ID 109755
Language:
Synopsis
The remote Red Hat host is missing one or more security updates for qemu-kvm-rhev.Description
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1369 advisory.KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
Security Fix(es):
* QEMU: i386: multiboot OOB access while loading kernel image (CVE-2018-7550)
* QEMU: cirrus: OOB access when updating VGA display (CVE-2018-7858)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Cyrille Chatras (Orange.com) and CERT-CC (Orange.com) for reporting CVE-2018-7550 and Ross Lagerwall (Citrix.com) for reporting CVE-2018-7858.
Bug Fix(es):
* In certain Red Hat Virtualization (RHV) guest configurations, virtual pass-through devices could not be removed properly. A reference count leak in the QEMU emulator has been removed, and the affected devices are now removed reliably. (BZ#1555213)
* Previously, a raw disk image that was using the --preallocation=full option in some cases could not be resized. This problem has been fixed and no longer occurs. (BZ#1566587)
* Due to race conditions in the virtio-blk and virtio-scsi services, the QEMU emulator sometimes terminated unexpectedly when shutting down. The race conditions have been removed, and QEMU now exits gracefully. (BZ#1566586)
* Prior to this update, deleting guest snapshots using the RHV GUI in some cases failed due to an incorrect image-seeking algorithm. This update fixes the underlying code, and guest snapshots in RHV can now be deleted successfully. (BZ#1566369)
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL qemu-kvm-rhev package based on the guidance in RHSA-2018:1369.See Also
http://www.nessus.org/u?69f33dc9
https://access.redhat.com/errata/RHSA-2018:1369
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1549798
https://bugzilla.redhat.com/show_bug.cgi?id=1553402
https://bugzilla.redhat.com/show_bug.cgi?id=1555213
https://bugzilla.redhat.com/show_bug.cgi?id=1566369
Plugin Details
Severity: High
ID: 109755
File Name: redhat-RHSA-2018-1369.nasl
Version: 1.10
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 5/14/2018
Updated: 10/8/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.3
Vendor
Vendor Severity: Moderate
CVSS v2
Risk Factor: Medium
Base Score: 4.6
Temporal Score: 3.4
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2018-7550
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-rhev, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-rhev, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev, p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 5/10/2018
Vulnerability Publication Date: 3/1/2018
Reference Information
CVE: CVE-2018-7550, CVE-2018-7858