Test Kennung:	1.3.6.1.4.1.25623.1.1.2.2017.1038
Kategorie:	Huawei EulerOS Local Security Checks
Titel:	Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2017-1038)
Zusammenfassung:	The remote host is missing an update for the Huawei EulerOS 'qemu-kvm' package(s) announced via the EulerOS-SA-2017-1038 advisory.
Beschreibung:	Summary: The remote host is missing an update for the Huawei EulerOS 'qemu-kvm' package(s) announced via the EulerOS-SA-2017-1038 advisory. Vulnerability Insight: Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. (CVE-2017-2615) Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. (CVE-2017-2620) Affected Software/OS: 'qemu-kvm' package(s) on Huawei EulerOS V2.0SP2. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2615 BugTraq ID: 95990 http://www.securityfocus.com/bid/95990 https://security.gentoo.org/glsa/201702-27 https://security.gentoo.org/glsa/201702-28 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html http://www.openwall.com/lists/oss-security/2017/02/01/6 https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html RedHat Security Advisories: RHSA-2017:0309 http://rhn.redhat.com/errata/RHSA-2017-0309.html RedHat Security Advisories: RHSA-2017:0328 http://rhn.redhat.com/errata/RHSA-2017-0328.html RedHat Security Advisories: RHSA-2017:0329 http://rhn.redhat.com/errata/RHSA-2017-0329.html RedHat Security Advisories: RHSA-2017:0330 http://rhn.redhat.com/errata/RHSA-2017-0330.html RedHat Security Advisories: RHSA-2017:0331 http://rhn.redhat.com/errata/RHSA-2017-0331.html RedHat Security Advisories: RHSA-2017:0332 http://rhn.redhat.com/errata/RHSA-2017-0332.html RedHat Security Advisories: RHSA-2017:0333 http://rhn.redhat.com/errata/RHSA-2017-0333.html RedHat Security Advisories: RHSA-2017:0334 http://rhn.redhat.com/errata/RHSA-2017-0334.html RedHat Security Advisories: RHSA-2017:0344 http://rhn.redhat.com/errata/RHSA-2017-0344.html RedHat Security Advisories: RHSA-2017:0350 http://rhn.redhat.com/errata/RHSA-2017-0350.html RedHat Security Advisories: RHSA-2017:0396 http://rhn.redhat.com/errata/RHSA-2017-0396.html RedHat Security Advisories: RHSA-2017:0454 http://rhn.redhat.com/errata/RHSA-2017-0454.html http://www.securitytracker.com/id/1037804 Common Vulnerability Exposure (CVE) ID: CVE-2017-2620 BugTraq ID: 96378 http://www.securityfocus.com/bid/96378 https://security.gentoo.org/glsa/201703-07 https://security.gentoo.org/glsa/201704-01 https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html http://www.openwall.com/lists/oss-security/2017/02/21/1 https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html RedHat Security Advisories: RHSA-2017:0351 http://rhn.redhat.com/errata/RHSA-2017-0351.html RedHat Security Advisories: RHSA-2017:0352 http://rhn.redhat.com/errata/RHSA-2017-0352.html http://www.securitytracker.com/id/1037870
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.