Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.871748 |
Kategorie: | Red Hat Local Security Checks |
Titel: | RedHat Update for qemu-kvm RHSA-2017:0083-01 |
Zusammenfassung: | The remote host is missing an update for the 'qemu-kvm'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'qemu-kvm' package(s) announced via the referenced advisory. Vulnerability Insight: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix(es): * An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could use this flaw to crash the QEMU process (denial of service). (CVE-2016-2857) Red Hat would like to thank Ling Liu (Qihoo 360 Inc.) for reporting this issue. Bug Fix(es): * Previously, rebooting a guest virtual machine more than 128 times in a short period of time caused the guest to shut down instead of rebooting, because the virtqueue was not cleaned properly. This update ensures that the virtqueue is cleaned more reliably, which prevents the described problem from occurring. (BZ#1393484) Affected Software/OS: qemu-kvm on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 3.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-2857 BugTraq ID: 84130 http://www.securityfocus.com/bid/84130 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html http://www.openwall.com/lists/oss-security/2016/03/03/9 http://www.openwall.com/lists/oss-security/2016/03/07/3 RedHat Security Advisories: RHSA-2016:2670 http://rhn.redhat.com/errata/RHSA-2016-2670.html RedHat Security Advisories: RHSA-2016:2671 http://rhn.redhat.com/errata/RHSA-2016-2671.html RedHat Security Advisories: RHSA-2016:2704 http://rhn.redhat.com/errata/RHSA-2016-2704.html RedHat Security Advisories: RHSA-2016:2705 http://rhn.redhat.com/errata/RHSA-2016-2705.html RedHat Security Advisories: RHSA-2016:2706 http://rhn.redhat.com/errata/RHSA-2016-2706.html RedHat Security Advisories: RHSA-2017:0083 http://rhn.redhat.com/errata/RHSA-2017-0083.html RedHat Security Advisories: RHSA-2017:0309 http://rhn.redhat.com/errata/RHSA-2017-0309.html RedHat Security Advisories: RHSA-2017:0334 http://rhn.redhat.com/errata/RHSA-2017-0334.html RedHat Security Advisories: RHSA-2017:0344 http://rhn.redhat.com/errata/RHSA-2017-0344.html RedHat Security Advisories: RHSA-2017:0350 http://rhn.redhat.com/errata/RHSA-2017-0350.html http://www.ubuntu.com/usn/USN-2974-1 |
Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |