Test Kennung:	1.3.6.1.4.1.25623.1.1.2.2020.1298
Kategorie:	Huawei EulerOS Local Security Checks
Titel:	Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2020-1298)
Zusammenfassung:	The remote host is missing an update for the Huawei EulerOS 'qemu' package(s) announced via the EulerOS-SA-2020-1298 advisory.
Beschreibung:	Summary: The remote host is missing an update for the Huawei EulerOS 'qemu' package(s) announced via the EulerOS-SA-2020-1298 advisory. Vulnerability Insight: tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.(CVE-2020-7039) In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.(CVE-2020-8608) Affected Software/OS: 'qemu' package(s) on Huawei EulerOS V2.0SP8. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2020-7039 Bugtraq: 20200203 [SECURITY] [DSA 4616-1] qemu security update (Google Search) https://seclists.org/bugtraq/2020/Feb/0 Debian Security Information: DSA-4616 (Google Search) https://www.debian.org/security/2020/dsa-4616 https://security.gentoo.org/glsa/202005-02 https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289 https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80 https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9 https://lists.debian.org/debian-lts-announce/2020/01/msg00022.html https://lists.debian.org/debian-lts-announce/2020/01/msg00036.html https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html RedHat Security Advisories: RHSA-2020:0348 https://access.redhat.com/errata/RHSA-2020:0348 RedHat Security Advisories: RHSA-2020:0775 https://access.redhat.com/errata/RHSA-2020:0775 SuSE Security Announcement: openSUSE-SU-2020:0468 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html https://usn.ubuntu.com/4283-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-8608 Debian Security Information: DSA-4733 (Google Search) https://www.debian.org/security/2020/dsa-4733 https://security.gentoo.org/glsa/202003-66 https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0 https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843 https://www.openwall.com/lists/oss-security/2020/02/06/2 https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.