Lucene search

K
amazonAmazonALAS-2020-1400
HistoryJul 14, 2020 - 8:27 p.m.

Important: qemu-kvm

2020-07-1420:27:00
alas.aws.amazon.com
31
qemu-kvm
libslirp
buffer overflow
memory mismanagement
dos
arbitrary code execution
information disclosure
cve-2019-9824
cve-2020-7039
cve-2020-8608

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

5.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

7.7

Confidence

Low

EPSS

0.007

Percentile

80.3%

Issue Overview:

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. (CVE-2020-8608)

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. (CVE-2020-7039)

tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. (CVE-2019-9824)

Affected Packages:

qemu-kvm

Issue Correction:
Run yum update qemu-kvm to update your system.

New Packages:

src:  
    qemu-kvm-1.5.3-156.19.amzn1.src  
  
x86_64:  
    qemu-kvm-debuginfo-1.5.3-156.19.amzn1.x86_64  
    qemu-kvm-1.5.3-156.19.amzn1.x86_64  
    qemu-kvm-tools-1.5.3-156.19.amzn1.x86_64  
    qemu-kvm-common-1.5.3-156.19.amzn1.x86_64  
    qemu-img-1.5.3-156.19.amzn1.x86_64  

Additional References

Red Hat: CVE-2019-9824, CVE-2020-7039, CVE-2020-8608

Mitre: CVE-2019-9824, CVE-2020-7039, CVE-2020-8608

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

5.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

7.7

Confidence

Low

EPSS

0.007

Percentile

80.3%