Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS2-2020-1570
HistoryDec 08, 2020 - 9:30 p.m.

Medium: qemu

2020-12-0821:30:00
alas.aws.amazon.com
33

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.6%

JSON

Issue Overview:

A use-after-free issue was found in the SLiRP networking implementation of the QEMU emulator. The issue occurs in ip_reass() routine while reassembling incoming packets, if the first fragment is bigger than the m->m_dat[] buffer. A user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service. (CVE-2019-15890)

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. (CVE-2020-10756)

Affected Packages:

qemu

Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update qemu to update your system.

New Packages:

aarch64:  
    qemu-3.1.0-8.amzn2.0.6.aarch64  
    qemu-common-3.1.0-8.amzn2.0.6.aarch64  
    qemu-guest-agent-3.1.0-8.amzn2.0.6.aarch64  
    qemu-img-3.1.0-8.amzn2.0.6.aarch64  
    ivshmem-tools-3.1.0-8.amzn2.0.6.aarch64  
    qemu-block-curl-3.1.0-8.amzn2.0.6.aarch64  
    qemu-block-dmg-3.1.0-8.amzn2.0.6.aarch64  
    qemu-block-iscsi-3.1.0-8.amzn2.0.6.aarch64  
    qemu-block-nfs-3.1.0-8.amzn2.0.6.aarch64  
    qemu-block-rbd-3.1.0-8.amzn2.0.6.aarch64  
    qemu-block-ssh-3.1.0-8.amzn2.0.6.aarch64  
    qemu-audio-alsa-3.1.0-8.amzn2.0.6.aarch64  
    qemu-audio-oss-3.1.0-8.amzn2.0.6.aarch64  
    qemu-audio-pa-3.1.0-8.amzn2.0.6.aarch64  
    qemu-audio-sdl-3.1.0-8.amzn2.0.6.aarch64  
    qemu-ui-curses-3.1.0-8.amzn2.0.6.aarch64  
    qemu-ui-gtk-3.1.0-8.amzn2.0.6.aarch64  
    qemu-ui-sdl-3.1.0-8.amzn2.0.6.aarch64  
    qemu-kvm-3.1.0-8.amzn2.0.6.aarch64  
    qemu-kvm-core-3.1.0-8.amzn2.0.6.aarch64  
    qemu-user-3.1.0-8.amzn2.0.6.aarch64  
    qemu-user-binfmt-3.1.0-8.amzn2.0.6.aarch64  
    qemu-user-static-3.1.0-8.amzn2.0.6.aarch64  
    qemu-system-aarch64-3.1.0-8.amzn2.0.6.aarch64  
    qemu-system-aarch64-core-3.1.0-8.amzn2.0.6.aarch64  
    qemu-system-x86-3.1.0-8.amzn2.0.6.aarch64  
    qemu-system-x86-core-3.1.0-8.amzn2.0.6.aarch64  
    qemu-debuginfo-3.1.0-8.amzn2.0.6.aarch64  
  
i686:  
    qemu-3.1.0-8.amzn2.0.6.i686  
    qemu-common-3.1.0-8.amzn2.0.6.i686  
    qemu-guest-agent-3.1.0-8.amzn2.0.6.i686  
    qemu-img-3.1.0-8.amzn2.0.6.i686  
    ivshmem-tools-3.1.0-8.amzn2.0.6.i686  
    qemu-block-curl-3.1.0-8.amzn2.0.6.i686  
    qemu-block-dmg-3.1.0-8.amzn2.0.6.i686  
    qemu-block-iscsi-3.1.0-8.amzn2.0.6.i686  
    qemu-block-nfs-3.1.0-8.amzn2.0.6.i686  
    qemu-block-ssh-3.1.0-8.amzn2.0.6.i686  
    qemu-audio-alsa-3.1.0-8.amzn2.0.6.i686  
    qemu-audio-oss-3.1.0-8.amzn2.0.6.i686  
    qemu-audio-pa-3.1.0-8.amzn2.0.6.i686  
    qemu-audio-sdl-3.1.0-8.amzn2.0.6.i686  
    qemu-ui-curses-3.1.0-8.amzn2.0.6.i686  
    qemu-ui-gtk-3.1.0-8.amzn2.0.6.i686  
    qemu-ui-sdl-3.1.0-8.amzn2.0.6.i686  
    qemu-kvm-3.1.0-8.amzn2.0.6.i686  
    qemu-kvm-core-3.1.0-8.amzn2.0.6.i686  
    qemu-user-3.1.0-8.amzn2.0.6.i686  
    qemu-user-binfmt-3.1.0-8.amzn2.0.6.i686  
    qemu-user-static-3.1.0-8.amzn2.0.6.i686  
    qemu-system-aarch64-3.1.0-8.amzn2.0.6.i686  
    qemu-system-aarch64-core-3.1.0-8.amzn2.0.6.i686  
    qemu-system-x86-3.1.0-8.amzn2.0.6.i686  
    qemu-system-x86-core-3.1.0-8.amzn2.0.6.i686  
    qemu-debuginfo-3.1.0-8.amzn2.0.6.i686  
  
src:  
    qemu-3.1.0-8.amzn2.0.6.src  
  
x86_64:  
    qemu-3.1.0-8.amzn2.0.6.x86_64  
    qemu-common-3.1.0-8.amzn2.0.6.x86_64  
    qemu-guest-agent-3.1.0-8.amzn2.0.6.x86_64  
    qemu-img-3.1.0-8.amzn2.0.6.x86_64  
    ivshmem-tools-3.1.0-8.amzn2.0.6.x86_64  
    qemu-block-curl-3.1.0-8.amzn2.0.6.x86_64  
    qemu-block-dmg-3.1.0-8.amzn2.0.6.x86_64  
    qemu-block-iscsi-3.1.0-8.amzn2.0.6.x86_64  
    qemu-block-nfs-3.1.0-8.amzn2.0.6.x86_64  
    qemu-block-rbd-3.1.0-8.amzn2.0.6.x86_64  
    qemu-block-ssh-3.1.0-8.amzn2.0.6.x86_64  
    qemu-audio-alsa-3.1.0-8.amzn2.0.6.x86_64  
    qemu-audio-oss-3.1.0-8.amzn2.0.6.x86_64  
    qemu-audio-pa-3.1.0-8.amzn2.0.6.x86_64  
    qemu-audio-sdl-3.1.0-8.amzn2.0.6.x86_64  
    qemu-ui-curses-3.1.0-8.amzn2.0.6.x86_64  
    qemu-ui-gtk-3.1.0-8.amzn2.0.6.x86_64  
    qemu-ui-sdl-3.1.0-8.amzn2.0.6.x86_64  
    qemu-kvm-3.1.0-8.amzn2.0.6.x86_64  
    qemu-kvm-core-3.1.0-8.amzn2.0.6.x86_64  
    qemu-user-3.1.0-8.amzn2.0.6.x86_64  
    qemu-user-binfmt-3.1.0-8.amzn2.0.6.x86_64  
    qemu-user-static-3.1.0-8.amzn2.0.6.x86_64  
    qemu-system-aarch64-3.1.0-8.amzn2.0.6.x86_64  
    qemu-system-aarch64-core-3.1.0-8.amzn2.0.6.x86_64  
    qemu-system-x86-3.1.0-8.amzn2.0.6.x86_64  
    qemu-system-x86-core-3.1.0-8.amzn2.0.6.x86_64  
    qemu-debuginfo-3.1.0-8.amzn2.0.6.x86_64

Additional References

Red Hat: CVE-2019-15890, CVE-2020-10756

Mitre: CVE-2019-15890, CVE-2020-10756

OSVersionArchitecturePackageVersionFilename
Amazon Linux2aarch64qemu< 3.1.0-8.amzn2.0.6qemu-3.1.0-8.amzn2.0.6.aarch64.rpm
Amazon Linux2aarch64qemu-common< 3.1.0-8.amzn2.0.6qemu-common-3.1.0-8.amzn2.0.6.aarch64.rpm
Amazon Linux2aarch64qemu-guest-agent< 3.1.0-8.amzn2.0.6qemu-guest-agent-3.1.0-8.amzn2.0.6.aarch64.rpm
Amazon Linux2aarch64qemu-img< 3.1.0-8.amzn2.0.6qemu-img-3.1.0-8.amzn2.0.6.aarch64.rpm
Amazon Linux2aarch64ivshmem-tools< 3.1.0-8.amzn2.0.6ivshmem-tools-3.1.0-8.amzn2.0.6.aarch64.rpm
Amazon Linux2aarch64qemu-block-curl< 3.1.0-8.amzn2.0.6qemu-block-curl-3.1.0-8.amzn2.0.6.aarch64.rpm
Amazon Linux2aarch64qemu-block-dmg< 3.1.0-8.amzn2.0.6qemu-block-dmg-3.1.0-8.amzn2.0.6.aarch64.rpm
Amazon Linux2aarch64qemu-block-iscsi< 3.1.0-8.amzn2.0.6qemu-block-iscsi-3.1.0-8.amzn2.0.6.aarch64.rpm
Amazon Linux2aarch64qemu-block-nfs< 3.1.0-8.amzn2.0.6qemu-block-nfs-3.1.0-8.amzn2.0.6.aarch64.rpm
Amazon Linux2aarch64qemu-block-rbd< 3.1.0-8.amzn2.0.6qemu-block-rbd-3.1.0-8.amzn2.0.6.aarch64.rpm
Rows per page:
1-10 of 831

Related

nessus 76
amazon 2
prion 3
veracode 2
cve 3
debiancve 3
ubuntucve 3
suse 5
fedora 1
alpinelinux 1
zdi 1
osv 16
f5 1
redhatcve 3
ibm 1
ubuntu 4
openvas 41
redhat 8
rocky 5
almalinux 4
oraclelinux 8
debian 4
centos 1
nessus
nessus
Amazon Linux 2 : ivshmem-tools (ALAS-2020-1570)
2020-12-09 00:00:00
Amazon Linux AMI : qemu-kvm (ALAS-2021-1467)
2021-01-14 00:00:00
SUSE SLES15 Security Update : slirp4netns (SUSE-SU-2020:1915-1)
2020-07-16 00:00:00
amazon
amazon
Medium: qemu-kvm
2020-12-16 20:31:00
Medium: qemu-kvm
2021-01-12 22:51:00
prion
prion
Design/Logic Flaw
2019-09-06 17:15:00
Design/Logic Flaw
2020-07-09 16:15:00
Security feature bypass
2022-04-01 23:15:00
veracode
veracode
Use-after-free
2020-09-21 06:39:39
Information Disclosure
2020-09-21 06:27:40
cve
cve
CVE-2019-15890
2019-09-06 17:15:00
CVE-2020-10756
2020-07-09 16:15:00
CVE-2021-20295
2022-04-01 23:15:00
debiancve
debiancve
CVE-2019-15890
2019-09-06 17:15:00
CVE-2020-10756
2020-07-09 16:15:00
CVE-2021-20295
2022-04-01 23:15:00
ubuntucve
ubuntucve
CVE-2019-15890
2019-09-06 00:00:00
CVE-2020-10756
2020-07-09 00:00:00
CVE-2021-20295
2022-04-01 00:00:00
suse
suse
Security update for slirp4netns (important)
2020-07-18 00:00:00
Security update for slirp4netns (important)
2020-07-18 00:00:00
Security update for qemu (moderate)
2021-07-14 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: libslirp-4.3.1-1.fc32
2020-07-15 01:20:08
alpinelinux
alpinelinux
CVE-2020-10756
2020-07-09 16:15:00
zdi
zdi
QEMU SLiRP Networking Out-Of-Bounds Read Information Disclosure Vulnerability
2020-08-17 00:00:00
osv
osv
CVE-2019-15890
2019-09-06 17:15:11
CVE-2020-10756
2020-07-09 16:15:13
qemu - security update
2020-02-02 00:00:00
f5
f5
K75952001 : QEMU vulnerability CVE-2019-15890
2021-01-05 00:00:00
redhatcve
redhatcve
CVE-2019-15890
2020-04-02 08:47:48
CVE-2020-10756
2020-06-01 15:26:39
CVE-2021-20295
2021-03-29 09:15:46
ibm
ibm
Security Bulletin: An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator, affecting IBM Cloud Pak for Applications
2021-07-30 05:04:25
ubuntu
ubuntu
libslirp vulnerability
2020-07-27 00:00:00
QEMU vulnerabilities
2019-11-14 00:00:00
QEMU vulnerabilities
2019-11-14 00:00:00
openvas
openvas
Fedora: Security Advisory for libslirp (FEDORA-2020-8c0b966c16)
2020-07-15 00:00:00
openSUSE: Security Advisory for slirp4netns (openSUSE-SU-2020:0987-1)
2020-07-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1915-1)
2021-06-09 00:00:00
redhat
redhat
(RHSA-2020:0348) Important: container-tools:rhel8 security, bug fix, and enhancement update
2020-02-04 11:39:46
(RHSA-2021:1064) Moderate: virt:rhel and virt-devel:rhel security update
2021-04-05 16:17:13
(RHSA-2020:3586) Important: virt:8.2 and virt-devel:8.2 security and bug fix update
2020-09-01 09:21:04
rocky
rocky
container-tools:rhel8 security, bug fix, and enhancement update
2020-02-04 11:39:46
virt:rhel and virt-devel:rhel security update
2021-04-05 16:17:13
virt:rhel security update
2020-09-29 08:09:34
almalinux
almalinux
Important: virt:rhel security update
2020-09-29 08:09:34
Moderate: virt:rhel and virt-devel:rhel security update
2021-04-05 16:17:13
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
2020-11-03 12:27:37
oraclelinux
oraclelinux
virt:ol security update
2020-10-01 00:00:00
virt:ol and virt-devel:rhel security update
2021-04-09 00:00:00
qemu-kvm security update
2020-03-10 00:00:00
debian
debian
[SECURITY] [DSA 4616-1] qemu security update
2020-02-02 20:47:01
[SECURITY] [DSA 4728-1] qemu security update
2020-07-19 18:01:06
[SECURITY] [DLA 1927-1] qemu security update
2019-09-20 09:19:02
centos
centos
qemu security update
2020-03-10 20:44:03

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.6%

JSON
Related for ALAS2-2020-1570
nessus76amazon2prion3veracode2cve3debiancve3ubuntucve3suse5fedora1alpinelinux1zdi1osv16f51redhatcve3ibm1ubuntu4openvas41redhat8rocky5almalinux4oraclelinux8debian4centos1