Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-2560-1:73BB2
HistoryFeb 18, 2021 - 4:57 p.m.

[SECURITY] [DLA 2560-1] qemu security update

2021-02-1816:57:32
lists.debian.org
40

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

20.3%

JSON

Debian LTS Advisory DLA-2560-1 [email protected]
https://www.debian.org/lts/security/ Sylvain Beucler
February 18, 2021 https://wiki.debian.org/LTS

Package : qemu
Version : 1:2.8+dfsg-6+deb9u13
CVE ID : CVE-2020-15469 CVE-2020-15859 CVE-2020-25084 CVE-2020-28916
CVE-2020-29130 CVE-2020-29443 CVE-2021-20181 CVE-2021-20221
Debian Bug : 970253 965978 970539 974687 976388

Several vulnerabilities were discovered in QEMU, a fast processor
emulator (notably used in KVM and Xen HVM virtualization). An attacker
could trigger a denial-of-service (DoS), information leak, and
possibly execute arbitrary code with the privileges of the QEMU
process on the host.

CVE-2020-15469

A MemoryRegionOps object may lack read/write callback methods,
leading to a NULL pointer dereference.

CVE-2020-15859

QEMU has a use-after-free in hw/net/e1000e_core.c because a guest
OS user can trigger an e1000e packet with the data's address set
to the e1000e's MMIO address.

CVE-2020-25084

QEMU has a use-after-free in hw/usb/hcd-xhci.c because the
usb_packet_map return value is not checked.

CVE-2020-28916

hw/net/e1000e_core.c has an infinite loop via an RX descriptor
with a NULL buffer address.

CVE-2020-29130

slirp.c has a buffer over-read because it tries to read a certain
amount of header data even if that exceeds the total packet
length.

CVE-2020-29443

ide_atapi_cmd_reply_end in hw/ide/atapi.c allows out-of-bounds
read access because a buffer index is not validated.

CVE-2021-20181

9pfs: ZDI-CAN-10904: QEMU Plan 9 file system TOCTOU privilege
escalation vulnerability.

CVE-2021-20221

aarch64: GIC: out-of-bound heap buffer access via an interrupt ID
field.

For Debian 9 stretch, these problems have been fixed in version
1:2.8+dfsg-6+deb9u13.

We recommend that you upgrade your qemu packages.

For the detailed security status of qemu please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/qemu

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature

OSVersionArchitecturePackageVersionFilename
Debian10amd64qemu-system< 1:3.1+dfsg-8+deb10u9qemu-system_1:3.1+dfsg-8+deb10u9_amd64.deb
Debian9arm64qemu-user-binfmt< 1:2.8+dfsg-6+deb9u13qemu-user-binfmt_1:2.8+dfsg-6+deb9u13_arm64.deb
Debian10i386qemu-guest-agent< 1:3.1+dfsg-8+deb10u9qemu-guest-agent_1:3.1+dfsg-8+deb10u9_i386.deb
Debian9i386qemu-system-mips< 1:2.8+dfsg-6+deb9u13qemu-system-mips_1:2.8+dfsg-6+deb9u13_i386.deb
Debian9i386qemu-user-static< 1:2.8+dfsg-6+deb9u13qemu-user-static_1:2.8+dfsg-6+deb9u13_i386.deb
Debian10amd64qemu-system-gui< 1:3.1+dfsg-8+deb10u9qemu-system-gui_1:3.1+dfsg-8+deb10u9_amd64.deb
Debian9armhfqemu-guest-agent< 1:2.8+dfsg-6+deb9u13qemu-guest-agent_1:2.8+dfsg-6+deb9u13_armhf.deb
Debian9armelqemu-system< 1:2.8+dfsg-6+deb9u13qemu-system_1:2.8+dfsg-6+deb9u13_armel.deb
Debian10i386qemu-system-sparc< 1:3.1+dfsg-8+deb10u9qemu-system-sparc_1:3.1+dfsg-8+deb10u9_i386.deb
Debian10armhfqemu-system-mips< 1:3.1+dfsg-8+deb10u9qemu-system-mips_1:3.1+dfsg-8+deb10u9_armhf.deb
Rows per page:
1-10 of 1461

Related

openvas 39
osv 15
nessus 56
ubuntu 2
suse 3
oraclelinux 5
redhatcve 9
ubuntucve 8
prion 8
debiancve 8
veracode 8
f5 2
centos 1
alpinelinux 8
redhat 5
cbl_mariner 4
zdi 1
cve 8
rocky 2
almalinux 2
amazon 1
fedora 2
debian 1
archlinux 1
openvas
openvas
Debian: Security Advisory (DLA-2560-1)
2021-02-19 00:00:00
Ubuntu: Security Advisory (USN-4725-1)
2021-02-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1242-1)
2021-04-19 00:00:00
osv
osv
qemu - security update
2021-02-16 00:00:00
qemu vulnerabilities
2021-02-08 13:12:32
CVE-2020-15859
2020-07-21 16:15:11
nessus
nessus
Debian DLA-2560-1 : qemu security update
2021-02-19 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-4725-1)
2021-02-08 00:00:00
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1242-1)
2021-04-19 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2021-02-08 00:00:00
QEMU vulnerabilities
2021-07-15 00:00:00
suse
suse
Security update for qemu (important)
2021-04-23 00:00:00
Security update for qemu (important)
2021-03-01 00:00:00
Security update for slirp4netns (moderate)
2022-03-24 00:00:00
oraclelinux
oraclelinux
qemu security update
2021-06-06 00:00:00
qemu security update
2021-03-15 00:00:00
qemu-kvm security update
2021-06-09 00:00:00
redhatcve
redhatcve
CVE-2020-28916
2020-12-01 09:30:25
CVE-2020-15859
2020-07-21 11:37:57
CVE-2020-25084
2020-09-16 18:30:07
ubuntucve
ubuntucve
CVE-2020-28916
2020-12-04 00:00:00
CVE-2020-25084
2020-09-25 00:00:00
CVE-2020-15469
2020-07-02 00:00:00
prion
prion
Null pointer dereference
2020-12-04 07:15:00
Design/Logic Flaw
2020-09-25 05:15:00
Design/Logic Flaw
2021-01-26 18:15:00
debiancve
debiancve
CVE-2020-28916
2020-12-04 07:15:00
CVE-2020-15859
2020-07-21 16:15:00
CVE-2020-29443
2021-01-26 18:15:00
veracode
veracode
Use-After-Free
2020-12-06 02:17:48
Denial Of Service (DoS)
2021-02-19 03:00:38
Denial Of Service (DoS)
2021-02-10 00:57:31
f5
f5
K41301038 : QEMU vulnerability CVE-2020-25084
2020-12-15 00:00:00
K69488451 : Multiple QEMU vulnerabilities CVE-2020-13791, CVE-2020-13800, CVE-2020-15469, CVE-2020-15859, and CVE-2020-15863
2020-08-03 00:00:00
centos
centos
qemu security update
2021-06-14 18:42:09
alpinelinux
alpinelinux
CVE-2020-25084
2020-09-25 05:15:00
CVE-2020-28916
2020-12-04 07:15:00
CVE-2020-29443
2021-01-26 18:15:00
redhat
redhat
(RHSA-2021:2529) Moderate: qemu-kvm-rhev security update
2021-06-23 13:49:16
(RHSA-2021:2322) Moderate: qemu-kvm security update
2021-06-08 18:00:49
(RHSA-2021:1125) Low: virt:8.3 and virt-devel:8.3 security and bug fix update
2021-04-07 07:37:40
cbl_mariner
cbl_mariner
CVE-2020-15469 affecting package qemu-kvm 4.2.0-48
2020-11-30 19:31:04
CVE-2021-20221 affecting package qemu-kvm 4.2.0-48
2021-07-08 21:56:54
CVE-2020-15859 affecting package qemu-kvm 4.2.0-48
2020-11-30 19:31:04
zdi
zdi
QEMU Plan 9 File System Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
2021-02-10 00:00:00
cve
cve
CVE-2020-25084
2020-09-25 05:15:00
CVE-2020-28916
2020-12-04 07:15:00
CVE-2020-29443
2021-01-26 18:15:00
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-05-18 06:02:26
virt:rhel and virt-devel:rhel security and bug fix update
2021-08-10 11:58:46
almalinux
almalinux
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-05-18 06:02:26
Moderate: virt:rhel and virt-devel:rhel security and bug fix update
2021-08-10 11:58:46
amazon
amazon
Medium: qemu
2021-06-16 20:37:00
fedora
fedora
[SECURITY] Fedora 33 Update: libslirp-4.3.1-3.fc33
2020-12-13 02:10:05
[SECURITY] Fedora 32 Update: libslirp-4.3.1-3.fc32
2020-12-13 02:35:41
debian
debian
[SECURITY] [DLA 3099-1] qemu security update
2022-09-05 03:28:05
archlinux
archlinux
[ASA-202012-7] libslirp: information disclosure
2020-12-05 00:00:00

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

20.3%

JSON
Related for DEBIAN:DLA-2560-1:73BB2
openvas39osv15nessus56ubuntu2suse3oraclelinux5redhatcve9ubuntucve8prion8debiancve8veracode8f52centos1alpinelinux8redhat5cbl_mariner4zdi1cve8rocky2almalinux2amazon1fedora2debian1archlinux1