Lucene search

K
debianDebianDEBIAN:DLA-965-1:26D15
HistoryMay 31, 2017 - 6:12 a.m.

[SECURITY] [DLA 965-1] qemu-kvm security update

2017-05-3106:12:28
lists.debian.org
24

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

9

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.002

Percentile

59.1%

Package : qemu-kvm
Version : 1.1.2+dfsg-6+deb7u22
CVE ID : CVE-2016-9602 CVE-2017-7377 CVE-2017-7471 CVE-2017-7493
CVE-2017-8086

Several vulnerabilities were discovered in qemu-kvm, a full
virtualization solution for Linux hosts on x86 hardware with x86 guests
based on the Quick Emulator(Qemu).

CVE-2016-9602

Quick Emulator(Qemu) built with the VirtFS, host directory sharing via
Plan 9 File System(9pfs) support, is vulnerable to an improper link
following issue. It could occur while accessing symbolic link files
on a shared host directory.

A privileged user inside guest could use this flaw to access host file
system beyond the shared folder and potentially escalating their
privileges on a host.

CVE-2017-7377

Quick Emulator(Qemu) built with the virtio-9p back-end support is
vulnerable to a memory leakage issue. It could occur while doing a I/O
operation via v9fs_create/v9fs_lcreate routine.

A privileged user/process inside guest could use this flaw to leak
host memory resulting in Dos.

CVE-2017-7471

Quick Emulator(Qemu) built with the VirtFS, host directory sharing via
Plan 9 File System(9pfs) support, is vulnerable to an improper access
control issue. It could occur while accessing files on a shared host
directory.

A privileged user inside guest could use this flaw to access host file
system beyond the shared folder and potentially escalating their
privileges on a host.

CVE-2017-7493

Quick Emulator(Qemu) built with the VirtFS, host directory sharing via
Plan 9 File System(9pfs) support, is vulnerable to an improper access
control issue. It could occur while accessing virtfs metadata files
in mapped-file security mode.

A guest user could use this flaw to escalate their privileges inside
guest.

CVE-2017-8086

Quick Emulator(Qemu) built with the virtio-9p back-end support is
vulnerable to a memory leakage issue. It could occur while querying
file system extended attributes via 9pfs_list_xattr() routine.

A privileged user/process inside guest could use this flaw to leak
host memory resulting in Dos.

For Debian 7 "Wheezy", these problems have been fixed in version
1.1.2+dfsg-6+deb7u22.

We recommend that you upgrade your qemu-kvm packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

9

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.002

Percentile

59.1%