Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-2262.NASLHistoryJun 30, 2020 - 12:00 a.m.
Debian DLA-2262-1 : qemu security update
2020-06-3000:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
7 High
AI Score
Confidence
Low
Several vulnerabilities were fixed in qemu, a fast processor emulator.
CVE-2020-1983
slirp: Fix use-after-free in ip_reass().
CVE-2020-13361
es1370_transfer_audio in hw/audio/es1370.c allowed guest OS users to trigger an out-of-bounds access during an es1370_write() operation.
CVE-2020-13362
megasas_lookup_frame in hw/scsi/megasas.c had an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.
CVE-2020-13765
hw/core/loader: Fix possible crash in rom_copy().
For Debian 8 ‘Jessie’, these problems have been fixed in version 1:2.1+dfsg-12+deb8u15.
We recommend that you upgrade your qemu packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-2262-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(137887);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/05");
script_cve_id(
"CVE-2020-13361",
"CVE-2020-13362",
"CVE-2020-13765",
"CVE-2020-1983"
);
script_xref(name:"IAVB", value:"2020-B-0041-S");
script_name(english:"Debian DLA-2262-1 : qemu security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security update.");
script_set_attribute(attribute:"description", value:
"Several vulnerabilities were fixed in qemu, a fast processor emulator.
CVE-2020-1983
slirp: Fix use-after-free in ip_reass().
CVE-2020-13361
es1370_transfer_audio in hw/audio/es1370.c allowed guest OS users to
trigger an out-of-bounds access during an es1370_write() operation.
CVE-2020-13362
megasas_lookup_frame in hw/scsi/megasas.c had an out-of-bounds read
via a crafted reply_queue_head field from a guest OS user.
CVE-2020-13765
hw/core/loader: Fix possible crash in rom_copy().
For Debian 8 'Jessie', these problems have been fixed in version
1:2.1+dfsg-12+deb8u15.
We recommend that you upgrade your qemu packages.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/jessie/qemu");
script_set_attribute(attribute:"solution", value:
"Upgrade the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-13765");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/22");
script_set_attribute(attribute:"patch_publication_date", value:"2020/06/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-guest-agent");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-arm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-mips");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-misc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-ppc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-sparc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-x86");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-user");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-user-binfmt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-user-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-utils");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"8.0", prefix:"qemu", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-guest-agent", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-kvm", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-system", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-system-arm", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-system-common", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-system-mips", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-system-misc", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-system-ppc", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-system-sparc", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-system-x86", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-user", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-user-binfmt", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-user-static", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (deb_check(release:"8.0", prefix:"qemu-utils", reference:"1:2.1+dfsg-12+deb8u15")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | qemu | p-cpe:/a:debian:debian_linux:qemu |
| debian | debian_linux | qemu-guest-agent | p-cpe:/a:debian:debian_linux:qemu-guest-agent |
| debian | debian_linux | qemu-kvm | p-cpe:/a:debian:debian_linux:qemu-kvm |
| debian | debian_linux | qemu-system | p-cpe:/a:debian:debian_linux:qemu-system |
| debian | debian_linux | qemu-system-arm | p-cpe:/a:debian:debian_linux:qemu-system-arm |
| debian | debian_linux | qemu-system-common | p-cpe:/a:debian:debian_linux:qemu-system-common |
| debian | debian_linux | qemu-system-mips | p-cpe:/a:debian:debian_linux:qemu-system-mips |
| debian | debian_linux | qemu-system-misc | p-cpe:/a:debian:debian_linux:qemu-system-misc |
| debian | debian_linux | qemu-system-ppc | p-cpe:/a:debian:debian_linux:qemu-system-ppc |
| debian | debian_linux | qemu-system-sparc | p-cpe:/a:debian:debian_linux:qemu-system-sparc |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983
lists.debian.org/debian-lts-announce/2020/06/msg00032.html
packages.debian.org/source/jessie/qemu
Related
openvas
openvas
Debian: Security Advisory (DLA-2262-1)
2020-06-30 00:00:00
QEMU <= 5.0.0 Multiple Vulnerabilities
2020-07-22 00:00:00
Debian: Security Advisory (DSA-4728-1)
2020-07-21 00:00:00
osv
osv
qemu - security update
2020-06-29 00:00:00
qemu - security update
2020-07-19 00:00:00
qemu - security update
2020-07-25 00:00:00
debian
debian
[SECURITY] [DLA 2262-1] qemu security update
2020-06-29 20:49:03
[SECURITY] [DLA 2288-1] qemu security update
2020-07-26 11:51:28
[SECURITY] [DSA 4728-1] qemu security update
2020-07-19 18:01:06
nessus
nessus
Debian DLA-2288-1 : qemu security update
2020-07-27 00:00:00
openSUSE Security Update : qemu (openSUSE-2020-1108)
2020-07-30 00:00:00
Debian DSA-4728-1 : qemu - security update
2020-07-20 00:00:00
cve
cve
f5
f5
suse
suse
Security update for qemu (important)
2020-07-28 00:00:00
Security update for slirp4netns (important)
2020-05-11 00:00:00
Security update for qemu (moderate)
2020-06-02 00:00:00
prion
prion
Out-of-bounds
2020-05-28 15:15:00
Out-of-bounds
2020-05-28 14:15:00
Design/Logic Flaw
2020-06-04 16:15:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:23:30
Denial Of Service (DoS)
2020-09-21 06:19:44
Arbitrary Code Execution
2020-09-21 06:33:30
alpinelinux
alpinelinux
cbl_mariner
cbl_mariner
CVE-2020-13362 affecting package qemu-kvm 4.2.0-48
2020-11-30 19:31:04
CVE-2020-13361 affecting package qemu-kvm 4.2.0-48
2020-11-30 19:31:04
ubuntucve
ubuntucve
debiancve
debiancve
redhatcve
redhatcve
ubuntu
ubuntu
QEMU vulnerabilities
2021-02-02 00:00:00
QEMU vulnerabilities
2020-08-19 00:00:00
QEMU vulnerabilities
2020-05-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package libslirp version 4.3.0-alt1
2020-07-22 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: libslirp-4.2.0-2.fc32
2020-05-01 00:37:26
[SECURITY] Fedora 31 Update: libslirp-4.1.0-2.fc31
2020-05-09 04:12:56
amazon
amazon
almalinux
almalinux
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2021-02-03 00:00:00
qemu-kvm security update
2020-10-08 00:00:00
container-tools:ol8 security, bug fix, and enhancement update
2020-08-06 00:00:00
centos
centos
qemu security update
2021-02-04 01:05:06
qemu security update
2020-11-06 22:05:12
redhat
redhat
(RHSA-2021:0347) Moderate: qemu-kvm security and bug fix update
2021-02-02 09:29:16
(RHSA-2020:3053) Moderate: container-tools:rhel8 security, bug fix, and enhancement update
2020-07-21 15:01:40
(RHSA-2021:0346) Moderate: qemu-kvm-ma security update
2021-02-02 09:29:12
rocky
rocky
container-tools:rhel8 security, bug fix, and enhancement update
2020-07-21 15:01:40
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2020-11-03 12:26:07
gentoo
gentoo
QEMU: Multiple vulnerabilities
2020-11-11 00:00:00