{"id": "REDHAT-RHSA-2013-0608.NASL", "bulletinFamily": "scanner", "title": "RHEL 5 : kvm (RHSA-2013:0608)", "description": "Updated kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module\nbuilt for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct this issue. Note that the\nprocedure in the Solution section must be performed before this update\nwill take effect.", "published": "2013-03-08T00:00:00", "modified": "2020-01-02T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/65082", "reporter": "This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/errata/RHSA-2013:0608", "https://access.redhat.com/security/cve/cve-2012-6075"], "cvelist": ["CVE-2012-6075"], "type": "nessus", "lastseen": "2020-01-01T01:13:59", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kvm", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo", "cpe:/o:redhat:enterprise_linux:5.9", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug", "p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm", "p-cpe:/a:redhat:enterprise_linux:kvm-tools"], "cvelist": ["CVE-2012-6075"], "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "description": "Updated kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module\nbuilt for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct this issue. Note that the\nprocedure in the Solution section must be performed before this update\nwill take effect.", "edition": 12, "enchantments": {"dependencies": {"modified": "2019-12-13T08:53:28", "references": [{"idList": ["XSA-41"], "type": "xen"}, {"idList": ["OPENVAS:1361412562310123671", "OPENVAS:1361412562310881678", "OPENVAS:1361412562310870953", "OPENVAS:881619", "OPENVAS:1361412562310865240", "OPENVAS:1361412562310892608", "OPENVAS:892619", "OPENVAS:1361412562310892607", "OPENVAS:1361412562310881619", "OPENVAS:870955"], "type": "openvas"}, {"idList": ["RHSA-2013:0608", "RHSA-2013:0599", "RHSA-2013:0636", "RHSA-2013:0610", "RHSA-2013:0639", "RHSA-2013:0609"], "type": "redhat"}, {"idList": ["CESA-2013:0609", "CESA-2013:0599", "CESA-2013:0608"], "type": "centos"}, {"idList": ["SECURITYVULNS:VULN:12837", "SECURITYVULNS:DOC:28966"], "type": "securityvulns"}, {"idList": ["SL_20130307_QEMU_KVM_ON_SL6_X.NASL", "DEBIAN_DSA-2619.NASL", "UBUNTU_USN-1692-1.NASL", "CENTOS_RHSA-2013-0599.NASL", "CENTOS_RHSA-2013-0609.NASL", "FEDORA_2013-0965.NASL", "REDHAT-RHSA-2013-0609.NASL", "SL_20130307_KVM_ON_SL5_X.NASL", "REDHAT-RHSA-2013-0610.NASL", "DEBIAN_DSA-2607.NASL"], "type": "nessus"}, {"idList": ["CVE-2012-6075"], "type": "cve"}, {"idList": ["ELSA-2013-0599", "ELSA-2013-0608", "ELSA-2014-0163", "ELSA-2013-0609"], "type": "oraclelinux"}, {"idList": ["USN-1692-1"], "type": "ubuntu"}, {"idList": ["DEBIAN:DSA-2607-1:1A332", "DEBIAN:DSA-2608-1:C8354", "DEBIAN:DSA-2619-1:AC73D"], "type": "debian"}]}, "score": {"modified": "2019-12-13T08:53:28", "value": 6.7, "vector": "NONE"}}, "hash": "96a9ffc53e68463fafc462f0b58b0025a44ef4a61a746705a2290d19228e50b4", "hashmap": [{"hash": "971d3e6c5e474d156bfdb014e2a0f1d4", "key": "published"}, {"hash": "f1e6b30a21ddae9216870528f55d7582", "key": "href"}, {"hash": "56b32354e3c1787f51c54e1301941fa3", "key": "title"}, {"hash": "2234bd47e2f0693d85d0a82378918712", "key": "description"}, {"hash": "d726e774add6189e33cf2ea0c61a2ba5", "key": "cvss"}, {"hash": "5b165b402f1c0cee4380236e6b9d02a5", "key": "references"}, {"hash": "f0fc89578f7dd802dc2ed3b849553211", "key": "reporter"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "17a68951e47e6ca2e1101c6d70d728ca", "key": "cpe"}, {"hash": "4317f1da42835c8ce0d86e02ef17fc8e", "key": "cvelist"}, {"hash": "00cc657a089ad6887dd04a209eeaa16e", "key": "sourceData"}, {"hash": "5a7504dfe859a7ccbaf560628f6442ad", "key": "modified"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "57fc6f4466470dd2e2c7c62deea994c4", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/65082", "id": "REDHAT-RHSA-2013-0608.NASL", "lastseen": "2019-12-13T08:53:28", "modified": "2019-12-02T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "65082", "published": "2013-03-08T00:00:00", "references": ["https://access.redhat.com/errata/RHSA-2013:0608", "https://access.redhat.com/security/cve/cve-2012-6075"], "reporter": "This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0608. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65082);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:36\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"RHSA\", value:\"2013:0608\");\n\n script_name(english:\"RHEL 5 : kvm (RHSA-2013:0608)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module\nbuilt for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct this issue. Note that the\nprocedure in the Solution section must be performed before this update\nwill take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6075\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0608\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-debug-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-debuginfo-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-qemu-img-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-tools-83-262.el5_9.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kmod-kvm / kmod-kvm-debug / kvm / kvm-debuginfo / kvm-qemu-img / etc\");\n }\n}\n", "title": "RHEL 5 : kvm (RHSA-2013:0608)", "type": "nessus", "viewCount": 3}, "differentElements": ["modified"], "edition": 12, "lastseen": "2019-12-13T08:53:28"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kvm", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo", "cpe:/o:redhat:enterprise_linux:5.9", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug", "p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm", "p-cpe:/a:redhat:enterprise_linux:kvm-tools"], "cvelist": ["CVE-2012-6075"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages, which contain backported patches to correct this issue. Note that the procedure in the Solution section must be performed before this update will take effect.", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "1fe4be799709223ac1d78ffa97985edfbeaa9b3701e4940e76d113b40da7d8cc", "hashmap": [{"hash": "971d3e6c5e474d156bfdb014e2a0f1d4", "key": "published"}, {"hash": "369eb856f7dc4cfd31b9acc3c0811267", "key": "modified"}, {"hash": "a7256da6af851d620c610f0bd722a95a", "key": "href"}, {"hash": "56b32354e3c1787f51c54e1301941fa3", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5d6b55af58497b7d7a6351ef0e8ed9e8", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "e2e9ea8f1580e085792d06982e23d9ba", "key": "sourceData"}, {"hash": "038c06db55f9d3d8b376e6616f9d747e", "key": "description"}, {"hash": "17a68951e47e6ca2e1101c6d70d728ca", "key": "cpe"}, {"hash": "4317f1da42835c8ce0d86e02ef17fc8e", "key": "cvelist"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "57fc6f4466470dd2e2c7c62deea994c4", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=65082", "id": "REDHAT-RHSA-2013-0608.NASL", "lastseen": "2018-08-30T19:49:05", "modified": "2017-01-05T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "65082", "published": "2013-03-08T00:00:00", "references": ["https://www.redhat.com/security/data/cve/CVE-2012-6075.html", "http://rhn.redhat.com/errata/RHSA-2013-0608.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0608. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65082);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2017/01/05 16:17:31 $\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"RHSA\", value:\"2013:0608\");\n\n script_name(english:\"RHEL 5 : kvm (RHSA-2013:0608)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module\nbuilt for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct this issue. Note that the\nprocedure in the Solution section must be performed before this update\nwill take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-6075.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2013-0608.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0608\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-debug-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-debuginfo-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-qemu-img-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-tools-83-262.el5_9.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kmod-kvm / kmod-kvm-debug / kvm / kvm-debuginfo / kvm-qemu-img / etc\");\n }\n}\n", "title": "RHEL 5 : kvm (RHSA-2013:0608)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:49:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kvm", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo", "cpe:/o:redhat:enterprise_linux:5.9", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug", "p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm", "p-cpe:/a:redhat:enterprise_linux:kvm-tools"], "cvelist": ["CVE-2012-6075"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages, which contain backported patches to correct this issue. Note that the procedure in the Solution section must be performed before this update will take effect.", "edition": 6, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "c2e64e3db411fc213058c4252985b2cbf67d8801a03aef7e00d07fad03c76192", "hashmap": [{"hash": "971d3e6c5e474d156bfdb014e2a0f1d4", "key": "published"}, {"hash": "7f86b488cde79959076c92cafc9748f6", "key": "modified"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "a7256da6af851d620c610f0bd722a95a", "key": "href"}, {"hash": "56b32354e3c1787f51c54e1301941fa3", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5d6b55af58497b7d7a6351ef0e8ed9e8", "key": "references"}, {"hash": "c80841f25128a3b3435bcd9041953824", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "038c06db55f9d3d8b376e6616f9d747e", "key": "description"}, {"hash": "17a68951e47e6ca2e1101c6d70d728ca", "key": "cpe"}, {"hash": "4317f1da42835c8ce0d86e02ef17fc8e", "key": "cvelist"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "57fc6f4466470dd2e2c7c62deea994c4", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=65082", "id": "REDHAT-RHSA-2013-0608.NASL", "lastseen": "2018-09-12T10:06:36", "modified": "2018-09-10T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "65082", "published": "2013-03-08T00:00:00", "references": ["https://www.redhat.com/security/data/cve/CVE-2012-6075.html", "http://rhn.redhat.com/errata/RHSA-2013-0608.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0608. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65082);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/09/10 11:37:05\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"RHSA\", value:\"2013:0608\");\n\n script_name(english:\"RHEL 5 : kvm (RHSA-2013:0608)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module\nbuilt for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct this issue. Note that the\nprocedure in the Solution section must be performed before this update\nwill take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2013-0608.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-6075.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0608\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-debug-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-debuginfo-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-qemu-img-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-tools-83-262.el5_9.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kmod-kvm / kmod-kvm-debug / kvm / kvm-debuginfo / kvm-qemu-img / etc\");\n }\n}\n", "title": "RHEL 5 : kvm (RHSA-2013:0608)", "type": "nessus", "viewCount": 3}, "differentElements": ["references", "modified", "sourceData"], "edition": 6, "lastseen": "2018-09-12T10:06:36"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2012-6075"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages, which contain backported patches to correct this issue. Note that the procedure in the Solution section must be performed before this update will take effect.", "edition": 2, "enchantments": {}, "hash": "f2121e747eeac86e47460838a4f93ff992183e40e35f1b4c1d877d2d112cdb83", "hashmap": [{"hash": "971d3e6c5e474d156bfdb014e2a0f1d4", "key": "published"}, {"hash": "369eb856f7dc4cfd31b9acc3c0811267", "key": "modified"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "a7256da6af851d620c610f0bd722a95a", "key": "href"}, {"hash": "56b32354e3c1787f51c54e1301941fa3", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5d6b55af58497b7d7a6351ef0e8ed9e8", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "e2e9ea8f1580e085792d06982e23d9ba", "key": "sourceData"}, {"hash": "038c06db55f9d3d8b376e6616f9d747e", "key": "description"}, {"hash": "4317f1da42835c8ce0d86e02ef17fc8e", "key": "cvelist"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "57fc6f4466470dd2e2c7c62deea994c4", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=65082", "id": "REDHAT-RHSA-2013-0608.NASL", "lastseen": "2017-01-06T02:15:55", "modified": "2017-01-05T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.2", "pluginID": "65082", "published": "2013-03-08T00:00:00", "references": ["https://www.redhat.com/security/data/cve/CVE-2012-6075.html", "http://rhn.redhat.com/errata/RHSA-2013-0608.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0608. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65082);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2017/01/05 16:17:31 $\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"RHSA\", value:\"2013:0608\");\n\n script_name(english:\"RHEL 5 : kvm (RHSA-2013:0608)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module\nbuilt for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct this issue. Note that the\nprocedure in the Solution section must be performed before this update\nwill take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-6075.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2013-0608.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0608\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-debug-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-debuginfo-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-qemu-img-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-tools-83-262.el5_9.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kmod-kvm / kmod-kvm-debug / kvm / kvm-debuginfo / kvm-qemu-img / etc\");\n }\n}\n", "title": "RHEL 5 : kvm (RHSA-2013:0608)", "type": "nessus", "viewCount": 3}, "differentElements": ["cpe"], "edition": 2, "lastseen": "2017-01-06T02:15:55"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kvm", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo", "cpe:/o:redhat:enterprise_linux:5.9", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug", "p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm", "p-cpe:/a:redhat:enterprise_linux:kvm-tools"], "cvelist": ["CVE-2012-6075"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages, which contain backported patches to correct this issue. Note that the procedure in the Solution section must be performed before this update will take effect.", "edition": 5, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "a43fb91b00fc98ba27308a719a4be03b51263afd9791ab36970af46d647b1511", "hashmap": [{"hash": "971d3e6c5e474d156bfdb014e2a0f1d4", "key": "published"}, {"hash": "369eb856f7dc4cfd31b9acc3c0811267", "key": "modified"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "a7256da6af851d620c610f0bd722a95a", "key": "href"}, {"hash": "56b32354e3c1787f51c54e1301941fa3", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5d6b55af58497b7d7a6351ef0e8ed9e8", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "e2e9ea8f1580e085792d06982e23d9ba", "key": "sourceData"}, {"hash": "038c06db55f9d3d8b376e6616f9d747e", "key": "description"}, {"hash": "17a68951e47e6ca2e1101c6d70d728ca", "key": "cpe"}, {"hash": "4317f1da42835c8ce0d86e02ef17fc8e", "key": "cvelist"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "57fc6f4466470dd2e2c7c62deea994c4", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=65082", "id": "REDHAT-RHSA-2013-0608.NASL", "lastseen": "2018-09-01T23:56:06", "modified": "2017-01-05T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "65082", "published": "2013-03-08T00:00:00", "references": ["https://www.redhat.com/security/data/cve/CVE-2012-6075.html", "http://rhn.redhat.com/errata/RHSA-2013-0608.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0608. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65082);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2017/01/05 16:17:31 $\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"RHSA\", value:\"2013:0608\");\n\n script_name(english:\"RHEL 5 : kvm (RHSA-2013:0608)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module\nbuilt for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct this issue. Note that the\nprocedure in the Solution section must be performed before this update\nwill take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-6075.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2013-0608.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0608\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-debug-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-debuginfo-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-qemu-img-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-tools-83-262.el5_9.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kmod-kvm / kmod-kvm-debug / kvm / kvm-debuginfo / kvm-qemu-img / etc\");\n }\n}\n", "title": "RHEL 5 : kvm (RHSA-2013:0608)", "type": "nessus", "viewCount": 3}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2018-09-01T23:56:06"}], "edition": 13, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "17a68951e47e6ca2e1101c6d70d728ca"}, {"key": "cvelist", "hash": "4317f1da42835c8ce0d86e02ef17fc8e"}, {"key": "cvss", "hash": "d726e774add6189e33cf2ea0c61a2ba5"}, {"key": "description", "hash": "2234bd47e2f0693d85d0a82378918712"}, {"key": "href", "hash": "f1e6b30a21ddae9216870528f55d7582"}, {"key": "modified", "hash": "2249940a684898a70237266de5d6dd6c"}, {"key": "naslFamily", "hash": "b46559ea68ec9a13474c3a7776817cfd"}, {"key": "pluginID", "hash": "57fc6f4466470dd2e2c7c62deea994c4"}, {"key": "published", "hash": "971d3e6c5e474d156bfdb014e2a0f1d4"}, {"key": "references", "hash": "5b165b402f1c0cee4380236e6b9d02a5"}, {"key": "reporter", "hash": "f0fc89578f7dd802dc2ed3b849553211"}, {"key": "sourceData", "hash": "00cc657a089ad6887dd04a209eeaa16e"}, {"key": "title", "hash": "56b32354e3c1787f51c54e1301941fa3"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "8db43a6a5d283f49261498b52399dd92db8cedc178a79e5e1752ada50d707699", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-6075"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310870953", "OPENVAS:1361412562310892607", "OPENVAS:870955", "OPENVAS:1361412562310865240", "OPENVAS:841288", "OPENVAS:1361412562310892608", "OPENVAS:1361412562310123671", "OPENVAS:1361412562310881619", "OPENVAS:1361412562310881665", "OPENVAS:881678"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0608", "ELSA-2013-0599", "ELSA-2013-0609", "ELSA-2014-0163"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2607-1:1A332", "DEBIAN:DSA-2619-1:AC73D", "DEBIAN:DSA-2608-1:C8354"]}, {"type": "redhat", "idList": ["RHSA-2013:0609", "RHSA-2013:0608", "RHSA-2013:0599", "RHSA-2013:0610", "RHSA-2013:0639", "RHSA-2013:0636"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12837", "SECURITYVULNS:DOC:28966"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2013-0599.NASL", "CENTOS_RHSA-2013-0609.NASL", "DEBIAN_DSA-2619.NASL", "DEBIAN_DSA-2607.NASL", "REDHAT-RHSA-2013-0610.NASL", "SL_20130307_QEMU_KVM_ON_SL6_X.NASL", "REDHAT-RHSA-2013-0609.NASL", "FEDORA_2013-1269.NASL", "FEDORA_2013-0965.NASL", "SL_20130307_KVM_ON_SL5_X.NASL"]}, {"type": "centos", "idList": ["CESA-2013:0609", "CESA-2013:0608", "CESA-2013:0599"]}, {"type": "xen", "idList": ["XSA-41"]}, {"type": "ubuntu", "idList": ["USN-1692-1"]}], "modified": "2020-01-01T01:13:59"}, "score": {"value": 6.7, "vector": "NONE", "modified": "2020-01-01T01:13:59"}, "vulnersScore": 6.7}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0608. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65082);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:36\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"RHSA\", value:\"2013:0608\");\n\n script_name(english:\"RHEL 5 : kvm (RHSA-2013:0608)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kvm packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module\nbuilt for the standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages,\nwhich contain backported patches to correct this issue. Note that the\nprocedure in the Solution section must be performed before this update\nwill take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6075\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0608\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kmod-kvm-debug-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-debuginfo-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-qemu-img-83-262.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kvm-tools-83-262.el5_9.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kmod-kvm / kmod-kvm-debug / kvm / kvm-debuginfo / kvm-qemu-img / etc\");\n }\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "65082", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kvm", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:kvm-debuginfo", "cpe:/o:redhat:enterprise_linux:5.9", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm-debug", "p-cpe:/a:redhat:enterprise_linux:kvm-qemu-img", "p-cpe:/a:redhat:enterprise_linux:kmod-kvm", "p-cpe:/a:redhat:enterprise_linux:kvm-tools"], "scheme": null}

{"cve": [{"lastseen": "2019-05-29T18:12:26", "bulletinFamily": "NVD", "description": "Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.", "modified": "2014-04-19T04:29:00", "id": "CVE-2012-6075", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6075", "published": "2013-02-13T01:55:00", "title": "CVE-2012-6075", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:38:17", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2013-03-08T00:00:00", "id": "OPENVAS:1361412562310870953", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870953", "title": "RedHat Update for qemu-kvm RHSA-2013:0609-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for qemu-kvm RHSA-2013:0609-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00021.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870953\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:18:34 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-6075\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2013:0609-01\");\n script_name(\"RedHat Update for qemu-kvm RHSA-2013:0609-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'qemu-kvm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"qemu-kvm on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"KVM (Kernel-based Virtual Machine) is a full virtualization solution for\n Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component\n for running virtual machines using KVM.\n\n A flaw was found in the way QEMU-KVM emulated the e1000 network interface\n card when the host was configured to accept jumbo network frames, and a\n guest using the e1000 emulated driver was not. A remote attacker could use\n this flaw to crash the guest or, potentially, execute arbitrary code with\n root privileges in the guest. (CVE-2012-6075)\n\n All users of qemu-kvm should upgrade to these updated packages, which\n contain backported patches to correct this issue. After installing this\n update, shut down all running virtual machines. Once all virtual machines\n have shut down, start them again for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"qemu-guest-agent\", rpm:\"qemu-guest-agent~0.12.1.2~2.355.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qemu-kvm-debuginfo\", rpm:\"qemu-kvm-debuginfo~0.12.1.2~2.355.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qemu-img\", rpm:\"qemu-img~0.12.1.2~2.355.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qemu-kvm\", rpm:\"qemu-kvm~0.12.1.2~2.355.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qemu-kvm-tools\", rpm:\"qemu-kvm-tools~0.12.1.2~2.355.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-23T13:09:45", "bulletinFamily": "scanner", "description": "Check for the Version of xen", "modified": "2018-01-23T00:00:00", "published": "2013-03-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870955", "id": "OPENVAS:870955", "title": "RedHat Update for xen RHSA-2013:0599-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for xen RHSA-2013:0599-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The xen packages contain administration tools and the xend service for\n managing the kernel-xen kernel for virtualization on Red Hat Enterprise\n Linux.\n\n A flaw was found in the way QEMU emulated the e1000 network interface card\n when the host was configured to accept jumbo network frames, and a\n fully-virtualized guest using the e1000 emulated driver was not. A remote\n attacker could use this flaw to crash the guest or, potentially, execute\n arbitrary code with root privileges in the guest. (CVE-2012-6075)\n\n All users of xen are advised to upgrade to these updated packages, which\n correct this issue. After installing the updated packages, all running\n fully-virtualized guests must be restarted for this update to take effect.\";\n\n\ntag_affected = \"xen on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00013.html\");\n script_id(870955);\n script_version(\"$Revision: 8494 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 07:57:55 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:18:40 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-6075\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2013:0599-01\");\n script_name(\"RedHat Update for xen RHSA-2013:0599-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xen\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen-debuginfo\", rpm:\"xen-debuginfo~3.0.3~142.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~142.el5_9.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:29", "bulletinFamily": "scanner", "description": "It was discovered that the e1000 emulation code in QEMU does not\nenforce frame size limits in the same way as the real hardware does.\nThis could trigger buffer overflows in the guest operating system\ndriver for that network card, assuming that the host system does not\ndiscard such frames (which it will by default).", "modified": "2019-03-18T00:00:00", "published": "2013-01-15T00:00:00", "id": "OPENVAS:1361412562310892607", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892607", "title": "Debian Security Advisory DSA 2607-1 (qemu-kvm - buffer overflow)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2607.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2607-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892607\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2012-6075\");\n script_name(\"Debian Security Advisory DSA 2607-1 (qemu-kvm - buffer overflow)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-15 00:00:00 +0100 (Tue, 15 Jan 2013)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2607.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"qemu-kvm on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), this problem has been fixed in\nversion 0.12.5+dfsg-5+squeeze10.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.2+dfsg-4.\n\nWe recommend that you upgrade your qemu-kvm packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that the e1000 emulation code in QEMU does not\nenforce frame size limits in the same way as the real hardware does.\nThis could trigger buffer overflows in the guest operating system\ndriver for that network card, assuming that the host system does not\ndiscard such frames (which it will by default).\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"kvm\", ver:\"0.12.5+dfsg-5+squeeze10\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"qemu-kvm\", ver:\"0.12.5+dfsg-5+squeeze10\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"qemu-kvm-dbg\", ver:\"0.12.5+dfsg-5+squeeze10\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:33", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2013-0609", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123671", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123671", "title": "Oracle Linux Local Check: ELSA-2013-0609", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0609.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123671\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:03 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0609\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0609 - qemu-kvm security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0609\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0609.html\");\n script_cve_id(\"CVE-2012-6075\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"qemu-guest-agent\", rpm:\"qemu-guest-agent~0.12.1.2~2.355.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"qemu-guest-agent-win32\", rpm:\"qemu-guest-agent-win32~0.12.1.2~2.355.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"qemu-img\", rpm:\"qemu-img~0.12.1.2~2.355.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"qemu-kvm\", rpm:\"qemu-kvm~0.12.1.2~2.355.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"qemu-kvm-tools\", rpm:\"qemu-kvm-tools~0.12.1.2~2.355.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-22T13:10:39", "bulletinFamily": "scanner", "description": "Check for the Version of xen", "modified": "2018-01-22T00:00:00", "published": "2013-03-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881619", "id": "OPENVAS:881619", "title": "CentOS Update for xen CESA-2013:0599 centos5 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xen CESA-2013:0599 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The xen packages contain administration tools and the xend service for\n managing the kernel-xen kernel for virtualization on Red Hat Enterprise\n Linux.\n\n A flaw was found in the way QEMU emulated the e1000 network interface card\n when the host was configured to accept jumbo network frames, and a\n fully-virtualized guest using the e1000 emulated driver was not. A remote\n attacker could use this flaw to crash the guest or, potentially, execute\n arbitrary code with root privileges in the guest. (CVE-2012-6075)\n\n All users of xen are advised to upgrade to these updated packages, which\n correct this issue. After installing the updated packages, all running\n fully-virtualized guests must be restarted for this update to take effect.\";\n\n\ntag_affected = \"xen on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019266.html\");\n script_id(881619);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:19:29 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-6075\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2013:0599\");\n script_name(\"CentOS Update for xen CESA-2013:0599 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xen\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~3.0.3~142.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~3.0.3~142.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~142.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:01", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:1361412562310881678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881678", "title": "CentOS Update for kmod-kvm CESA-2013:0608 centos5", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kmod-kvm CESA-2013:0608 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019272.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881678\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:02:32 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-6075\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2013:0608\");\n script_name(\"CentOS Update for kmod-kvm CESA-2013:0608 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kmod-kvm'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"kmod-kvm on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"KVM (Kernel-based Virtual Machine) is a full virtualization solution for\n Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for\n the standard Red Hat Enterprise Linux kernel.\n\n A flaw was found in the way QEMU-KVM emulated the e1000 network interface\n card when the host was configured to accept jumbo network frames, and a\n guest using the e1000 emulated driver was not. A remote attacker could use\n this flaw to crash the guest or, potentially, execute arbitrary code with\n root privileges in the guest. (CVE-2012-6075)\n\n All users of kvm are advised to upgrade to these updated packages, which\n contain backported patches to correct this issue. Note that the procedure\n in the Solution section must be performed before this update will take\n effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kmod-kvm\", rpm:\"kmod-kvm~83~262.el5.centos.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kmod-kvm-debug\", rpm:\"kmod-kvm-debug~83~262.el5.centos.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kvm\", rpm:\"kvm~83~262.el5.centos.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kvm-qemu-img\", rpm:\"kvm-qemu-img~83~262.el5.centos.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kvm-tools\", rpm:\"kvm-tools~83~262.el5.centos.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:51", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-01-28T00:00:00", "id": "OPENVAS:1361412562310865240", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865240", "title": "Fedora Update for qemu FEDORA-2013-0965", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for qemu FEDORA-2013-0965\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097575.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865240\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-28 09:33:24 +0530 (Mon, 28 Jan 2013)\");\n script_cve_id(\"CVE-2012-6075\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2013-0965\");\n script_name(\"Fedora Update for qemu FEDORA-2013-0965\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'qemu'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"qemu on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"qemu\", rpm:\"qemu~1.2.2~2.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:44", "bulletinFamily": "scanner", "description": "A buffer overflow was found in the e1000 emulation, which could be\ntriggered when processing jumbo frames.", "modified": "2017-07-07T00:00:00", "published": "2013-02-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=892619", "id": "OPENVAS:892619", "title": "Debian Security Advisory DSA 2619-1 (xen-qemu-dm-4.0 - buffer overflow)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2619.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2619-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"xen-qemu-dm-4.0 on Debian Linux\";\ntag_insight = \"This package is the Xen version of the Qemu emulator especially patched for\nits hypervisor. With xen-qemu-dm, you can run a fully virtualized virtual\nmachine if your hardware supports it (Intel VT support, or AMD-v technology).\";\ntag_solution = \"For the stable distribution (squeeze), this problem has been fixed in\nversion 4.0.1-2+squeeze3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 4.1.3-8 of the xen source package.\n\nWe recommend that you upgrade your xen-qemu-dm-4.0 packages.\";\ntag_summary = \"A buffer overflow was found in the e1000 emulation, which could be\ntriggered when processing jumbo frames.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892619);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2012-6075\");\n script_name(\"Debian Security Advisory DSA 2619-1 (xen-qemu-dm-4.0 - buffer overflow)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-02-10 00:00:00 +0100 (Sun, 10 Feb 2013)\");\n script_tag(name: \"cvss_base\", value:\"9.3\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2619.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"xen-qemu-dm-4.0\", ver:\"4.0.1-2+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:22", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-08T00:00:00", "id": "OPENVAS:1361412562310881619", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881619", "title": "CentOS Update for xen CESA-2013:0599 centos5", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xen CESA-2013:0599 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019266.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881619\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:19:29 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-6075\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2013:0599\");\n script_name(\"CentOS Update for xen CESA-2013:0599 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"xen on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The xen packages contain administration tools and the xend service for\n managing the kernel-xen kernel for virtualization on Red Hat Enterprise\n Linux.\n\n A flaw was found in the way QEMU emulated the e1000 network interface card\n when the host was configured to accept jumbo network frames, and a\n fully-virtualized guest using the e1000 emulated driver was not. A remote\n attacker could use this flaw to crash the guest or, potentially, execute\n arbitrary code with root privileges in the guest. (CVE-2012-6075)\n\n All users of xen are advised to upgrade to these updated packages, which\n correct this issue. After installing the updated packages, all running\n fully-virtualized guests must be restarted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~3.0.3~142.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~3.0.3~142.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~142.el5_9.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:51", "bulletinFamily": "scanner", "description": "It was discovered that the e1000 emulation code in QEMU does not\nenforce frame size limits in the same way as the real hardware does.\nThis could trigger buffer overflows in the guest operating system\ndriver for that network card, assuming that the host system does not\ndiscard such frames (which it will by default).", "modified": "2019-03-18T00:00:00", "published": "2013-01-15T00:00:00", "id": "OPENVAS:1361412562310892608", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892608", "title": "Debian Security Advisory DSA 2608-1 (qemu - buffer overflow)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2608.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2608-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892608\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2012-6075\");\n script_name(\"Debian Security Advisory DSA 2608-1 (qemu - buffer overflow)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-15 00:00:00 +0100 (Tue, 15 Jan 2013)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2608.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"qemu on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), this problem has been fixed in\nversion 0.12.5+dfsg-3squeeze3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.2+dfsg-4.\n\nWe recommend that you upgrade your qemu packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that the e1000 emulation code in QEMU does not\nenforce frame size limits in the same way as the real hardware does.\nThis could trigger buffer overflows in the guest operating system\ndriver for that network card, assuming that the host system does not\ndiscard such frames (which it will by default).\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libqemu-dev\", ver:\"0.12.5+dfsg-3squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"qemu\", ver:\"0.12.5+dfsg-3squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"qemu-keymaps\", ver:\"0.12.5+dfsg-3squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"qemu-system\", ver:\"0.12.5+dfsg-3squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"qemu-user\", ver:\"0.12.5+dfsg-3squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"qemu-user-static\", ver:\"0.12.5+dfsg-3squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"qemu-utils\", ver:\"0.12.5+dfsg-3squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:56", "bulletinFamily": "unix", "description": "[kvm-83-262.0.1.el5_9.1]\n- Added kvm-add-oracle-workaround-for-libvirt-bug.patch\n- Added kvm-Introduce-oel-machine-type.patch\n[kvm-83-262.el5_1]\n- kvm-e1000-Discard-packets-that-are-too-long-if-SBP-and-L.patch [bz#910839]\n- kvm-e1000-Discard-oversized-packets-based-on-SBP-LPE.patch [bz#910839]\n- Resolves: bz#910839\n (CVE-2012-6075 qemu (e1000 device driver): Buffer overflow when processing large packets when SBP and LPE flags are disabled [rhel-5.9.z])", "modified": "2013-03-07T00:00:00", "published": "2013-03-07T00:00:00", "id": "ELSA-2013-0608", "href": "http://linux.oracle.com/errata/ELSA-2013-0608.html", "title": "kvm security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:39", "bulletinFamily": "unix", "description": "[3.0.3-142.el5_9.2]\n- e1000: discard packets that are too long if !SBP and !LPE (rhbz 910843)\n- e1000: discard oversized packets based on SBP|LPE (rhbz 910843)", "modified": "2013-03-06T00:00:00", "published": "2013-03-06T00:00:00", "id": "ELSA-2013-0599", "href": "http://linux.oracle.com/errata/ELSA-2013-0599.html", "title": "xen security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:22", "bulletinFamily": "unix", "description": "[qemu-kvm-0.12.1.2-2.355.el6_4.2]\n- kvm-e1000-Discard-packets-that-are-too-long-if-SBP-and-L.patch [bz#910841]\n- kvm-e1000-Discard-oversized-packets-based-on-SBP-LPE.patch [bz#910841]\n- Resolves: bz#910841\n (CVE-2012-6075 qemu (e1000 device driver): Buffer overflow when processing large packets when SBP and LPE flags are disabled [rhel-6.4.z])\n[qemu-kvm-0.12.1.2-2.355.el6_4.1]\n- kvm-Revert-e1000-no-need-auto-negotiation-if-link-was-do.patch [bz#907397]\n- Resolves: bz#907397\n (Patch 'e1000: no need auto-negotiation if link was down' may break e1000 guest)", "modified": "2013-03-07T00:00:00", "published": "2013-03-07T00:00:00", "id": "ELSA-2013-0609", "href": "http://linux.oracle.com/errata/ELSA-2013-0609.html", "title": "qemu-kvm security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:39", "bulletinFamily": "unix", "description": "[kvm-83-266.0.1.el5_10.1]\n- Added kvm-add-oracle-workaround-for-libvirt-bug.patch\n- Added kvm-Introduce-oel-machine-type.patch\n[kvm-83-266_10.1.el5]\n- KVM: x86: prevent cross page vapic_addr access (CVE-2013-6368) [bz#1032219]\n- KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367) [bz#1032216]\n- Resolves: bz#1032219\n (CVE-2013-6368 kvm: cross page vapic_addr access [rhel-5.10])\n- Resolves: bz#1032216\n CVE-2013-6367 kvm: division by zero in apic_get_tmcct() [rhel-5.10.z]\n[kvm-83-266.el5]\n- Updated kversion to 2.6.18-348.4.1.el5\n- kvm-fix-l1_map-buffer-overflow.patch [bz#956511]\n- Resolves: bz#956511\n (qemu-kvm segfault in tb_invalidate_phys_page_range())\n[kvm-83-265.el5]\n- kvm-kernel-kvm-accept-unaligned-MSR_KVM_SYSTEM_TIME-writes.patch [bz#924597]\n- Resolves: bz#924597\n (RHEL.5.8.32 guest hang when installing)\n[kvm-83-264.el5]\n- kvm-kernel-KVM-Fix-for-buffer-overflow-in-handling-of-MSR_KVM_S.patch [bz#917019]\n- kvm-kernel-KVM-Convert-MSR_KVM_SYSTEM_TIME-to-use-kvm_write_gue.patch [bz#917023]\n- kvm-kernel-KVM-Fix-bounds-checking-in-ioapic-indirect-register-.patch [bz#917029]\n- kvm-kernel-do-not-GP-on-unaligned-MSR_KVM_SYSTEM_TIME-write.patch [bz#bz917019]\n- Resolves: bz#917019\n (CVE-2013-1796 kernel: kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME [rhel-5.10])\n- Resolves: bz#917023\n (CVE-2013-1797 kernel: kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME [rhel-5.10])\n- Resolves: bz#917029\n (CVE-2013-1798 kernel: kvm: out-of-bounds access in ioapic indirect register reads [rhel-5.10])\n[kvm-83-263.el5]\n- kvm-e1000-Discard-packets-that-are-too-long-if-SBP-and-L.patch [bz#910840]\n- kvm-e1000-Discard-oversized-packets-based-on-SBP-LPE.patch [bz#910840]\n- Resolves: bz#910840\n (CVE-2012-6075 qemu (e1000 device driver): Buffer overflow when processing large packets when SBP and LPE flags are disabled [rhel-5.10])", "modified": "2014-02-12T00:00:00", "published": "2014-02-12T00:00:00", "id": "ELSA-2014-0163", "href": "http://linux.oracle.com/errata/ELSA-2014-0163.html", "title": "kvm security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2019-05-30T02:22:33", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2607-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 15, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : qemu-kvm\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-6075\nDebian Bug : 696051\n\nIt was discovered that the e1000 emulation code in QEMU does not\nenforce frame size limits in the same way as the real hardware does.\nThis could trigger buffer overflows in the guest operating system\ndriver for that network card, assuming that the host system does not\ndiscard such frames (which it will by default).\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.12.5+dfsg-5+squeeze10.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.2+dfsg-4.\n\nWe recommend that you upgrade your qemu-kvm packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-01-15T20:26:42", "published": "2013-01-15T20:26:42", "id": "DEBIAN:DSA-2607-1:1A332", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00010.html", "title": "[SECURITY] [DSA 2607-1] qemu-kvm security update", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:21:48", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2619-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 10, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : xen-qemu-dm-4.0\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-6075\n\nA buffer overflow was found in the e1000e emulation, which could be\ntriggered when processing jumbo frames.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 4.0.1-2+squeeze3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 4.1.3-8 of the xen source package.\n\nWe recommend that you upgrade your xen-qemu-dm-4.0 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-02-10T18:23:03", "published": "2013-02-10T18:23:03", "id": "DEBIAN:DSA-2619-1:AC73D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00023.html", "title": "[SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:23:06", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2608-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 15, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : qemu\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-6075\nDebian Bug : 696051\n\nIt was discovered that the e1000 emulation code in QEMU does not\nenforce frame size limits in the same way as the real hardware does.\nThis could trigger buffer overflows in the guest operating system\ndriver for that network card, assuming that the host system does not\ndiscard such frames (which it will by default).\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.12.5+dfsg-3squeeze3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.2+dfsg-4.\n\nWe recommend that you upgrade your qemu packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-01-15T20:39:00", "published": "2013-01-15T20:39:00", "id": "DEBIAN:DSA-2608-1:C8354", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00011.html", "title": "[SECURITY] [DSA 2608-1] qemu security update", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:50", "bulletinFamily": "unix", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component\nfor running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nAll users of qemu-kvm should upgrade to these updated packages, which\ncontain backported patches to correct this issue. After installing this\nupdate, shut down all running virtual machines. Once all virtual machines\nhave shut down, start them again for this update to take effect.\n", "modified": "2018-06-06T20:24:32", "published": "2013-03-07T05:00:00", "id": "RHSA-2013:0609", "href": "https://access.redhat.com/errata/RHSA-2013:0609", "type": "redhat", "title": "(RHSA-2013:0609) Important: qemu-kvm security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:10", "bulletinFamily": "unix", "description": "The xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat Enterprise\nLinux.\n\nA flaw was found in the way QEMU emulated the e1000 network interface card\nwhen the host was configured to accept jumbo network frames, and a\nfully-virtualized guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially, execute\narbitrary code with root privileges in the guest. (CVE-2012-6075)\n\nAll users of xen are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the updated packages, all running\nfully-virtualized guests must be restarted for this update to take effect.\n", "modified": "2017-09-08T12:16:58", "published": "2013-03-06T05:00:00", "id": "RHSA-2013:0599", "href": "https://access.redhat.com/errata/RHSA-2013:0599", "type": "redhat", "title": "(RHSA-2013:0599) Important: xen security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:38", "bulletinFamily": "unix", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages form the\nuser-space component for running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nAll users of qemu-kvm-rhev are advised to upgrade to these updated\npackages, which correct this issue. After installing this update, shut down\nall running virtual machines. Once all virtual machines have shut down,\nstart them again for this update to take effect.\n", "modified": "2018-06-07T08:59:28", "published": "2013-03-07T05:00:00", "id": "RHSA-2013:0610", "href": "https://access.redhat.com/errata/RHSA-2013:0610", "type": "redhat", "title": "(RHSA-2013:0610) Important: qemu-kvm-rhev security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:30", "bulletinFamily": "unix", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for\nthe standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages, which\ncontain backported patches to correct this issue. Note that the procedure\nin the Solution section must be performed before this update will take\neffect.\n", "modified": "2017-09-08T12:18:53", "published": "2013-03-07T05:00:00", "id": "RHSA-2013:0608", "href": "https://access.redhat.com/errata/RHSA-2013:0608", "type": "redhat", "title": "(RHSA-2013:0608) Important: kvm security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:44", "bulletinFamily": "unix", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages form the\nuser-space component for running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nAll users of qemu-kvm-rhev are advised to upgrade to these updated\npackages, which correct this issue. After installing this update, shut down\nall running virtual machines. Once all virtual machines have shut down,\nstart them again for this update to take effect.\n", "modified": "2018-06-09T14:17:32", "published": "2013-03-12T04:00:00", "id": "RHSA-2013:0639", "href": "https://access.redhat.com/errata/RHSA-2013:0639", "type": "redhat", "title": "(RHSA-2013:0639) Important: qemu-kvm-rhev security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:26", "bulletinFamily": "unix", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nIt was discovered that GnuTLS leaked timing information when decrypting\nTLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A\nremote attacker could possibly use this flaw to retrieve plain text from\nthe encrypted packets by using a TLS/SSL server as a padding oracle.\n(CVE-2013-1619)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2013-0292 (dbus-glib issue)\n\nCVE-2013-0228, CVE-2013-0268, and CVE-2013-0871 (kernel issues)\n\nCVE-2013-0338 (libxml2 issue)\n\nThis update contains the builds from the following errata:\n\novirt-node: RHBA-2013:0634\n https://rhn.redhat.com/errata/RHBA-2013-0634.html\nkernel: RHSA-2013:0630\n https://rhn.redhat.com/errata/RHSA-2013-0630.html\ndbus-glib: RHSA-2013:0568\n https://rhn.redhat.com/errata/RHSA-2013-0568.html\nlibcgroup: RHBA-2013:0560\n https://rhn.redhat.com/errata/RHBA-2013-0560.html\nvdsm: RHBA-2013:0635\n https://rhn.redhat.com/errata/RHBA-2013-0635.html\nselinux-policy: RHBA-2013:0618\n https://rhn.redhat.com/errata/RHBA-2013-0618.html\nqemu-kvm-rhev: RHSA-2013:0610\n https://rhn.redhat.com/errata/RHSA-2013-0610.html\nglusterfs: RHBA-2013:0620\n https://rhn.redhat.com/errata/RHBA-2013-0620.html\ngnutls: RHSA-2013:0588\n https://rhn.redhat.com/errata/RHSA-2013-0588.html\nipmitool: RHBA-2013:0572\n https://rhn.redhat.com/errata/RHBA-2013-0572.html\nlibxml2: RHSA-2013:0581\n https://rhn.redhat.com/errata/RHSA-2013-0581.html\nopenldap: RHBA-2013:0598\n https://rhn.redhat.com/errata/RHBA-2013-0598.html\nopenssl: RHSA-2013:0587\n https://rhn.redhat.com/errata/RHSA-2013-0587.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\n", "modified": "2018-06-07T08:59:36", "published": "2013-03-13T04:00:00", "id": "RHSA-2013:0636", "href": "https://access.redhat.com/errata/RHSA-2013:0636", "type": "redhat", "title": "(RHSA-2013:0636) Important: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "description": "Buffer overflow in e1000 emulator", "modified": "2013-01-21T00:00:00", "published": "2013-01-21T00:00:00", "id": "SECURITYVULNS:VULN:12837", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12837", "title": "qemu buffer overflow", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2608-1 security@debian.org\r\nhttp://www.debian.org/security/ Florian Weimer\r\nJanuary 15, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : qemu\r\nVulnerability : buffer overflow\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2012-6075\r\nDebian Bug : 696051\r\n\r\nIt was discovered that the e1000 emulation code in QEMU does not\r\nenforce frame size limits in the same way as the real hardware does.\r\nThis could trigger buffer overflows in the guest operating system\r\ndriver for that network card, assuming that the host system does not\r\ndiscard such frames &#40;which it will by default&#41;.\r\n\r\nFor the stable distribution &#40;squeeze&#41;, this problem has been fixed in\r\nversion 0.12.5+dfsg-3squeeze3.\r\n\r\nFor the unstable distribution &#40;sid&#41;, this problem has been fixed in\r\nversion 1.1.2+dfsg-4.\r\n\r\nWe recommend that you upgrade your qemu packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 &#40;GNU/Linux&#41;\r\n\r\niQEcBAEBAgAGBQJQ9b9sAAoJEL97/wQC1SS+ZuoH/3CtnIXPv5KJmimauvHjk0/7\r\n5Sg5VMwv5GDAIVOX4qcB4XFfK2KsLpLEULhdZj8swQQLEYVmfHtS4kUZWGYUYde5\r\nChCEJRD7O7wAi2CZTPuIFj895BqKebbSticeHZosxyfhKLnaaA18/0c1hHT8WqKp\r\n8yYxEHzWy9O5AO8phHqsuOI5vNlde6h4UlRotB6+OfyXd6oSfkITa7qOLdS8FPEW\r\npf+xJW1aQa4ttWkX6POnH04r6UDnT8tQyUtjHU7mYK+ATnpl1W9EHoUkSEMjILqN\r\nswqeua1YT4zW2jswijqJ4F/PVu3P8cb1bSSprWbDE+EVe7w7RXqkwBAJ3vtQ8Qo=\r\n=6z+u\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-01-21T00:00:00", "published": "2013-01-21T00:00:00", "id": "SECURITYVULNS:DOC:28966", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28966", "title": "[SECURITY] [DSA 2608-1] qemu security update", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2020-01-01T01:13:59", "bulletinFamily": "scanner", "description": "Updated qemu-kvm packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space\ncomponent for running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of qemu-kvm should upgrade to these updated packages, which\ncontain backported patches to correct this issue. After installing\nthis update, shut down all running virtual machines. Once all virtual\nmachines have shut down, start them again for this update to take\neffect.", "modified": "2020-01-02T00:00:00", "id": "REDHAT-RHSA-2013-0609.NASL", "href": "https://www.tenable.com/plugins/nessus/65083", "published": "2013-03-08T00:00:00", "title": "RHEL 6 : qemu-kvm (RHSA-2013:0609)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0609. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65083);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/24 15:35:36\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"RHSA\", value:\"2013:0609\");\n\n script_name(english:\"RHEL 6 : qemu-kvm (RHSA-2013:0609)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated qemu-kvm packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space\ncomponent for running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of qemu-kvm should upgrade to these updated packages, which\ncontain backported patches to correct this issue. After installing\nthis update, shut down all running virtual machines. Once all virtual\nmachines have shut down, start them again for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6075\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent-win32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0609\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"qemu-guest-agent-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-guest-agent-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-img-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-kvm-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-guest-agent / qemu-guest-agent-win32 / qemu-img / qemu-kvm / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T01:37:40", "bulletinFamily": "scanner", "description": "A flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAfter installing this update, shut down all running virtual machines.\nOnce all virtual machines have shut down, start them again for this\nupdate to take effect.", "modified": "2020-01-02T00:00:00", "id": "SL_20130307_QEMU_KVM_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/65092", "published": "2013-03-08T00:00:00", "title": "Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65092);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/12/31 11:35:01\");\n\n script_cve_id(\"CVE-2012-6075\");\n\n script_name(english:\"Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAfter installing this update, shut down all running virtual machines.\nOnce all virtual machines have shut down, start them again for this\nupdate to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=3090\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?815bbbce\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"qemu-guest-agent-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"qemu-img-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"qemu-kvm-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"seabios-0.6.1.2-26.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"spice-glib-0.14-7.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"spice-glib-devel-0.14-7.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"spice-gtk-0.14-7.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"spice-gtk-devel-0.14-7.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"spice-gtk-python-0.14-7.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"spice-gtk-tools-0.14-7.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"spice-protocol-0.12.2-1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"spice-server-0.12.0-12.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"spice-server-devel-0.12.0-12.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"spice-vdagent-0.12.0-4.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"spice-xpi-2.7-22.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"usbredir-0.5.1-1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"usbredir-devel-0.5.1-1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"usbredir-server-0.5.1-1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"virt-viewer-0.5.2-18.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T01:13:59", "bulletinFamily": "scanner", "description": "Updated qemu-kvm-rhev packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages\nform the user-space component for running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of qemu-kvm-rhev are advised to upgrade to these updated\npackages, which correct this issue. After installing this update, shut\ndown all running virtual machines. Once all virtual machines have shut\ndown, start them again for this update to take effect.", "modified": "2020-01-02T00:00:00", "id": "REDHAT-RHSA-2013-0610.NASL", "href": "https://www.tenable.com/plugins/nessus/78951", "published": "2014-11-08T00:00:00", "title": "RHEL 6 : qemu-kvm-rhev (RHSA-2013:0610)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0610. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78951);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/10/24 15:35:36\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_xref(name:\"RHSA\", value:\"2013:0610\");\n\n script_name(english:\"RHEL 6 : qemu-kvm-rhev (RHSA-2013:0610)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated qemu-kvm-rhev packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages\nform the user-space component for running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of qemu-kvm-rhev are advised to upgrade to these updated\npackages, which correct this issue. After installing this update, shut\ndown all running virtual machines. Once all virtual machines have shut\ndown, start them again for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6075\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0610\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-img-rhev-0.12.1.2-2.355.el6_4.2\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-kvm-rhev-0.12.1.2-2.355.el6_4.2\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-kvm-rhev-debuginfo-0.12.1.2-2.355.el6_4.2\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-kvm-rhev-tools-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-img-rhev / qemu-kvm-rhev / qemu-kvm-rhev-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T06:52:01", "bulletinFamily": "scanner", "description": "A buffer overflow was found in the e1000 emulation, which could be\ntriggered when processing jumbo frames.", "modified": "2020-01-02T00:00:00", "id": "DEBIAN_DSA-2619.NASL", "href": "https://www.tenable.com/plugins/nessus/64553", "published": "2013-02-11T00:00:00", "title": "Debian DSA-2619-1 : xen-qemu-dm-4.0 - buffer overflow", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2619. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64553);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:35\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"DSA\", value:\"2619\");\n\n script_name(english:\"Debian DSA-2619-1 : xen-qemu-dm-4.0 - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow was found in the e1000 emulation, which could be\ntriggered when processing jumbo frames.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/xen-qemu-dm-4.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2619\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the xen-qemu-dm-4.0 packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 4.0.1-2+squeeze3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-qemu-dm-4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"xen-qemu-dm-4.0\", reference:\"4.0.1-2+squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T06:52:00", "bulletinFamily": "scanner", "description": "It was discovered that the e1000 emulation code in QEMU does not\nenforce frame size limits in the same way as the real hardware does.\nThis could trigger buffer overflows in the guest operating system\ndriver for that network card, assuming that the host system does not\ndiscard such frames (which it will by default).", "modified": "2020-01-02T00:00:00", "id": "DEBIAN_DSA-2607.NASL", "href": "https://www.tenable.com/plugins/nessus/63556", "published": "2013-01-16T00:00:00", "title": "Debian DSA-2607-1 : qemu-kvm - buffer overflow", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2607. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63556);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:35\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_xref(name:\"DSA\", value:\"2607\");\n\n script_name(english:\"Debian DSA-2607-1 : qemu-kvm - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the e1000 emulation code in QEMU does not\nenforce frame size limits in the same way as the real hardware does.\nThis could trigger buffer overflows in the guest operating system\ndriver for that network card, assuming that the host system does not\ndiscard such frames (which it will by default).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/qemu-kvm\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2607\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the qemu-kvm packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.12.5+dfsg-5+squeeze10.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"kvm\", reference:\"0.12.5+dfsg-5+squeeze10\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"qemu-kvm\", reference:\"0.12.5+dfsg-5+squeeze10\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"qemu-kvm-dbg\", reference:\"0.12.5+dfsg-5+squeeze10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-07T06:56:46", "bulletinFamily": "scanner", "description": "Updated xen packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat\nEnterprise Linux.\n\nA flaw was found in the way QEMU emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and\na fully-virtualized guest using the e1000 emulated driver was not. A\nremote attacker could use this flaw to crash the guest or,\npotentially, execute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of xen are advised to upgrade to these updated packages,\nwhich correct this issue. After installing the updated packages, all\nrunning fully-virtualized guests must be restarted for this update to\ntake effect.", "modified": "2020-01-02T00:00:00", "id": "CENTOS_RHSA-2013-0599.NASL", "href": "https://www.tenable.com/plugins/nessus/65063", "published": "2013-03-07T00:00:00", "title": "CentOS 5 : xen (CESA-2013:0599)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0599 and \n# CentOS Errata and Security Advisory 2013:0599 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65063);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"RHSA\", value:\"2013:0599\");\n\n script_name(english:\"CentOS 5 : xen (CESA-2013:0599)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated xen packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat\nEnterprise Linux.\n\nA flaw was found in the way QEMU emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and\na fully-virtualized guest using the e1000 emulated driver was not. A\nremote attacker could use this flaw to crash the guest or,\npotentially, execute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of xen are advised to upgrade to these updated packages,\nwhich correct this issue. After installing the updated packages, all\nrunning fully-virtualized guests must be restarted for this update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019266.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f6342646\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-6075\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"xen-3.0.3-142.el5_9.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xen-devel-3.0.3-142.el5_9.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xen-libs-3.0.3-142.el5_9.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-devel / xen-libs\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-07T06:56:46", "bulletinFamily": "scanner", "description": "Updated qemu-kvm packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space\ncomponent for running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of qemu-kvm should upgrade to these updated packages, which\ncontain backported patches to correct this issue. After installing\nthis update, shut down all running virtual machines. Once all virtual\nmachines have shut down, start them again for this update to take\neffect.", "modified": "2020-01-02T00:00:00", "id": "CENTOS_RHSA-2013-0609.NASL", "href": "https://www.tenable.com/plugins/nessus/65165", "published": "2013-03-10T00:00:00", "title": "CentOS 6 : qemu-kvm (CESA-2013:0609)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0609 and \n# CentOS Errata and Security Advisory 2013:0609 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65165);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"RHSA\", value:\"2013:0609\");\n\n script_name(english:\"CentOS 6 : qemu-kvm (CESA-2013:0609)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated qemu-kvm packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space\ncomponent for running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nAll users of qemu-kvm should upgrade to these updated packages, which\ncontain backported patches to correct this issue. After installing\nthis update, shut down all running virtual machines. Once all virtual\nmachines have shut down, start them again for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019632.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?10b0cfac\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected qemu-kvm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-6075\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-guest-agent-win32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"qemu-guest-agent-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", cpu:\"x86_64\", reference:\"qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", cpu:\"x86_64\", reference:\"qemu-img-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", cpu:\"x86_64\", reference:\"qemu-kvm-0.12.1.2-2.355.el6_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-0.12.1.2-2.355.el6_4.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-guest-agent / qemu-guest-agent-win32 / qemu-img / qemu-kvm / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T01:37:40", "bulletinFamily": "scanner", "description": "A flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nNote that the procedure in the Solution section must be performed\nbefore this update will take effect.", "modified": "2020-01-02T00:00:00", "id": "SL_20130307_KVM_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/65091", "published": "2013-03-08T00:00:00", "title": "Scientific Linux Security Update : kvm on SL5.x x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65091);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/12/31 11:35:01\");\n\n script_cve_id(\"CVE-2012-6075\");\n\n script_name(english:\"Scientific Linux Security Update : kvm on SL5.x x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way QEMU-KVM emulated the e1000 network\ninterface card when the host was configured to accept jumbo network\nframes, and a guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially,\nexecute arbitrary code with root privileges in the guest.\n(CVE-2012-6075)\n\nNote that the procedure in the Solution section must be performed\nbefore this update will take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=3218\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5cc97b48\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kmod-kvm-83-262.el5_9.1\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kmod-kvm-debug-83-262.el5_9.1\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kvm-83-262.el5_9.1\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kvm-debuginfo-83-262.el5_9.1\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kvm-qemu-img-83-262.el5_9.1\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kvm-tools-83-262.el5_9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T07:07:05", "bulletinFamily": "scanner", "description": " - CVE-2012-6075: Buffer overflow in e1000 nic (bz #889301,\n bz #889304)\n\n - Use systemd spec macros (bz #850285)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-01-02T00:00:00", "id": "FEDORA_2013-0965.NASL", "href": "https://www.tenable.com/plugins/nessus/64255", "published": "2013-01-28T00:00:00", "title": "Fedora 18 : qemu-1.2.2-2.fc18 (2013-0965)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-0965.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64255);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2015/10/19 21:02:56 $\");\n\n script_cve_id(\"CVE-2012-6075\");\n script_bugtraq_id(57420);\n script_xref(name:\"FEDORA\", value:\"2013-0965\");\n\n script_name(english:\"Fedora 18 : qemu-1.2.2-2.fc18 (2013-0965)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2012-6075: Buffer overflow in e1000 nic (bz #889301,\n bz #889304)\n\n - Use systemd spec macros (bz #850285)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=889301\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-January/097575.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b89b940e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qemu package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"qemu-1.2.2-2.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T07:07:06", "bulletinFamily": "scanner", "description": "Buffer overflow when processing large packets in qemu e1000 device\ndriver [XSA-41, CVE-2012-6075], fix a bug introduced by fix for XSA-27\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-01-02T00:00:00", "id": "FEDORA_2013-1269.NASL", "href": "https://www.tenable.com/plugins/nessus/64407", "published": "2013-02-04T00:00:00", "title": "Fedora 17 : xen-4.1.4-3.fc17 (2013-1269)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-1269.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64407);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2015/10/19 21:02:57 $\");\n\n script_xref(name:\"FEDORA\", value:\"2013-1269\");\n\n script_name(english:\"Fedora 17 : xen-4.1.4-3.fc17 (2013-1269)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Buffer overflow when processing large packets in qemu e1000 device\ndriver [XSA-41, CVE-2012-6075], fix a bug introduced by fix for XSA-27\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/098078.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?69fb6055\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen package.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"xen-4.1.4-3.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:24:52", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2013:0609\n\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component\nfor running virtual machines using KVM.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nAll users of qemu-kvm should upgrade to these updated packages, which\ncontain backported patches to correct this issue. After installing this\nupdate, shut down all running virtual machines. Once all virtual machines\nhave shut down, start them again for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031670.html\n\n**Affected packages:**\nqemu-guest-agent\nqemu-guest-agent-win32\nqemu-img\nqemu-kvm\nqemu-kvm-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0609.html", "modified": "2013-03-09T00:45:27", "published": "2013-03-09T00:45:27", "href": "http://lists.centos.org/pipermail/centos-announce/2013-March/031670.html", "id": "CESA-2013:0609", "title": "qemu security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:39", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2013:0608\n\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for\nthe standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nAll users of kvm are advised to upgrade to these updated packages, which\ncontain backported patches to correct this issue. Note that the procedure\nin the Solution section must be performed before this update will take\neffect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031308.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031310.html\n\n**Affected packages:**\nkmod-kvm\nkmod-kvm-debug\nkvm\nkvm-qemu-img\nkvm-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0608.html", "modified": "2013-03-08T16:42:53", "published": "2013-03-08T00:28:36", "href": "http://lists.centos.org/pipermail/centos-announce/2013-March/031308.html", "id": "CESA-2013:0608", "title": "kmod, kvm security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:28:50", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2013:0599\n\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat Enterprise\nLinux.\n\nA flaw was found in the way QEMU emulated the e1000 network interface card\nwhen the host was configured to accept jumbo network frames, and a\nfully-virtualized guest using the e1000 emulated driver was not. A remote\nattacker could use this flaw to crash the guest or, potentially, execute\narbitrary code with root privileges in the guest. (CVE-2012-6075)\n\nAll users of xen are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the updated packages, all running\nfully-virtualized guests must be restarted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031304.html\n\n**Affected packages:**\nxen\nxen-devel\nxen-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0599.html", "modified": "2013-03-06T19:54:46", "published": "2013-03-06T19:54:46", "href": "http://lists.centos.org/pipermail/centos-announce/2013-March/031304.html", "id": "CESA-2013:0599", "title": "xen security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "xen": [{"lastseen": "2016-04-01T21:57:13", "bulletinFamily": "software", "description": "#### SUMMARY AND SOURCES OF INFORMATION\nAn issue in qemu has been disclosed which we believe affects some users of Xen.\nThe Qemu project has not itself issued an advisory. More information may be available in the advisories published by the distros:\n<a href=\"https://bugzilla.redhat.com/show_bug.cgi?id=889301\">https://bugzilla.redhat.com/show_bug.cgi?id=889301</a> <a href=\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696051\">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696051</a>\n#### CAVEAT\nFor full and accurate information please refer to those advisories. We have not conducted a full review of the information and patches provided.\nThe rest of the information in this advisory is true to the best of our knowledge at the time of writing.\n#### IMPACT\nThe vulnerability impacts any host running HVM (Fully-Emulated) guests which are configured with an e1000 NIC (using &quot;model=e1000&quot;) in their VIF configuration. Note that the default emulated NIC is &quot;rtl8139&quot; which is not vulnerable.\nIn a vulnerable configuration a hostile network packet may be able to corrupt the memory of the guest, leading to a guest DoS or remote privilege escalation.\nWe do not believe that this issue enables an attack against the host.\n", "modified": "2013-01-17T12:17:00", "published": "2013-01-16T14:50:00", "id": "XSA-41", "href": "http://xenbits.xen.org/xsa/advisory-41.html", "type": "xen", "title": "qemu (e1000 device driver): Buffer overflow when processing large packets", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2019-05-29T17:21:39", "bulletinFamily": "unix", "description": "It was discovered that QEMU incorrectly handled certain e1000 packet sizes. In certain environments, an attacker may use this flaw in combination with large packets to cause a denial of service or execute arbitrary code in the guest.", "modified": "2013-01-16T00:00:00", "published": "2013-01-16T00:00:00", "id": "USN-1692-1", "href": "https://usn.ubuntu.com/1692-1/", "title": "QEMU vulnerability", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}