Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2017-0987.NASL
HistoryApr 19, 2017 - 12:00 a.m.

RHEL 7 : qemu-kvm (RHSA-2017:0987)

2017-04-1900:00:00
This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.

Security Fix(es) :

  • A heap buffer overflow flaw was found in QEMU’s Cirrus CLGD 54xx VGA emulator’s VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
    (CVE-2016-9603)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2017:0987. The text 
# itself is copyright (C) Red Hat, Inc.
#

include("compat.inc");

if (description)
{
  script_id(99454);
  script_version("3.12");
  script_cvs_date("Date: 2019/10/24 15:35:42");

  script_cve_id("CVE-2016-9603");
  script_xref(name:"RHSA", value:"2017:0987");

  script_name(english:"RHEL 7 : qemu-kvm (RHSA-2017:0987)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An update for qemu-kvm is now available for Red Hat Enterprise Linux
7.

Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

Kernel-based Virtual Machine (KVM) is a full virtualization solution
for Linux on a variety of architectures. The qemu-kvm packages provide
the user-space component for running virtual machines that use KVM.

Security Fix(es) :

* A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA
emulator's VNC display driver support; the issue could occur when a
VNC client attempted to update its display after a VGA operation is
performed by a guest. A privileged user/process inside a guest could
use this flaw to crash the QEMU process or, potentially, execute
arbitrary code on the host with privileges of the QEMU process.
(CVE-2016-9603)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2017:0987"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2016-9603"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-img");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/04/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/04/19");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2017:0987";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-img-1.5.3-126.el7_3.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-kvm-1.5.3-126.el7_3.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-kvm-common-1.5.3-126.el7_3.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-kvm-debuginfo-1.5.3-126.el7_3.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-kvm-tools-1.5.3-126.el7_3.6")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu-img / qemu-kvm / qemu-kvm-common / qemu-kvm-debuginfo / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxqemu-imgp-cpe:/a:redhat:enterprise_linux:qemu-img
redhatenterprise_linuxqemu-kvmp-cpe:/a:redhat:enterprise_linux:qemu-kvm
redhatenterprise_linuxqemu-kvm-commonp-cpe:/a:redhat:enterprise_linux:qemu-kvm-common
redhatenterprise_linuxqemu-kvm-debuginfop-cpe:/a:redhat:enterprise_linux:qemu-kvm-debuginfo
redhatenterprise_linuxqemu-kvm-toolsp-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools
redhatenterprise_linux7cpe:/o:redhat:enterprise_linux:7
redhatenterprise_linux7.3cpe:/o:redhat:enterprise_linux:7.3
redhatenterprise_linux7.4cpe:/o:redhat:enterprise_linux:7.4
redhatenterprise_linux7.5cpe:/o:redhat:enterprise_linux:7.5
redhatenterprise_linux7.6cpe:/o:redhat:enterprise_linux:7.6
Rows per page:
1-10 of 111

Related

openvas 18
citrix 1
nessus 48
redhat 11
centos 2
osv 5
prion 1
ubuntucve 1
cve 1
freebsd 1
xen 1
oraclelinux 4
redhatcve 1
debiancve 1
veracode 1
fedora 2
suse 15
debian 4
ibm 1
ubuntu 2
gentoo 1
openvas
openvas
RedHat Update for qemu-kvm RHSA-2017:0987-01
2017-04-19 00:00:00
Citrix XenServer Security Update for CVE-2016-9603 (CTX221578)
2017-03-16 00:00:00
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2017-1079)
2020-01-23 00:00:00
citrix
citrix
CVE-2016-9603 - Citrix XenServer Security Update
2017-03-14 04:00:00
nessus
nessus
Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20170418)
2017-04-19 00:00:00
EulerOS 2.0 SP1 : qemu-kvm (EulerOS-SA-2017-1079)
2017-05-03 00:00:00
Oracle Linux 7 : qemu-kvm (ELSA-2017-0987)
2017-04-19 00:00:00
redhat
redhat
(RHSA-2017:0987) Important: qemu-kvm security update
2017-04-18 11:21:41
(RHSA-2017:0985) Important: qemu-kvm-rhev security, bug fix, and enhancement update
2017-04-18 05:46:07
(RHSA-2017:0984) Important: qemu-kvm-rhev security update
2017-04-18 04:31:59
centos
centos
qemu security update
2017-04-19 16:57:39
qemu security update
2017-05-09 16:59:13
osv
osv
CVE-2016-9603
2018-07-27 21:29:00
qemu-kvm - security update
2017-05-11 00:00:00
xen - security update
2018-02-06 00:00:00
prion
prion
Heap overflow
2018-07-27 21:29:00
ubuntucve
ubuntucve
CVE-2016-9603
2016-12-31 00:00:00
cve
cve
CVE-2016-9603
2018-07-27 21:29:00
freebsd
freebsd
xen-tools -- Cirrus VGA Heap overflow via display refresh
2017-03-14 00:00:00
xen
xen
Cirrus VGA Heap overflow via display refresh
2017-03-14 11:58:00
oraclelinux
oraclelinux
qemu-kvm security update
2017-04-18 00:00:00
qemu-kvm security update
2017-05-09 00:00:00
qemu-kvm security, bug fix, and enhancement update
2017-08-07 00:00:00
redhatcve
redhatcve
CVE-2016-9603
2021-03-20 20:36:40
debiancve
debiancve
CVE-2016-9603
2018-07-27 21:29:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:16:24
fedora
fedora
[SECURITY] Fedora 25 Update: xen-4.7.2-2.fc25
2017-03-21 03:23:43
[SECURITY] Fedora 25 Update: qemu-2.7.1-7.fc25
2017-07-25 21:29:02
suse
suse
Security update for xen (important)
2017-05-02 18:10:15
Security update for xen (important)
2017-05-09 15:08:45
Security update for xen (important)
2017-05-02 18:11:58
debian
debian
[SECURITY] [DLA 939-1] qemu-kvm security update
2017-05-11 10:00:48
[SECURITY] [DLA 1270-1] xen security update
2018-02-06 12:35:00
[SECURITY] [DLA 1035-1] qemu security update
2017-07-21 15:17:41
ibm
ibm
Security Bulletin: Multiple vulnerabilities in qemu-kvm and libguestfs affect SmartCloud Entry (CVE-2016-9603 CVE-2017-2633 CVE-2017-7718 CVE-2017-7980 CVE-2015-8869)
2020-07-19 00:49:12
ubuntu
ubuntu
QEMU vulnerabilities
2017-04-25 00:00:00
QEMU vulnerabilities
2017-04-20 00:00:00
gentoo
gentoo
QEMU: Multiple vulnerabilities
2017-06-06 00:00:00
JSON
Related for REDHAT-RHSA-2017-0987.NASL
openvas18citrix1nessus48redhat11centos2osv5prion1ubuntucve1cve1freebsd1xen1oraclelinux4redhatcve1debiancve1veracode1fedora2suse15debian4ibm1ubuntu2gentoo1