Lucene search
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2021-1829-1.NASLHistoryJun 03, 2021 - 12:00 a.m.
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1829-1)
2021-06-0300:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
29
6.7 Medium
AI Score
Confidence
Low
This update for qemu fixes the following issues :
Fix OOB access during mmio operations (CVE-2020-13754, bsc#1172382)
Fix sPAPR emulator leaks the host hardware identity (CVE-2019-8934, bsc#1126455)
Fix out-of-bounds read information disclosure in icmp6_send_echoreply (CVE-2020-10756, bsc#1172380)
Fix out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221, bsc#1181933)
For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues:
(CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534, CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477, CVE-2021-20257, bsc#1182846, CVE-2021-3419, bsc#1182975, bsc#1031692, bsc#1094725)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2021:1829-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(150203);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/27");
script_cve_id(
"CVE-2019-8934",
"CVE-2019-15890",
"CVE-2020-8608",
"CVE-2020-10756",
"CVE-2020-13754",
"CVE-2020-14364",
"CVE-2020-25723",
"CVE-2020-29130",
"CVE-2021-3419",
"CVE-2021-20221",
"CVE-2021-20257"
);
script_name(english:"SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1829-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"This update for qemu fixes the following issues :
Fix OOB access during mmio operations (CVE-2020-13754, bsc#1172382)
Fix sPAPR emulator leaks the host hardware identity (CVE-2019-8934,
bsc#1126455)
Fix out-of-bounds read information disclosure in icmp6_send_echoreply
(CVE-2020-10756, bsc#1172380)
Fix out-of-bound heap buffer access via an interrupt ID field
(CVE-2021-20221, bsc#1181933)
For the record, these issues are fixed in this package already. Most
are alternate references to previously mentioned issues:
(CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019,
CVE-2020-14364, bsc#1175534, CVE-2020-25723, bsc#1178935,
CVE-2020-29130, bsc#1179477, CVE-2021-20257, bsc#1182846,
CVE-2021-3419, bsc#1182975, bsc#1031692, bsc#1094725)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1031692");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1094725");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1126455");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1149813");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163019");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1172380");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1172382");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1175534");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1178935");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1179477");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1181933");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1182846");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1182975");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-15890/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-8934/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-10756/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-13754/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-14364/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-25723/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-29130/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8608/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-20221/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-20257/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3419/");
# https://www.suse.com/support/update/announcement/2021/suse-su-20211829-1
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c8ac9c53");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12-SP2-BCL :
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-1829=1");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8608");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-13754");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
script_set_attribute(attribute:"patch_publication_date", value:"2021/06/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/06/03");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-curl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-rbd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-ssh");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-guest-agent");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-lang");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-x86");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-block-curl-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-block-curl-debuginfo-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-block-rbd-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-block-rbd-debuginfo-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-block-ssh-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-block-ssh-debuginfo-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-debugsource-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-guest-agent-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-guest-agent-debuginfo-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-kvm-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-lang-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-tools-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-tools-debuginfo-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-x86-2.6.2-41.65.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"qemu-x86-debuginfo-2.6.2-41.65.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | qemu | p-cpe:/a:novell:suse_linux:qemu |
| novell | suse_linux | qemu-block-curl | p-cpe:/a:novell:suse_linux:qemu-block-curl |
| novell | suse_linux | qemu-block-curl-debuginfo | p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo |
| novell | suse_linux | qemu-block-rbd | p-cpe:/a:novell:suse_linux:qemu-block-rbd |
| novell | suse_linux | qemu-block-rbd-debuginfo | p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo |
| novell | suse_linux | qemu-block-ssh | p-cpe:/a:novell:suse_linux:qemu-block-ssh |
| novell | suse_linux | qemu-block-ssh-debuginfo | p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo |
| novell | suse_linux | qemu-debugsource | p-cpe:/a:novell:suse_linux:qemu-debugsource |
| novell | suse_linux | qemu-tools-debuginfo | p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo |
| novell | suse_linux | qemu-x86 | p-cpe:/a:novell:suse_linux:qemu-x86 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8934
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25723
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29130
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8608
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20221
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20257
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3419
www.nessus.org/u?c8ac9c53
bugzilla.suse.com/show_bug.cgi?id=1031692
bugzilla.suse.com/show_bug.cgi?id=1094725
bugzilla.suse.com/show_bug.cgi?id=1126455
bugzilla.suse.com/show_bug.cgi?id=1149813
bugzilla.suse.com/show_bug.cgi?id=1163019
bugzilla.suse.com/show_bug.cgi?id=1172380
bugzilla.suse.com/show_bug.cgi?id=1172382
bugzilla.suse.com/show_bug.cgi?id=1175534
bugzilla.suse.com/show_bug.cgi?id=1178935
bugzilla.suse.com/show_bug.cgi?id=1179477
bugzilla.suse.com/show_bug.cgi?id=1181933
bugzilla.suse.com/show_bug.cgi?id=1182846
bugzilla.suse.com/show_bug.cgi?id=1182975
www.suse.com/security/cve/CVE-2019-15890/
www.suse.com/security/cve/CVE-2019-8934/
www.suse.com/security/cve/CVE-2020-10756/
www.suse.com/security/cve/CVE-2020-13754/
www.suse.com/security/cve/CVE-2020-14364/
www.suse.com/security/cve/CVE-2020-25723/
www.suse.com/security/cve/CVE-2020-29130/
www.suse.com/security/cve/CVE-2020-8608/
www.suse.com/security/cve/CVE-2021-20221/
www.suse.com/security/cve/CVE-2021-20257/
www.suse.com/security/cve/CVE-2021-3419/
Related
nessus
nessus
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1894-1)
2021-06-09 00:00:00
SUSE SLES15 Security Update : qemu (SUSE-SU-2021:1895-1)
2021-06-09 00:00:00
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1947-1)
2021-06-12 00:00:00
suse
suse
Security update for qemu (moderate)
2021-07-14 00:00:00
Security update for qemu (important)
2021-07-11 00:00:00
Security update for slirp4netns (moderate)
2022-03-24 00:00:00
redhat
redhat
(RHSA-2021:2521) Moderate: virt:8.2 and virt-devel:8.2 security update
2021-06-22 13:35:00
(RHSA-2020:4059) Important: virt:rhel security update
2020-09-29 08:09:34
(RHSA-2020:0889) Important: slirp4netns security update
2020-03-17 17:40:28
amazon
amazon
Medium: qemu
2020-12-08 21:30:00
Medium: qemu-kvm
2020-12-16 20:31:00
Medium: qemu-kvm
2021-01-12 22:51:00
osv
osv
Important: virt:rhel security update
2020-09-29 08:09:34
Important: virt:rhel security update
2020-09-29 08:09:34
CVE-2021-20221
2021-05-13 16:15:00
almalinux
almalinux
Important: virt:rhel security update
2020-09-29 08:09:34
Moderate: virt:rhel and virt-devel:rhel security and bug fix update
2021-08-10 11:58:46
rocky
rocky
virt:rhel security update
2020-09-29 08:09:34
virt:rhel and virt-devel:rhel security and bug fix update
2021-08-10 11:58:46
oraclelinux
oraclelinux
virt:ol security update
2020-10-01 00:00:00
qemu-kvm security update
2020-09-30 00:00:00
virt:ol and virt-devel:rhel security and bug fix update
2021-08-12 00:00:00
debian
debian
[SECURITY] [DSA 4733-1] qemu security update
2020-07-24 09:14:40
[SECURITY] [DSA 4728-1] qemu security update
2020-07-19 18:01:06
prion
prion
Authentication flaw
2020-12-02 01:15:00
Out-of-bounds
2020-06-02 14:15:00
Design/Logic Flaw
2019-09-06 17:15:00
veracode
veracode
Denial Of Service (DoS)
2020-12-06 02:21:56
Use-after-free
2020-09-21 06:39:39
Arbitrary Code Execution
2021-02-15 01:20:37
cbl_mariner
cbl_mariner
CVE-2021-20257 affecting package qemu-kvm 4.2.0-38
2022-05-26 19:04:44
CVE-2021-20221 affecting package qemu-kvm 4.2.0-48
2021-07-08 21:56:54
CVE-2020-25723 affecting package qemu-kvm 4.2.0-48
2020-12-16 04:52:06
debiancve
debiancve
cve
cve
attackerkb
attackerkb
CVE-2021-20257
2020-12-17 00:00:00
ubuntucve
ubuntucve
alpinelinux
alpinelinux
redhatcve
redhatcve
zdi
zdi
openvas
openvas
Debian: Security Advisory for qemu (DSA-4728-1)
2020-07-21 00:00:00
archlinux
archlinux
[ASA-202012-26] qemu: multiple issues
2020-12-16 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: libslirp-4.3.1-1.fc32
2020-07-15 01:20:08
[SECURITY] Fedora 31 Update: xen-4.12.3-4.fc31
2020-09-10 17:34:33
ubuntu
ubuntu
QEMU regression
2021-02-22 00:00:00
QEMU vulnerability
2020-09-17 00:00:00
libslirp vulnerability
2020-07-27 00:00:00
f5
f5
K75952001 : QEMU vulnerability CVE-2019-15890
2021-01-05 00:00:00
K09081535 : QEMU vulnerability CVE-2020-14364
2020-12-15 00:00:00
ibm
ibm
centos
centos
qemu security update
2020-11-09 13:15:26
gentoo
gentoo
Xen: Buffer overflow
2020-09-29 00:00:00