Lucene search
Copyright (C) 2022 Greenbone AGOPENVAS:1361412562310845258HistoryMar 01, 2022 - 12:00 a.m.
Ubuntu: Security Advisory (USN-5307-1)
2022-03-0100:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
1
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
70.9%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.845258");
script_cve_id("CVE-2021-20196", "CVE-2021-20203", "CVE-2021-3544", "CVE-2021-3545", "CVE-2021-3546", "CVE-2021-3682", "CVE-2021-3713", "CVE-2021-3748", "CVE-2021-3930", "CVE-2021-4158", "CVE-2022-0358");
script_tag(name:"creation_date", value:"2022-03-01 02:00:19 +0000 (Tue, 01 Mar 2022)");
script_version("2024-02-02T05:06:10+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:10 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"6.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-01-03 15:16:38 +0000 (Tue, 03 Jan 2023)");
script_name("Ubuntu: Security Advisory (USN-5307-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(18\.04\ LTS|20\.04\ LTS|21\.10)");
script_xref(name:"Advisory-ID", value:"USN-5307-1");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-5307-1");
script_tag(name:"summary", value:"The remote host is missing an update for the 'qemu' package(s) announced via the USN-5307-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Gaoning Pan discovered that QEMU incorrectly handled the floppy disk
emulator. An attacker inside the guest could use this issue to cause QEMU
to crash, resulting in a denial of service. (CVE-2021-20196)
Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly
handled certain values. An attacker inside the guest could use this issue
to cause QEMU to crash, resulting in a denial of service. (CVE-2021-20203)
It was discovered that the QEMU vhost-user GPU device contained several
security issues. An attacker inside the guest could use these issues to
cause QEMU to crash, resulting in a denial of service, leak sensitive
information, or possibly execute arbitrary code. This issue only affected
Ubuntu 21.10. (CVE-2021-3544, CVE-2021-3545, CVE-2021-3546)
It was discovered that QEMU incorrectly handled bulk transfers from SPICE
clients. A remote attacker could use this issue to cause QEMU to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2021-3682)
It was discovered that the QEMU UAS device emulation incorrectly handled
certain stream numbers. An attacker inside the guest could use this issue
to cause QEMU to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 21.10.
(CVE-2021-3713)
It was discovered that the QEMU virtio-net device incorrectly handled
certain buffer addresses. An attacker inside the guest could use this issue
to cause QEMU to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-3748)
It was discovered that the QEMU SCSI device emulation incorrectly handled
certain MODE SELECT commands. An attacker inside the guest could possibly
use this issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2021-3930)
It was discovered that the QEMU ACPI logic incorrectly handled certain
values. An attacker inside the guest could possibly use this issue to cause
QEMU to crash, resulting in a denial of service. This issue only affected
Ubuntu 21.10. (CVE-2021-4158)
Jietao Xiao, Jinku Li, Wenbo Shen, and Nanzi Yang discovered that the QEMU
virtiofsd device incorrectly handled permissions when creating files. An
attacker inside the guest could use this issue to create files inside the
directory shared by virtiofs with unintended permissions, possibly allowing
privilege escalation. This issue only affected Ubuntu 21.10.
(CVE-2022-0358)");
script_tag(name:"affected", value:"'qemu' package(s) on Ubuntu 18.04, Ubuntu 20.04, Ubuntu 21.10.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU18.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"qemu-system", ver:"1:2.11+dfsg-1ubuntu7.39", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-arm", ver:"1:2.11+dfsg-1ubuntu7.39", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-mips", ver:"1:2.11+dfsg-1ubuntu7.39", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-misc", ver:"1:2.11+dfsg-1ubuntu7.39", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-ppc", ver:"1:2.11+dfsg-1ubuntu7.39", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-s390x", ver:"1:2.11+dfsg-1ubuntu7.39", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-sparc", ver:"1:2.11+dfsg-1ubuntu7.39", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-x86", ver:"1:2.11+dfsg-1ubuntu7.39", rls:"UBUNTU18.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU20.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"qemu-system", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-arm", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-mips", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-misc", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-ppc", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-s390x", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-sparc", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-x86", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-x86-microvm", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-x86-xen", ver:"1:4.2-3ubuntu6.21", rls:"UBUNTU20.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU21.10") {
if(!isnull(res = isdpkgvuln(pkg:"qemu-system", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-arm", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-mips", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-misc", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-ppc", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-s390x", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-sparc", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-x86", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-x86-microvm", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"qemu-system-x86-xen", ver:"1:6.0+dfsg-2expubuntu1.2", rls:"UBUNTU21.10"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-5307-1)
2022-02-28 00:00:00
Debian DSA-4980-1 : qemu - security update
2021-10-04 00:00:00
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2021:2213-1)
2021-07-01 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2022-02-28 00:00:00
QEMU vulnerabilities
2022-12-12 00:00:00
osv
osv
qemu vulnerabilities
2022-02-28 13:03:07
qemu - security update
2021-10-03 00:00:00
qemu - security update
2022-04-04 00:00:00
debian
debian
[SECURITY] [DSA 4980-1] qemu security update
2021-10-03 18:26:45
[SECURITY] [DLA 2970-1] qemu security update
2022-04-04 13:21:47
[SECURITY] [DLA 2753-1] qemu security update
2021-09-02 18:40:09
openvas
openvas
Debian: Security Advisory (DSA-4980-1)
2021-10-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2213-1)
2021-07-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2212-1)
2021-07-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package qemu version 6.1.1-alt1
2022-03-01 00:00:00
suse
suse
Security update for qemu (moderate)
2021-07-10 00:00:00
Security update for qemu (important)
2022-03-22 00:00:00
Security update for qemu (important)
2021-11-03 00:00:00
redos
redos
ROS-20220125-17
2022-01-25 00:00:00
ROS-20220324-02
2022-03-24 00:00:00
oraclelinux
oraclelinux
qemu security update
2022-02-05 00:00:00
virt:kvm_utils security update
2022-02-25 00:00:00
qemu security update
2021-08-17 00:00:00
ubuntucve
ubuntucve
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2022-08-14 00:00:00
prion
prion
Integer overflow
2021-02-25 20:15:00
Null pointer dereference
2021-05-26 22:15:00
Race condition
2022-02-18 18:15:00
veracode
veracode
Denial Of Service (DoS)
2021-04-11 12:04:51
Denial Of Service (DoS)
2022-01-15 16:40:05
Denial Of Service (DoS)
2022-01-15 21:49:42
redhatcve
redhatcve
debiancve
debiancve
cbl_mariner
cbl_mariner
CVE-2021-20203 affecting package qemu-kvm 4.2.0-48
2021-04-06 23:50:33
CVE-2021-3930 affecting package qemu for versions less than 6.2.0-2
2022-06-03 17:54:21
CVE-2021-3930 affecting package qemu-kvm 4.2.0-48
2022-04-07 06:04:11
cve
cve
alpinelinux
alpinelinux
redhat
redhat
amazon
amazon
Medium: qemu
2023-05-25 17:41:00
cnvd
cnvd
QEMU Denial of Service Vulnerability (CNVD-2022-84162)
2022-03-02 00:00:00
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
70.9%
Related for OPENVAS:1361412562310845258