7.5 - MDVSA-2014:220

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	MDVSA-2014:220	First vendor Publication	2014-11-21
Vendor	Mandriva	Last vendor Modification	2014-11-21
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Updated qemu packages fix security vulnerabilities:

Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host (CVE-2013-4544).

Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147).

A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process (CVE-2014-0150).

A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest (CVE-2014-0142).

A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest (CVE-2014-0146).

It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest (CVE-2014-0148).

An out-of-bounds memory access flaw was found in the way QEMU's IDE device driver handled the execution of SMART EXECUTE OFFLINE commands. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process (CVE-2014-2894).

Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use either of these flaws to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process (CVE-2014-0222, CVE-2014-0223).

Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way the virtio, virtio-net, virtio-scsi, and usb drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process (CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461).

An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest (CVE-2014-3615).

When guest sends udp packet with source port and source addr 0, uninitialized socket is picked up when looking for matching and already created udp sockets, and later passed to sosendto() where NULL pointer dereference is hit during so->slirp->vnetwork_mask.s_addr access Only guests using qemu user networking are affected (CVE-2014-3640).

The Advanced Threat Research team at Intel Security reported that guest provided parameter were insufficiently validated in rectangle functions in the vmware-vga driver. A privileged guest user could use this flaw to write into qemu address space on the host, potentially escalating their privileges to those of the qemu host process (CVE-2014-3689).

It was discovered that QEMU incorrectly handled USB xHCI controller live migration. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code (CVE-2014-5263).

James Spadaro of Cisco reported insufficiently sanitized bits_per_pixel from the client in the QEMU VNC display driver. An attacker having access to the guest's VNC console could use this flaw to crash the guest (CVE-2014-7815).

Additionally qemu-1.6+ requires usbredir-0.6+ for USB redirection support which is also being provided with this advisory.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:220

CWE : Common Weakness Enumeration

%	Id	Name
53 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
15 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
9 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
6 %	CWE-476	NULL Pointer Dereference
6 %	CWE-20	Improper Input Validation
3 %	CWE-369	Divide By Zero
3 %	CWE-269	Improper Privilege Management
3 %	CWE-200	Information Exposure
3 %	CWE-190	Integer Overflow or Wraparound (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:23845

Oval ID:	oval:org.mitre.oval:def:23845
Title:	ELSA-2014:0420: qemu-kvm security update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) The CVE-2014-0143 issues were discovered by Kevin Wolf and Stefan Hajnoczi of Red Hat, the CVE-2014-0144 issues were discovered by Fam Zheng, Jeff Cody, Kevin Wolf, and Stefan Hajnoczi of Red Hat, the CVE-2014-0145 issues were discovered by Stefan Hajnoczi of Red Hat, the CVE-2014-0150 issue was discovered by Michael S. Tsirkin of Red Hat, the CVE-2014-0142, CVE-2014-0146, and CVE-2014-0147 issues were discovered by Kevin Wolf of Red Hat, and the CVE-2014-0148 issue was discovered by Jeff Cody of Red Hat. All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0420-00 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 CVE-2014-0150	Version:	5
Platform(s):	Oracle Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 6.x rpm test qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.8

Definition Id: oval:org.mitre.oval:def:24016

Oval ID:	oval:org.mitre.oval:def:24016
Title:	USN-2182-1 -- qemu, qemu-kvm vulnerabilities
Description:	Several security issues were fixed in QEMU.
Family:	unix	Class:	patch
Reference(s):	USN-2182-1 CVE-2013-4544 CVE-2014-0150 CVE-2014-2894	Version:	5
Platform(s):	Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	qemu qemu-kvm
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed Packages match section qemu-system DPKG is earlier than 0:2.0.0~rc1+dfsg-0ubuntu3.1 AND qemu-system-aarch64 DPKG is earlier than 0:2.0.0~rc1+dfsg-0ubuntu3.1 AND qemu-system-arm DPKG is earlier than 0:2.0.0~rc1+dfsg-0ubuntu3.1 AND qemu-system-mips DPKG is earlier than 0:2.0.0~rc1+dfsg-0ubuntu3.1 AND qemu-system-misc DPKG is earlier than 0:2.0.0~rc1+dfsg-0ubuntu3.1 AND qemu-system-ppc DPKG is earlier than 0:2.0.0~rc1+dfsg-0ubuntu3.1 AND qemu-system-sparc DPKG is earlier than 0:2.0.0~rc1+dfsg-0ubuntu3.1 AND qemu-system-x86 DPKG is earlier than 0:2.0.0~rc1+dfsg-0ubuntu3.1 AND Ubuntu 13.10 release section Ubuntu 13.10 is installed Packages match section qemu-system DPKG is earlier than 0:1.5.0+dfsg-3ubuntu5.4 AND qemu-system-arm DPKG is earlier than 0:1.5.0+dfsg-3ubuntu5.4 AND qemu-system-mips DPKG is earlier than 0:1.5.0+dfsg-3ubuntu5.4 AND qemu-system-misc DPKG is earlier than 0:1.5.0+dfsg-3ubuntu5.4 AND qemu-system-ppc DPKG is earlier than 0:1.5.0+dfsg-3ubuntu5.4 AND qemu-system-sparc DPKG is earlier than 0:1.5.0+dfsg-3ubuntu5.4 AND qemu-system-x86 DPKG is earlier than 0:1.5.0+dfsg-3ubuntu5.4 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed AND qemu-kvm DPKG is earlier than 0:1.2.0+noroms-0ubuntu2.12.10.7 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND qemu-kvm DPKG is earlier than 0:1.0+noroms-0ubuntu14.14 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND qemu-kvm DPKG is earlier than 0:0.12.3+noroms-0ubuntu9.22

Definition Id: oval:org.mitre.oval:def:24104

Oval ID:	oval:org.mitre.oval:def:24104
Title:	RHSA-2014:0420: qemu-kvm security update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) The CVE-2014-0143 issues were discovered by Kevin Wolf and Stefan Hajnoczi of Red Hat, the CVE-2014-0144 issues were discovered by Fam Zheng, Jeff Cody, Kevin Wolf, and Stefan Hajnoczi of Red Hat, the CVE-2014-0145 issues were discovered by Stefan Hajnoczi of Red Hat, the CVE-2014-0150 issue was discovered by Michael S. Tsirkin of Red Hat, the CVE-2014-0142, CVE-2014-0146, and CVE-2014-0147 issues were discovered by Kevin Wolf of Red Hat, and the CVE-2014-0148 issue was discovered by Jeff Cody of Red Hat. All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0420-00 CESA-2014:0420 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 CVE-2014-0150	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.8

Definition Id: oval:org.mitre.oval:def:24231

Oval ID:	oval:org.mitre.oval:def:24231
Title:	DSA-2909-1 qemu - security update
Description:	Michael S. Tsirkin of Red Hat discovered a buffer overflow flaw in the way qemu processed MAC addresses table update requests from the guest.
Family:	unix	Class:	patch
Reference(s):	DSA-2909-1 CVE-2014-0150	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	qemu
Definition Synopsis:
Debian 6.0 release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu DPKG is earlier than 0:0.12.5+dfsg-3squeeze4 AND Debian 7.x release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu DPKG is earlier than 0:1.1.2+dfsg-6a+deb7u1

Definition Id: oval:org.mitre.oval:def:24717

Oval ID:	oval:org.mitre.oval:def:24717
Title:	DSA-2910-1 qemu-kvm - security update
Description:	Michael S. Tsirkin of Red Hat discovered a buffer overflow flaw in the way qemu processed MAC addresses table update requests from the guest.
Family:	unix	Class:	patch
Reference(s):	DSA-2910-1 CVE-2014-0150	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	qemu-kvm
Definition Synopsis:
Debian 6.0 release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu-kvm DPKG is earlier than 0:0.12.5+dfsg-5+squeeze11 AND Debian 7.x release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu-kvm DPKG is earlier than 0:1.1.2+dfsg-6+deb7u1

Definition Id: oval:org.mitre.oval:def:24919

Oval ID:	oval:org.mitre.oval:def:24919
Title:	ELSA-2014:0743: qemu-kvm security and bug fix update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way the virtio, virtio-net, virtio-scsi, and usb drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461) An out-of-bounds memory access flaw was found in the way QEMU's IDE device driver handled the execution of SMART EXECUTE OFFLINE commands. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-2894) The CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, and CVE-2014-3461 issues were discovered by Michael S. Tsirkin of Red Hat, Anthony Liguori, and Michael Roth. This update also fixes the following bugs: * Previously, under certain circumstances, libvirt failed to start guests which used a non-zero PCI domain and SR-IOV Virtual Functions (VFs), and returned the following error message: Can't assign device inside non-zero PCI segment as this KVM module doesn't support it. This update fixes this issue and guests using the aforementioned configuration no longer fail to start. (BZ#1099941) * Due to an incorrect initialization of the cpus_sts bitmap, which holds the enablement status of a vCPU, libvirt could fail to start a guest with an unusual vCPU topology (for example, a guest with three cores and two sockets). With this update, the initialization of cpus_sts has been corrected, and libvirt no longer fails to start the aforementioned guests. (BZ#1100575) All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0743-00 CVE-2013-4148 CVE-2013-4151 CVE-2013-4535 CVE-2013-4536 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182 CVE-2014-2894 CVE-2014-3461	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 6.x rpm test qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.10 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.10 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.10 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.10

Definition Id: oval:org.mitre.oval:def:25072

Oval ID:	oval:org.mitre.oval:def:25072
Title:	RHSA-2014:0704: qemu-kvm security and bug fix update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide a user-space component to run virtual machines using KVM. An out-of-bounds memory access flaw was found in the way QEMU's IDE device driver handled the execution of SMART EXECUTE OFFLINE commands. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-2894) This update also fixes the following bugs: * Prior to this update, a bug in the migration code caused the following error on specific machine types: after a Red Hat Enterprise Linux 6.5 guest was migrated from a Red Hat Enterprise Linux 6.5 host to a Red Hat Enterprise Linux 7.0 host and then restarted, the boot failed and the guest automatically restarted. Thus, the guest entered an endless loop. With this update, the migration code has been fixed and the Red Hat Enterprise Linux 6.5 guests migrated in the aforementioned scenario now boot properly. (BZ#1091322) * Due to a regression bug in the iSCSI driver, the qemu-kvm process terminated unexpectedly with a segmentation fault when the "write same" command was executed in guest mode under the iSCSI protocol. This update fixes the regression and the "write same" command now functions in guest mode under iSCSI as intended. (BZ#1090978) * Due to a mismatch in interrupt request (IRQ) routing, migration of a Red Hat Enterprise Linux 6.5 guest from a Red Hat Enterprise Linux 6.5 host to a Red Hat Enterprise Linux 7.0 host could produce a call trace. This happened if memory ballooning and a Universal Host Control Interface (UHCI) device were used at the same time on certain machine types. With this patch, the IRQ routing mismatch has been amended and the described migration now proceeds as expected. (BZ#1090981) * Previously, an internal error prevented KVM from executing a CPU hot plug on a Red Hat Enterprise Linux 7 guest running on a Red Hat Enterprise Linux 7 host. This update addresses the internal error and CPU hot plugging in the described scenario now functions correctly. (BZ#1094820) All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0704-00 CVE-2014-2894	Version:	4
Platform(s):	Red Hat Enterprise Linux 7 CentOS Linux 7	Product(s):	qemu-kvm
Definition Synopsis:
RHEL 7 The operating system installed on the system is Red Hat Enterprise Linux 7 AND Packages section libcacard is earlier than 10:1.5.3-60.el7_0.2 AND qemu-kvm-tools is earlier than 10:1.5.3-60.el7_0.2 AND libcacard-tools is earlier than 10:1.5.3-60.el7_0.2 AND qemu-guest-agent is earlier than 10:1.5.3-60.el7_0.2 AND qemu-kvm-common is earlier than 10:1.5.3-60.el7_0.2 AND libcacard-devel is earlier than 10:1.5.3-60.el7_0.2 AND qemu-kvm is earlier than 10:1.5.3-60.el7_0.2 AND qemu-img is earlier than 10:1.5.3-60.el7_0.2 OR CentOS 7 The operating system installed on the system is CentOS Linux 7.x AND qemu-kvm is earlier than 10:1.5.3-60.el7_0.2

Definition Id: oval:org.mitre.oval:def:25091

Oval ID:	oval:org.mitre.oval:def:25091
Title:	RHSA-2014:0927: qemu-kvm security and bug fix update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use either of these flaws to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0222, CVE-2014-0223) Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way virtio, virtio-net, virtio-scsi, usb, and hpet drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4527, CVE-2013-4529, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461) These issues were discovered by Michael S. Tsirkin, Anthony Liguori and Michael Roth of Red Hat: CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4527, CVE-2013-4529, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, and CVE-2014-3461.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0927-01 CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4527 CVE-2013-4529 CVE-2013-4535 CVE-2013-4536 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CESA-2014:0927	Version:	5
Platform(s):	Red Hat Enterprise Linux 7 CentOS Linux 7	Product(s):	qemu-kvm
Definition Synopsis:
Red Hat Enterprise Linux 7 and CentOS Linux 7 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 7 AND The operating system installed on the system is CentOS Linux 7.x Packages match section libcacard is earlier than 10:1.5.3-60.el7_0.5 AND libcacard-devel is earlier than 10:1.5.3-60.el7_0.5 AND libcacard-tools is earlier than 10:1.5.3-60.el7_0.5 AND qemu-guest-agent is earlier than 10:1.5.3-60.el7_0.5 AND qemu-img is earlier than 10:1.5.3-60.el7_0.5 AND qemu-kvm is earlier than 10:1.5.3-60.el7_0.5 AND qemu-kvm-common is earlier than 10:1.5.3-60.el7_0.5 AND qemu-kvm-tools is earlier than 10:1.5.3-60.el7_0.5 AND Red Hat Enterprise Linux 7 release section The operating system installed on the system is Red Hat Enterprise Linux 7 AND qemu-kvm-debuginfo is earlier than 10:1.5.3-60.el7_0.5

Definition Id: oval:org.mitre.oval:def:25125

Oval ID:	oval:org.mitre.oval:def:25125
Title:	RHSA-2014:0743: qemu-kvm security and bug fix update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way the virtio, virtio-net, virtio-scsi, and usb drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461) An out-of-bounds memory access flaw was found in the way QEMU's IDE device driver handled the execution of SMART EXECUTE OFFLINE commands. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-2894) The CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, and CVE-2014-3461 issues were discovered by Michael S. Tsirkin of Red Hat, Anthony Liguori, and Michael Roth. This update also fixes the following bugs: * Previously, under certain circumstances, libvirt failed to start guests which used a non-zero PCI domain and SR-IOV Virtual Functions (VFs), and returned the following error message: Can't assign device inside non-zero PCI segment as this KVM module doesn't support it. This update fixes this issue and guests using the aforementioned configuration no longer fail to start. (BZ#1099941) * Due to an incorrect initialization of the cpus_sts bitmap, which holds the enablement status of a vCPU, libvirt could fail to start a guest with an unusual vCPU topology (for example, a guest with three cores and two sockets). With this update, the initialization of cpus_sts has been corrected, and libvirt no longer fails to start the aforementioned guests. (BZ#1100575) All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0743-00 CESA-2014:0743 CVE-2013-4148 CVE-2013-4151 CVE-2013-4535 CVE-2013-4536 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182 CVE-2014-2894 CVE-2014-3461	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.10 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.10 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.10 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.10

Definition Id: oval:org.mitre.oval:def:25155

Oval ID:	oval:org.mitre.oval:def:25155
Title:	RHSA-2014:0426: qemu-kvm security update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. ... All users of qemu-kvm should upgrade to these updated packages, which contain backported patches to correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0426-00 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 CVE-2014-0150	Version:	3
Platform(s):	Red Hat Enterprise Linux 6	Product(s):
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.8

Definition Id: oval:org.mitre.oval:def:25200

Oval ID:	oval:org.mitre.oval:def:25200
Title:	ELSA-2014:0426: qemu-kvm security update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. ... All users of qemu-kvm should upgrade to these updated packages, which contain backported patches to correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0426-00 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 CVE-2014-0150	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	qemu qemu-kvm
Definition Synopsis:
Oracle Linux 6.x rpm test qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.8 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.8

Definition Id: oval:org.mitre.oval:def:25804

Oval ID:	oval:org.mitre.oval:def:25804
Title:	SUSE-SU-2014:0816-1 -- Security update for KVM
Description:	Several security issues in KVM have been fixed.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0816-1 CVE-2014-0150 CVE-2014-2894 CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	KVM
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed AND kvm RPM is earlier than 0:1.4.2-0.15.2

Definition Id: oval:org.mitre.oval:def:26667

Oval ID:	oval:org.mitre.oval:def:26667
Title:	RHSA-2014:1075: qemu-kvm security and bug fix update (Moderate)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1075-00 CESA-2014:1075 CVE-2014-0222 CVE-2014-0223	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.14 AND qemu-img is earlier than 2:0.12.1.2-2.415.el6_5.14 AND qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.14 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.415.el6_5.14

Definition Id: oval:org.mitre.oval:def:26880

Oval ID:	oval:org.mitre.oval:def:26880
Title:	ELSA-2014-1075 -- qemu-kvm security and bug fix update (moderate)
Description:	[0.12.1.2-2.415.el6_5.14] - The commit for zrelease .13 was incomplete; the changes to qemu-kvm.spec did not include the '%patchNNNN -p1' lines for patches 4647 through 4655; so although the patch files themselves were committed, the srpm build did not pick them up. In addition, the commit log did not describe the patches. This commit corrects these problems and bumps the zrelease to .14.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1075 CVE-2014-0222 CVE-2014-0223	Version:	5
Platform(s):	Oracle Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 6.x Packages match section qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.14 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.14

Definition Id: oval:org.mitre.oval:def:26922

Oval ID:	oval:org.mitre.oval:def:26922
Title:	DSA-3044-1 qemu-kvm - security update
Description:	Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.
Family:	unix	Class:	patch
Reference(s):	DSA-3044-1 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0222 CVE-2014-0223 CVE-2014-3615 CVE-2014-3640	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	qemu-kvm
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu-kvm DPKG is earlier than 0:1.1.2+dfsg-6+deb7u4

Definition Id: oval:org.mitre.oval:def:26937

Oval ID:	oval:org.mitre.oval:def:26937
Title:	DEPRECATED: ELSA-2014-0743 -- qemu-kvm security and bug fix update (moderate)
Description:	[0.12.1.2-2.415.el6_5.10] - kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch [bz#1095692] - kvm-usb-sanity-check-setup_index-setup_len-in-post_load.patch [bz#1095743] - kvm-usb-sanity-check-setup_index-setup_len-in-post_load-2.patch [bz#1095743] - kvm-virtio-scsi-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095739] - kvm-virtio-avoid-buffer-overrun-on-incoming-migration.patch [bz#1095735] - kvm-virtio-validate-num_sg-when-mapping.patch [bz#1095763 bz#1096124] - kvm-virtio-allow-mapping-up-to-max-queue-size.patch [bz#1095763 bz#1096124] - kvm-enable-PCI-multiple-segments-for-pass-through-device.patch [bz#1099941] - kvm-virtio-net-fix-buffer-overflow-on-invalid-state-load.patch [bz#1095675] - kvm-virtio-validate-config_len-on-load.patch [bz#1095779] - kvm-usb-fix-up-post-load-checks.patch [bz#1096825] - kvm-CPU-hotplug-use-apic_id_for_cpu-round-2-RHEL-6-only.patch [bz#1100575] [0.12.1.2-2.415.el6_5.9] - kvm-ide-Correct-improper-smart-self-test-counter-reset-i.patch [bz#1087978] - Resolves: bz#1087978 (CVE-2014-2894 qemu-kvm: QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART [rhel-6.5.z])
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0743 CVE-2013-4148 CVE-2013-4151 CVE-2013-4535 CVE-2013-4536 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182 CVE-2014-2894 CVE-2014-3461	Version:	5
Platform(s):	Oracle Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 6.x Packages match section qemu-kvm is earlier than 2:0.12.1.2-2.415.el6_5.10 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.415.el6_5.10

Definition Id: oval:org.mitre.oval:def:27016

Oval ID:	oval:org.mitre.oval:def:27016
Title:	ELSA-2014-1669 -- qemu-kvm security and bug fix update (low)
Description:	[1.5.3-60.el7_0.10] - kvm-block-add-helper-function-to-determine-if-a-BDS-is-i.patch [bz#1122925] - kvm-block-extend-block-commit-to-accept-a-string-for-the.patch [bz#1122925] - kvm-block-add-backing-file-option-to-block-stream.patch [bz#1122925] - kvm-block-add-__com.redhat_change-backing-file-qmp-comma.patch [bz#1122925] - Resolves: bz#1122925 (Maintain relative path to backing file image during live merge (block-commit))
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1669 CVE-2014-3615	Version:	5
Platform(s):	Oracle Linux 7	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 7.x Packages match section qemu-kvm is earlier than 10:1.5.3-60.el7_0.10 AND libcacard is earlier than 10:1.5.3-60.el7_0.10 AND libcacard-devel is earlier than 10:1.5.3-60.el7_0.10 AND libcacard-tools is earlier than 10:1.5.3-60.el7_0.10 AND qemu-guest-agent is earlier than 10:1.5.3-60.el7_0.10 AND qemu-img is earlier than 10:1.5.3-60.el7_0.10 AND qemu-kvm-common is earlier than 10:1.5.3-60.el7_0.10 AND qemu-kvm-tools is earlier than 10:1.5.3-60.el7_0.10

Definition Id: oval:org.mitre.oval:def:27022

Oval ID:	oval:org.mitre.oval:def:27022
Title:	RHSA-2014:1669 -- qemu-kvm security and bug fix update (Low)
Description:	KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest. (CVE-2014-3615) This issue was discovered by Laszlo Ersek of Red Hat. This update also fixes the following bug: * This update fixes a regression in the scsi_block_new_request() function, which caused all read requests to through SG_IO if the host cache was not used. (BZ#1141189) All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1669 CESA-2014:1669 CVE-2014-3615	Version:	5
Platform(s):	Red Hat Enterprise Linux 7 CentOS Linux 7	Product(s):	qemu-kvm
Definition Synopsis:
Red Hat Enterprise Linux 7 and CentOS Linux 7 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 7 AND The operating system installed on the system is CentOS Linux 7.x Packages match section libcacard is earlier than 10:1.5.3-60.el7_0.10 AND libcacard-devel is earlier than 10:1.5.3-60.el7_0.10 AND libcacard-tools is earlier than 10:1.5.3-60.el7_0.10 AND qemu-guest-agent is earlier than 10:1.5.3-60.el7_0.10 AND qemu-img is earlier than 10:1.5.3-60.el7_0.10 AND qemu-kvm is earlier than 10:1.5.3-60.el7_0.10 AND qemu-kvm-common is earlier than 10:1.5.3-60.el7_0.10 AND qemu-kvm-tools is earlier than 10:1.5.3-60.el7_0.10 AND Red Hat Enterprise Linux 7 release section The operating system installed on the system is Red Hat Enterprise Linux 7 AND qemu-kvm-debuginfo is earlier than 10:1.5.3-60.el7_0.10

Definition Id: oval:org.mitre.oval:def:27023

Oval ID:	oval:org.mitre.oval:def:27023
Title:	DSA-3045-1 qemu - security update
Description:	Several vulnerabilities were discovered in qemu, a fast processor emulator.
Family:	unix	Class:	patch
Reference(s):	DSA-3045-1 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0222 CVE-2014-0223 CVE-2014-3615 CVE-2014-3640	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	qemu
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu DPKG is earlier than 0:1.1.2+dfsg-6a+deb7u4

Definition Id: oval:org.mitre.oval:def:27143

Oval ID:	oval:org.mitre.oval:def:27143
Title:	SUSE-SU-2014:1278-1 -- Security update for kvm
Description:	kvm has been updated to fix issues in the embedded qemu: * CVE-2014-0223: An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could have used this flaw to corrupt QEMU process memory on the host, which could potentially have resulted in arbitrary code execution on the host with the privileges of the QEMU process. * CVE-2014-3461: A user able to alter the savevm data (either on the disk or over the wire during migration) could have used this flaw to to corrupt QEMU process memory on the (destination) host, which could have potentially resulted in arbitrary code execution on the host with the privileges of the QEMU process. * CVE-2014-0222: An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could have used this flaw to corrupt QEMU process memory on the host, which could have potentially resulted in arbitrary code execution on the host with the privileges of the QEMU process. Non-security bugs fixed: * Fix exceeding IRQ routes that could have caused freezes of guests. (bnc#876842) * Fix CPUID emulation bugs that may have broken Windows guests with newer -cpu types (bnc#886535) Security Issues: * CVE-2014-0222 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0222> * CVE-2014-0223 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0223> * CVE-2014-3461 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3461>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1278-1 CVE-2014-0223 CVE-2014-3461 CVE-2014-0222	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	kvm
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed AND kvm RPM is earlier than 0:1.4.2-0.17.1

Definition Id: oval:org.mitre.oval:def:27160

Oval ID:	oval:org.mitre.oval:def:27160
Title:	ELSA-2014-0927 -- qemu-kvm security and bug fix update (moderate)
Description:	[1.5.3-60.el7_0.5] - kvm-Allow-mismatched-virtio-config-len.patch [bz#1095782] - Resolves: bz#1095782 (CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid config_len [rhel-7.0.z])
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0927 CVE-2013-4148 CVE-2013-4151 CVE-2013-4535 CVE-2013-4536 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182 CVE-2014-3461 CVE-2013-4149 CVE-2013-4150 CVE-2013-4527 CVE-2013-4529 CVE-2014-0222 CVE-2014-0223	Version:	5
Platform(s):	Oracle Linux 7	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 7.x Packages match section qemu-kvm is earlier than 10:1.5.3-60.el7_0.5 AND libcacard is earlier than 10:1.5.3-60.el7_0.5 AND libcacard-devel is earlier than 10:1.5.3-60.el7_0.5 AND libcacard-tools is earlier than 10:1.5.3-60.el7_0.5 AND qemu-guest-agent is earlier than 10:1.5.3-60.el7_0.5 AND qemu-img is earlier than 10:1.5.3-60.el7_0.5 AND qemu-kvm-common is earlier than 10:1.5.3-60.el7_0.5 AND qemu-kvm-tools is earlier than 10:1.5.3-60.el7_0.5

Definition Id: oval:org.mitre.oval:def:27247

Oval ID:	oval:org.mitre.oval:def:27247
Title:	ELSA-2014-0704 -- qemu-kvm security and bug fix update (moderate)
Description:	[1.5.3-60.el7_0.2] - kvm-pc-add-hot_add_cpu-callback-to-all-machine-types.patch [bz#1094820] - Resolves: bz#1094820 (Hot plug CPU not working with RHEL6 machine types running on RHEL7 host.) [1.5.3-60.el7_0.1] - kvm-iscsi-fix-indentation.patch [bz#1090978] - kvm-iscsi-correctly-propagate-errors-in-iscsi_open.patch [bz#1090978] - kvm-block-iscsi-query-for-supported-VPD-pages.patch [bz#1090978] - kvm-block-iscsi-fix-segfault-if-writesame-fails.patch [bz#1090978] - kvm-iscsi-recognize-invalid-field-ASCQ-from-WRITE-SAME-c.patch [bz#1090978] - kvm-iscsi-ignore-flushes-on-scsi-generic-devices.patch [bz#1090978] - kvm-iscsi-always-query-max-WRITE-SAME-length.patch [bz#1090978] - kvm-iscsi-Don-t-set-error-if-already-set-in-iscsi_do_inq.patch [bz#1090978] - kvm-iscsi-Remember-to-set-ret-for-iscsi_open-in-error-ca.patch [bz#1090978] - kvm-qemu_loadvm_state-shadow-SeaBIOS-for-VM-incoming-fro.patch [1091322] - kvm-uhci-UNfix-irq-routing-for-RHEL-6-machtypes-RHEL-onl.patch [bz#1090981] - kvm-ide-Correct-improper-smart-self-test-counter-reset-i.patch [bz#1093612] - Resolves: bz#1091322 (fail to reboot guest after migration from RHEL6.5 host to RHEL7.0 host) - Resolves: bz#1090981 (Guest hits call trace migrate from RHEL6.5 to RHEL7.0 host with -M 6.1 & balloon & uhci device) - Resolves: bz#1090978 (qemu-kvm: iSCSI: Failure. SENSE KEY:ILLEGAL_REQUEST(5) ASCQ:INVALID_FIELD_IN_CDB(0x2400)) - Resolves: bz#1093612 (CVE-2014-2894 qemu-kvm: QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART [rhel-7.0.z])
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0704 CVE-2014-2894	Version:	5
Platform(s):	Oracle Linux 7	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 7.x Packages match section qemu-kvm is earlier than 10:1.5.3-60.el7_0.2 AND libcacard is earlier than 10:1.5.3-60.el7_0.2 AND libcacard-devel is earlier than 10:1.5.3-60.el7_0.2 AND libcacard-tools is earlier than 10:1.5.3-60.el7_0.2 AND qemu-guest-agent is earlier than 10:1.5.3-60.el7_0.2 AND qemu-img is earlier than 10:1.5.3-60.el7_0.2 AND qemu-kvm-common is earlier than 10:1.5.3-60.el7_0.2 AND qemu-kvm-tools is earlier than 10:1.5.3-60.el7_0.2

Definition Id: oval:org.mitre.oval:def:27312

Oval ID:	oval:org.mitre.oval:def:27312
Title:	DSA-3067-1 -- qemu-kvm security update
Description:	Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.
Family:	unix	Class:	patch
Reference(s):	DSA-3067-1 CVE-2014-3689 CVE-2014-7815	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	qemu-kvm
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu-kvm is earlier than 0:1.1.2+dfsg-6+deb7u5

Definition Id: oval:org.mitre.oval:def:28093

Oval ID:	oval:org.mitre.oval:def:28093
Title:	DSA-3066-1 -- qemu security update
Description:	Several vulnerabilities were discovered in qemu, a fast processor emulator.
Family:	unix	Class:	patch
Reference(s):	DSA-3066-1 CVE-2014-3689 CVE-2014-7815	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	qemu
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu is earlier than 0:1.1.2+dfsg-6a+deb7u5

Definition Id: oval:org.mitre.oval:def:28286

Oval ID:	oval:org.mitre.oval:def:28286
Title:	USN-2409-1 -- QEMU vulnerabilities
Description:	Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3615">CVE-2014-3615</a>) Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly handled certain udp packets when using guest networking. A malicious guest could possibly use this issue to cause a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3640">CVE-2014-3640</a>) It was discovered that QEMU incorrectly handled parameter validation in the vmware_vga device. A malicious guest could possibly use this issue to write into memory of the host, leading to privilege escalation. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3689">CVE-2014-3689</a>) It was discovered that QEMU incorrectly handled USB xHCI controller live migration. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-5263">CVE-2014-5263</a>) Michael S. Tsirkin discovered that QEMU incorrectly handled memory in the ACPI PCI hotplug interface. A malicious guest could possibly use this issue to access memory of the host, leading to information disclosure or privilege escalation. This issue only affected Ubuntu 14.04 LTS. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-5388">CVE-2014-5388</a>) James Spadaro discovered that QEMU incorrectly handled certain VNC bytes_per_pixel values. An attacker having access to a VNC console could possibly use this issue to cause a guest to crash, resulting in a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7815">CVE-2014-7815</a>)
Family:	unix	Class:	patch
Reference(s):	USN-2409-1 CVE-2014-3615 CVE-2014-3640 CVE-2014-3689 CVE-2014-5263 CVE-2014-5388 CVE-2014-7815	Version:	5
Platform(s):	Ubuntu 14.10 Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04	Product(s):	qemu qemu-kvm
Definition Synopsis:
Ubuntu 14.10 release section Ubuntu 14.10 is installed Packages match section qemu-system-misc is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-aarch64 is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-x86 is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-sparc is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-arm is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-ppc is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-mips is earlier than 0:2.1+dfsg-4ubuntu6.1 AND Ubuntu 14.04 release section Ubuntu 14.04 is installed Packages match section qemu-system-misc is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-aarch64 is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-x86 is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-sparc is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-arm is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-ppc is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-mips is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND qemu-kvm is earlier than 0:1.0+noroms-0ubuntu14.19 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND qemu-kvm is earlier than 0:0.12.3+noroms-0ubuntu9.25

CPE : Common Platform Enumeration

Type	Description	Count
Application	Qemu cpe:2.3:a:qemu:qemu:2.1.3:::::::* cpe:2.3:a:qemu:qemu:2.1.2:r1:::::: cpe:2.3:a:qemu:qemu:2.1.2:::::::* cpe:2.3:a:qemu:qemu:2.1.1:::::::* cpe:2.3:a:qemu:qemu:2.1.0:rc3:::::: cpe:2.3:a:qemu:qemu:2.1.0:rc5:::::: cpe:2.3:a:qemu:qemu:2.1.0:-:::::: cpe:2.3:a:qemu:qemu:2.1.0:rc0:::::: cpe:2.3:a:qemu:qemu:2.1.0:rc1:::::: cpe:2.3:a:qemu:qemu:2.1.0:rc2:::::: cpe:2.3:a:qemu:qemu:2.0.2:::::::* cpe:2.3:a:qemu:qemu:2.0.0:rc0:::::: cpe:2.3:a:qemu:qemu:2.0.0:rc2:::::: cpe:2.3:a:qemu:qemu:2.0.0:rc3:::::: cpe:2.3:a:qemu:qemu:2.0.0:rc1:::::: cpe:2.3:a:qemu:qemu:2.0.0:-:::::: cpe:2.3:a:qemu:qemu:1.7.1:::::::* cpe:2.3:a:qemu:qemu:1.6.2:::::::* cpe:2.3:a:qemu:qemu:1.6.1:::::::* cpe:2.3:a:qemu:qemu:1.6.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.6.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.6.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.6.0:-:::::: cpe:2.3:a:qemu:qemu:1.5.3:::::::* cpe:2.3:a:qemu:qemu:1.5.2:::::::* cpe:2.3:a:qemu:qemu:1.5.1:::::::* cpe:2.3:a:qemu:qemu:1.5.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.5.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.5.0:-:::::: cpe:2.3:a:qemu:qemu:1.5.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.4.2:::::::* cpe:2.3:a:qemu:qemu:1.4.1:::::::* cpe:2.3:a:qemu:qemu:1.4.0:-:::::: cpe:2.3:a:qemu:qemu:1.4.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.4.0:rc0:::::: cpe:2.3:a:qemu:qemu:1.3.1:::::::* cpe:2.3:a:qemu:qemu:1.3.0:rc0:::::: cpe:2.3:a:qemu:qemu:1.3.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.3.0:::::::* cpe:2.3:a:qemu:qemu:1.3.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.2.2:::::::* cpe:2.3:a:qemu:qemu:1.2.1:::::::* cpe:2.3:a:qemu:qemu:1.2.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.2.0:rc0:::::: cpe:2.3:a:qemu:qemu:1.2.0:-:::::: cpe:2.3:a:qemu:qemu:1.2.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.2.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.1.2:::::::* cpe:2.3:a:qemu:qemu:1.1.1:::::::* cpe:2.3:a:qemu:qemu:1.1:rc4:::::: cpe:2.3:a:qemu:qemu:1.1:rc1:::::: cpe:2.3:a:qemu:qemu:1.1:rc2:::::: cpe:2.3:a:qemu:qemu:1.1:rc3:::::: cpe:2.3:a:qemu:qemu:1.1:-:::::: cpe:2.3:a:qemu:qemu:1.0.1:::::::* cpe:2.3:a:qemu:qemu:1.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.0:rc4:::::: cpe:2.3:a:qemu:qemu:1.0:-:::::: cpe:2.3:a:qemu:qemu:1:2.1+dfsg-12+deb8u6:::::::* cpe:2.3:a:qemu:qemu:1:2.8+dfsg-6+deb9u8:::::::* cpe:2.3:a:qemu:qemu:1:3.1+dfsg-8+deb10u2:::::::* cpe:2.3:a:qemu:qemu:1:3.1+dfsg-8~deb10u1:::::::* cpe:2.3:a:qemu:qemu:1:4.1-1:::::::* cpe:2.3:a:qemu:qemu:0.9.1-5:::::::* cpe:2.3:a:qemu:qemu:0.9.1:::::::* cpe:2.3:a:qemu:qemu:0.9.0:::::::* cpe:2.3:a:qemu:qemu:0.8.2:::::::* cpe:2.3:a:qemu:qemu:0.8.1:::::::* cpe:2.3:a:qemu:qemu:0.8.0:::::::* cpe:2.3:a:qemu:qemu:0.7.2:::::::* cpe:2.3:a:qemu:qemu:0.7.1:::::::* cpe:2.3:a:qemu:qemu:0.7.0:::::::* cpe:2.3:a:qemu:qemu:0.6.1:::::::* cpe:2.3:a:qemu:qemu:0.6.0:::::::* cpe:2.3:a:qemu:qemu:0.5.5:::::::* cpe:2.3:a:qemu:qemu:0.5.4:::::::* cpe:2.3:a:qemu:qemu:0.5.3:::::::* cpe:2.3:a:qemu:qemu:0.5.2:::::::* cpe:2.3:a:qemu:qemu:0.5.1:::::::* cpe:2.3:a:qemu:qemu:0.5.0:::::::* cpe:2.3:a:qemu:qemu:0.4.3:::::::* cpe:2.3:a:qemu:qemu:0.4.2:::::::* cpe:2.3:a:qemu:qemu:0.4.1:::::::* cpe:2.3:a:qemu:qemu:0.4.0:::::::* cpe:2.3:a:qemu:qemu:0.3.0:::::::* cpe:2.3:a:qemu:qemu:0.2.0:::::::* cpe:2.3:a:qemu:qemu:0.15.2:::::::* cpe:2.3:a:qemu:qemu:0.15.1:::::::* cpe:2.3:a:qemu:qemu:0.15.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.15.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.15.0:-:::::: cpe:2.3:a:qemu:qemu:0.14.1:::::::* cpe:2.3:a:qemu:qemu:0.14.0:-:::::: cpe:2.3:a:qemu:qemu:0.14.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.14.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.14.0:rc0:::::: cpe:2.3:a:qemu:qemu:0.13.0:-:::::: cpe:2.3:a:qemu:qemu:0.13.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.13.0:rc0:::::: cpe:2.3:a:qemu:qemu:0.12.5:::::::* cpe:2.3:a:qemu:qemu:0.12.4:::::::* cpe:2.3:a:qemu:qemu:0.12.3:::::::* cpe:2.3:a:qemu:qemu:0.12.2:::::::* cpe:2.3:a:qemu:qemu:0.12.1:::::::* cpe:2.3:a:qemu:qemu:0.12.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.12.0:-:::::: cpe:2.3:a:qemu:qemu:0.12.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.11.1:::::::* cpe:2.3:a:qemu:qemu:0.11.0-rc2:::::::* cpe:2.3:a:qemu:qemu:0.11.0-rc1:::::::* cpe:2.3:a:qemu:qemu:0.11.0-rc0:::::::* cpe:2.3:a:qemu:qemu:0.11.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.11.0:rc0:::::: cpe:2.3:a:qemu:qemu:0.11.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.11.0:-:::::: cpe:2.3:a:qemu:qemu:0.10.6:::::::* cpe:2.3:a:qemu:qemu:0.10.5:::::::* cpe:2.3:a:qemu:qemu:0.10.4:::::::* cpe:2.3:a:qemu:qemu:0.10.3:::::::* cpe:2.3:a:qemu:qemu:0.10.2:::::::* cpe:2.3:a:qemu:qemu:0.10.1:::::::* cpe:2.3:a:qemu:qemu:0.10.0:::::::* cpe:2.3:a:qemu:qemu:0.1.6:::::::* cpe:2.3:a:qemu:qemu:0.1.5:::::::* cpe:2.3:a:qemu:qemu:0.1.4:::::::* cpe:2.3:a:qemu:qemu:0.1.3:::::::* cpe:2.3:a:qemu:qemu:0.1.2:::::::* cpe:2.3:a:qemu:qemu:0.1.1:::::::* cpe:2.3:a:qemu:qemu:0.1.0:::::::* cpe:2.3:a:qemu:qemu:::::::: cpe:2.3:a:qemu:qemu::r1::::::* cpe:2.3:a:qemu:qemu:-:::::::*	134
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm::: cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm::: cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:::::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts::: cpe:2.3:o:canonical:ubuntu_linux:10.04::::-::: cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::	11
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::*	1
Os	Opensuse cpe:2.3:o:opensuse:opensuse:13.1:::::::* cpe:2.3:o:opensuse:opensuse:12.3:::::::*	2
Os	Redhat Enterprise Linux cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*	1
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*	1
Os	Redhat Enterprise Linux Eus cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*	5
Os	Redhat Enterprise Linux Hpc Node cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*	1
Os	Redhat Enterprise Linux Server cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*	1
Os	Redhat Enterprise Linux Server Aus cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*	4
Os	Redhat Enterprise Linux Server Tus cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*	3
Os	Redhat Enterprise Linux Workstation cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*	1
Os	Suse Linux Enterprise Desktop cpe:2.3:o:suse:linux_enterprise_desktop:12:-::::::	1
Os	Suse Linux Enterprise Server cpe:2.3:o:suse:linux_enterprise_server:12:-:::::: cpe:2.3:o:suse:linux_enterprise_server:11.0:sp1::::::	2

Snort® IPS/IDS

Date	Description
2015-10-01	QEMU VNC set-pixel-format memory corruption attempt RuleID : 35851 - Revision : 2 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date	Description
2016-11-07	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2725-1.nasl - Type : ACT_GATHER_INFO
2016-10-26	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2628-1.nasl - Type : ACT_GATHER_INFO
2016-10-26	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2533-1.nasl - Type : ACT_GATHER_INFO
2016-10-26	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2528-1.nasl - Type : ACT_GATHER_INFO
2016-10-12	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1170.nasl - Type : ACT_GATHER_INFO
2016-10-12	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1169.nasl - Type : ACT_GATHER_INFO
2016-08-29	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1785-1.nasl - Type : ACT_GATHER_INFO
2016-08-29	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1745-1.nasl - Type : ACT_GATHER_INFO
2016-08-29	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1698-1.nasl - Type : ACT_GATHER_INFO
2016-07-28	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0089.nasl - Type : ACT_GATHER_INFO
2016-06-22	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0081.nasl - Type : ACT_GATHER_INFO
2016-06-17	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1560-1.nasl - Type : ACT_GATHER_INFO
2016-06-17	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1445-1.nasl - Type : ACT_GATHER_INFO
2016-05-19	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1318-1.nasl - Type : ACT_GATHER_INFO
2016-04-27	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1154-1.nasl - Type : ACT_GATHER_INFO
2016-04-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-439.nasl - Type : ACT_GATHER_INFO
2016-04-07	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0955-1.nasl - Type : ACT_GATHER_INFO
2016-04-01	Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-413.nasl - Type : ACT_GATHER_INFO
2016-03-25	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0873-1.nasl - Type : ACT_GATHER_INFO
2016-03-07	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-0658-1.nasl - Type : ACT_GATHER_INFO
2015-11-13	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1952-1.nasl - Type : ACT_GATHER_INFO
2015-11-05	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1908-1.nasl - Type : ACT_GATHER_INFO
2015-11-05	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1894-1.nasl - Type : ACT_GATHER_INFO
2015-11-03	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1853-1.nasl - Type : ACT_GATHER_INFO
2015-10-21	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1782-1.nasl - Type : ACT_GATHER_INFO
2015-05-27	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0929-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0744-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0613-1.nasl - Type : ACT_GATHER_INFO
2015-04-30	Name : The remote host is missing a vendor-supplied security patch. File : citrix_xenserver_CTX200892.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150305_qemu_kvm_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-03-19	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-061.nasl - Type : ACT_GATHER_INFO
2015-03-18	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-0349.nasl - Type : ACT_GATHER_INFO
2015-03-13	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-0349.nasl - Type : ACT_GATHER_INFO
2015-03-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0624.nasl - Type : ACT_GATHER_INFO
2015-03-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0349.nasl - Type : ACT_GATHER_INFO
2015-02-24	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kvm-libvirt-201412-150124.nasl - Type : ACT_GATHER_INFO
2015-02-24	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kvm-libvirt-201412-150123.nasl - Type : ACT_GATHER_INFO
2014-12-26	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-37.nasl - Type : ACT_GATHER_INFO
2014-12-15	Name : The remote Fedora host is missing a security update. File : fedora_2014-15951.nasl - Type : ACT_GATHER_INFO
2014-12-09	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-01.nasl - Type : ACT_GATHER_INFO
2014-12-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-15521.nasl - Type : ACT_GATHER_INFO
2014-12-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-15503.nasl - Type : ACT_GATHER_INFO
2014-11-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-220.nasl - Type : ACT_GATHER_INFO
2014-11-14	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2409-1.nasl - Type : ACT_GATHER_INFO
2014-11-11	Name : The remote Fedora host is missing a security update. File : fedora_2014-14033.nasl - Type : ACT_GATHER_INFO
2014-11-10	Name : The remote Fedora host is missing a security update. File : fedora_2014-13993.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1670.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-1168.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1076.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0744.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0674.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0421.nasl - Type : ACT_GATHER_INFO
2014-11-07	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3067.nasl - Type : ACT_GATHER_INFO
2014-11-07	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3066.nasl - Type : ACT_GATHER_INFO
2014-10-23	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201409-141002.nasl - Type : ACT_GATHER_INFO
2014-10-22	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1669.nasl - Type : ACT_GATHER_INFO
2014-10-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1669.nasl - Type : ACT_GATHER_INFO
2014-10-21	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1669.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-580.nasl - Type : ACT_GATHER_INFO
2014-10-10	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-579.nasl - Type : ACT_GATHER_INFO
2014-10-09	Name : The remote Fedora host is missing a security update. File : fedora_2014-11641.nasl - Type : ACT_GATHER_INFO
2014-10-06	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3045.nasl - Type : ACT_GATHER_INFO
2014-10-06	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3044.nasl - Type : ACT_GATHER_INFO
2014-09-29	Name : The remote Fedora host is missing a security update. File : fedora_2014-11588.nasl - Type : ACT_GATHER_INFO
2014-09-09	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2342-1.nasl - Type : ACT_GATHER_INFO
2014-08-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-17.nasl - Type : ACT_GATHER_INFO
2014-08-21	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1075.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1075.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1075.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0927.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0704.nasl - Type : ACT_GATHER_INFO
2014-07-26	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0927.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0927.nasl - Type : ACT_GATHER_INFO
2014-06-19	Name : The remote SuSE 11 host is missing a security update. File : suse_11_kvm-140528.nasl - Type : ACT_GATHER_INFO
2014-06-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0743.nasl - Type : ACT_GATHER_INFO
2014-06-11	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0743.nasl - Type : ACT_GATHER_INFO
2014-05-20	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2933.nasl - Type : ACT_GATHER_INFO
2014-05-20	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2932.nasl - Type : ACT_GATHER_INFO
2014-05-19	Name : The remote Fedora host is missing a security update. File : fedora_2014-6288.nasl - Type : ACT_GATHER_INFO
2014-05-09	Name : The remote SuSE 11 host is missing a security update. File : suse_11_kvm-140416.nasl - Type : ACT_GATHER_INFO
2014-05-02	Name : The remote Fedora host is missing a security update. File : fedora_2014-5825.nasl - Type : ACT_GATHER_INFO
2014-04-29	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2182-1.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140422_qemu_kvm_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0420.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0420.nasl - Type : ACT_GATHER_INFO
2014-04-23	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0420.nasl - Type : ACT_GATHER_INFO
2014-04-21	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2909.nasl - Type : ACT_GATHER_INFO
2014-04-21	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2910.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2017-11-04 09:25:48	Multiple Updates
2014-11-26 13:28:29	Multiple Updates
2014-11-21 21:21:11	First insertion

Global Informations

Type	Count
CWE ID(s)	34
Oval ID(s)	25
CPE ID(s)	168
Snort® Rule(s)	1
Nessus® Exploit(s)	88

	Related
7.8	CVE-2014-0145
7.5	CVE-2014-0222
7.5	CVE-2014-0182
7.5	CVE-2013-6399
7.5	CVE-2013-4542
7.5	CVE-2013-4541
7.5	CVE-2013-4540
7.5	CVE-2013-4539
7.5	CVE-2013-4538
7.5	CVE-2013-4537
7.5	CVE-2013-4534
7.5	CVE-2013-4533
7.5	CVE-2013-4531
7.5	CVE-2013-4530
7.5	CVE-2013-4529
7.5	CVE-2013-4527
7.5	CVE-2013-4526
7.5	CVE-2013-4151
7.5	CVE-2013-4150
7.5	CVE-2013-4149
7.5	CVE-2013-4148
7.2	CVE-2014-3689
7.2	CVE-2014-2894
7	CVE-2014-0143
6.8	CVE-2014-5263
6.8	CVE-2014-3461
5.5	CVE-2014-0146
5.5	CVE-2014-0142
5	CVE-2014-7815
4.9	CVE-2014-0150
4.9	CVE-2013-4544
4.6	CVE-2014-0223
2.1	CVE-2014-3640
2.1	CVE-2014-3615
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 34 more Alert(s)