Executive Summary
Summary | |
---|---|
Title | kvm security update |
Informations | |||
---|---|---|---|
Name | RHSA-2012:0051 | First vendor Publication | 2012-01-23 |
Vendor | RedHat | Last vendor Modification | 2012-01-23 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:M/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.4 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 4.4 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kvm packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Multi OS (v. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-0029) A flaw was found in the way the KVM subsystem of a Linux kernel handled PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was no virtual interrupt controller set up. A malicious user in the kvm group on the host could force this situation to occur, resulting in the host crashing. (CVE-2011-4622) Red Hat would like to thank Nicolae Mogoreanu for reporting CVE-2012-0029. All KVM users should upgrade to these updated packages, which contain backported patches to correct these issues. Note: The procedure in the Solution section must be performed before this update will take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 The following procedure must be performed before this update will take effect: 1) Stop all KVM guest virtual machines. 2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd. 3) Restart the KVM guest virtual machines. 5. Bugs fixed (http://bugzilla.redhat.com/): 769721 - CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system 772075 - CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2012-0051.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:14929 | |||
Oval ID: | oval:org.mitre.oval:def:14929 | ||
Title: | DSA-2396-1 qemu-kvm -- buffer underflow | ||
Description: | Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e network interface card of KVM, a solution for full virtualization on x86 hardware, which could result in denial of service or privilege escalation. This update also fixes a guest-triggerable memory corruption in VNC handling. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2396-1 CVE-2012-0029 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15011 | |||
Oval ID: | oval:org.mitre.oval:def:15011 | ||
Title: | USN-1339-1 -- QEMU vulnerability | ||
Description: | qemu-kvm: Machine emulator and virtualizer A remote attacker could cause QEMU to crash. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1339-1 CVE-2012-0029 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | QEMU |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15404 | |||
Oval ID: | oval:org.mitre.oval:def:15404 | ||
Title: | DSA-2404-1 xen-qemu-dm-4.0 -- buffer overflow | ||
Description: | Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e network interface card of QEMU, which is used in the xen-qemu-dm-4.0 packages. This vulnerability might enable to malicious guest systems to crash the host system or escalate their privileges. The old stable distribution does not contain the xen-qemu-dm-4.0 package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2404-1 CVE-2012-0029 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | xen-qemu-dm-4.0 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20784 | |||
Oval ID: | oval:org.mitre.oval:def:20784 | ||
Title: | RHSA-2012:0051: kvm security update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0051-01 CESA-2012:0051 CVE-2011-4622 CVE-2012-0029 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21188 | |||
Oval ID: | oval:org.mitre.oval:def:21188 | ||
Title: | RHSA-2012:0050: qemu-kvm security, bug fix, and enhancement update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0050-01 CESA-2012:0050 CVE-2012-0029 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21269 | |||
Oval ID: | oval:org.mitre.oval:def:21269 | ||
Title: | RHSA-2012:0370: xen security and bug fix update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0370-01 CVE-2012-0029 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22829 | |||
Oval ID: | oval:org.mitre.oval:def:22829 | ||
Title: | ELSA-2012:0370: xen security and bug fix update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0370-01 CVE-2012-0029 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23102 | |||
Oval ID: | oval:org.mitre.oval:def:23102 | ||
Title: | ELSA-2012:0051: kvm security update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0051-01 CVE-2011-4622 CVE-2012-0029 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23839 | |||
Oval ID: | oval:org.mitre.oval:def:23839 | ||
Title: | ELSA-2012:0050: qemu-kvm security, bug fix, and enhancement update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0050-01 CVE-2012-0029 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27856 | |||
Oval ID: | oval:org.mitre.oval:def:27856 | ||
Title: | DEPRECATED: ELSA-2012-0350 -- kernel security and bug fix update (moderate) | ||
Description: | [2.6.32-220.7.1.el6] - [netdrv] tg3: Fix single-vector MSI-X code (John Feeney) [787162 703555] - [mm] export remove_from_page_cache() to modules (Jerome Marchand) [772687 751419] - [block] cfq-iosched: fix cfq_cic_link() race confition (Vivek Goyal) [786022 765673] - [fs] cifs: lower default wsize when unix extensions are not used (Jeff Layton) [789058 773705] - [net] svcrpc: fix double-free on shutdown of nfsd after changing pool mode (J. Bruce Fields) [787580 753030] - [net] svcrpc: avoid memory-corruption on pool shutdown (J. Bruce Fields) [787580 753030] - [net] svcrpc: destroy server sockets all at once (J. Bruce Fields) [787580 753030] - [net] svcrpc: simplify svc_close_all (J. Bruce Fields) [787580 753030] - [net] svcrpc: fix list-corrupting race on nfsd shutdown (J. Bruce Fields) [787580 753030] - [fs] xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink() (Carlos Maiolino) [749161 694702] {CVE-2011-4077} - [fs] xfs: Fix memory corruption in xfs_readlink (Carlos Maiolino) [749161 694702] {CVE-2011-4077} - [x86] hpet: Disable per-cpu hpet timer if ARAT is supported (Prarit Bhargava) [772884 750201] - [x86] Improve TSC calibration using a delayed workqueue (Prarit Bhargava) [772884 750201] - [kernel] clocksource: Add clocksource_register_hz/khz interface (Prarit Bhargava) [772884 750201] - [kernel] clocksource: Provide a generic mult/shift factor calculation (Prarit Bhargava) [772884 750201] - [block] cfq-iosched: fix a kbuild regression (Vivek Goyal) [769208 705698] - [block] cfq-iosched: rethink seeky detection for SSDs (Vivek Goyal) [769208 705698] - [block] cfq-iosched: rework seeky detection (Vivek Goyal) [769208 705698] - [block] cfq-iosched: don't regard requests with long distance as close (Vivek Goyal) [769208 705698] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0350 CVE-2011-4081 CVE-2011-4347 CVE-2011-4594 CVE-2011-4611 CVE-2012-0038 CVE-2012-0045 CVE-2012-0207 CVE-2011-4077 CVE-2011-4132 CVE-2011-4622 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27871 | |||
Oval ID: | oval:org.mitre.oval:def:27871 | ||
Title: | DEPRECATED: ELSA-2012-0050 -- qemu-kvm security, bug fix, and enhancement update (important) | ||
Description: | [qemu-kvm-0.12.1.2-2.209.el6_2.4] - kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772081] - Resolves: bz#772081 (EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow [rhel-6.2.z]) [qemu-kvm-0.12.1.2-2.209.el6_2.3] - kvm-Revert-virtio-blk-refuse-SG_IO-requests-with-scsi-of.patch [for bz#767721] - kvm-virtio-blk-refuse-SG_IO-requests-with-scsi-off-v2.patch [bz#767721] - CVE: CVE-2011-4127 - Resolves: bz#767721 (qemu-kvm: virtio-blk: refuse SG_IO requests with scsi=off (CVE-2011-4127 mitigation) [rhel-6.2.z]) [qemu-kvm-0.12.1.2-2.209.el6_2.2] - kvm-virtio-blk-refuse-SG_IO-requests-with-scsi-off.patch [bz#752375] - CVE: CVE-2011-4127 - Resolves: bz#767721 (EMBARGOED qemu-kvm: virtio-blk: refuse SG_IO requests with scsi=off (CVE-2011-4127 mitigation) [rhel-6.3]) - Resolves: bz#767906 (qemu-kvm should be built with full relro and PIE support) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0050 CVE-2012-0029 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27879 | |||
Oval ID: | oval:org.mitre.oval:def:27879 | ||
Title: | DEPRECATED: ELSA-2012-0051 -- kvm security update (important) | ||
Description: | [kvm-83-239.0.1.el5_7.1] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-239.el5_7.1] - kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772079] - Resolves: bz#772079 (EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow [rhel-5.7.z]) - kvm-Fix-external-module-compat.c-not-to-use-unsupported-.patch [bz#753860] (build fix) - kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch [bz#770100] - Resolves: bz#770100 (CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system [rhel-5.7.z]) [kvm-83-239.el5_7.1] - Updated kversion to 2.6.18-274.17.1.el5 to match build root | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0051 CVE-2012-0029 CVE-2011-4622 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27905 | |||
Oval ID: | oval:org.mitre.oval:def:27905 | ||
Title: | DEPRECATED: ELSA-2012-0370 -- xen security and bug fix update (important) | ||
Description: | [3.0.3-135.el5_8.2] - Fix broken timestamp log (rhbz 797836) [3.0.3-135.el5_8.1] - qemu-dm/e1000: bounds packet size against buffer size (rhbz 786862) - Use correct expansion in xen-network-common.sh (rhbz 797191) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0370 CVE-2012-0029 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27914 | |||
Oval ID: | oval:org.mitre.oval:def:27914 | ||
Title: | ELSA-2012-2003 -- Unbreakable Enterprise kernel security and bug fix update (important) | ||
Description: | [2.6.32-300.11.1.el6uek] - [fs] xfs: Fix possible memory corruption in xfs_readlink (Carlos Maiolino) {CVE-2011-4077} - [scsi] increase qla2xxx firmware ready time-out (Joe Jin) - [scsi] qla2xxx: Module parameter to control use of async or sync port login (Joe Jin) - [net] tg3: Fix single-vector MSI-X code (Joe Jin) - [net] qlge: fix size of external list for TX address descriptors (Joe Jin) - [net] e1000e: Avoid wrong check on TX hang (Joe Jin) - crypto: ghash - Avoid null pointer dereference if no key is set (Nick Bowler) {CVE-2011-4081} - jbd/jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) {CVE-2011-4132} - KVM: Device assignment permission checks (Joe Jin) {CVE-2011-4347} - KVM: x86: Prevent starting PIT timers in the absence of irqchip support (Jan Kiszka) {CVE-2011-4622} - xfs: validate acl count (Joe Jin) {CVE-2012-0038} - KVM: x86: fix missing checks in syscall emulation (Joe Jin) {CVE-2012-0045} - KVM: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Joe Jin) {CVE-2012-0045} - igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Ben Hutchings) {CVE-2012-0207} - ipv4: correct IGMP behavior on v3 query during v2-compatibility mode (David Stevens) - fuse: fix fuse request unique id (Srinivas Eeda) [orabug 13816349] | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-2003 CVE-2011-4081 CVE-2011-4347 CVE-2012-0038 CVE-2012-0045 CVE-2012-0207 CVE-2011-4077 CVE-2011-4132 CVE-2011-4622 | Version: | 5 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | kernel-uek mlnx_en ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2389-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2389_1.nasl |
2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
2012-10-22 | Name : Gentoo Security Advisory GLSA 201210-04 (ebuild) File : nvt/glsa_201210_04.nasl |
2012-10-19 | Name : Fedora Update for qemu FEDORA-2012-15606 File : nvt/gb_fedora_2012_15606_qemu_fc16.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
2012-09-04 | Name : Fedora Update for kernel FEDORA-2012-12684 File : nvt/gb_fedora_2012_12684_kernel_fc16.nasl |
2012-08-24 | Name : Fedora Update for xen FEDORA-2012-11785 File : nvt/gb_fedora_2012_11785_xen_fc16.nasl |
2012-08-14 | Name : Fedora Update for qemu FEDORA-2012-11305 File : nvt/gb_fedora_2012_11305_qemu_fc16.nasl |
2012-08-06 | Name : Fedora Update for xen FEDORA-2012-11190 File : nvt/gb_fedora_2012_11190_xen_fc16.nasl |
2012-08-06 | Name : Fedora Update for kernel FEDORA-2012-11348 File : nvt/gb_fedora_2012_11348_kernel_fc16.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2012:0350 centos6 File : nvt/gb_CESA-2012_0350_kernel_centos6.nasl |
2012-07-30 | Name : CentOS Update for qemu-img CESA-2012:0050 centos6 File : nvt/gb_CESA-2012_0050_qemu-img_centos6.nasl |
2012-07-30 | Name : CentOS Update for kmod-kvm CESA-2012:0051 centos5 File : nvt/gb_CESA-2012_0051_kmod-kvm_centos5.nasl |
2012-07-09 | Name : RedHat Update for kernel RHSA-2012:0350-01 File : nvt/gb_RHSA-2012_0350-01_kernel.nasl |
2012-07-09 | Name : RedHat Update for qemu-kvm RHSA-2012:0050-01 File : nvt/gb_RHSA-2012_0050-01_qemu-kvm.nasl |
2012-06-28 | Name : Fedora Update for xen FEDORA-2012-9430 File : nvt/gb_fedora_2012_9430_xen_fc15.nasl |
2012-06-28 | Name : Fedora Update for xen FEDORA-2012-9399 File : nvt/gb_fedora_2012_9399_xen_fc16.nasl |
2012-06-25 | Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl |
2012-06-15 | Name : Fedora Update for kernel FEDORA-2012-8890 File : nvt/gb_fedora_2012_8890_kernel_fc16.nasl |
2012-06-08 | Name : Fedora Update for qemu FEDORA-2012-8604 File : nvt/gb_fedora_2012_8604_qemu_fc15.nasl |
2012-06-08 | Name : Fedora Update for qemu FEDORA-2012-8592 File : nvt/gb_fedora_2012_8592_qemu_fc16.nasl |
2012-05-17 | Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl |
2012-05-14 | Name : Fedora Update for kernel FEDORA-2012-7538 File : nvt/gb_fedora_2012_7538_kernel_fc16.nasl |
2012-04-26 | Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0876 File : nvt/gb_fedora_2012_0876_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3712 File : nvt/gb_fedora_2012_3712_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-3030 File : nvt/gb_fedora_2012_3030_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0145 File : nvt/gb_fedora_2012_0145_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0363 File : nvt/gb_fedora_2012_0363_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for kernel FEDORA-2012-0480 File : nvt/gb_fedora_2012_0480_kernel_fc16.nasl |
2012-04-02 | Name : Fedora Update for xen FEDORA-2012-1375 File : nvt/gb_fedora_2012_1375_xen_fc16.nasl |
2012-03-29 | Name : Fedora Update for kernel FEDORA-2012-3715 File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl |
2012-03-22 | Name : Fedora Update for kernel FEDORA-2012-4410 File : nvt/gb_fedora_2012_4410_kernel_fc16.nasl |
2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-3350 File : nvt/gb_fedora_2012_3350_kernel_fc16.nasl |
2012-03-19 | Name : Fedora Update for kernel FEDORA-2012-1497 File : nvt/gb_fedora_2012_1497_kernel_fc16.nasl |
2012-03-16 | Name : Fedora Update for kernel FEDORA-2012-3356 File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl |
2012-03-16 | Name : Ubuntu Update for linux USN-1363-1 File : nvt/gb_ubuntu_USN_1363_1.nasl |
2012-03-09 | Name : RedHat Update for xen RHSA-2012:0370-01 File : nvt/gb_RHSA-2012_0370-01_xen.nasl |
2012-03-07 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1387-1 File : nvt/gb_ubuntu_USN_1387_1.nasl |
2012-03-07 | Name : Fedora Update for kernel FEDORA-2012-2753 File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl |
2012-03-07 | Name : Ubuntu Update for linux-lts-backport-natty USN-1386-1 File : nvt/gb_ubuntu_USN_1386_1.nasl |
2012-03-07 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1384-1 File : nvt/gb_ubuntu_USN_1384_1.nasl |
2012-03-07 | Name : Ubuntu Update for linux-ec2 USN-1388-1 File : nvt/gb_ubuntu_USN_1388_1.nasl |
2012-03-07 | Name : Ubuntu Update for linux USN-1389-1 File : nvt/gb_ubuntu_USN_1389_1.nasl |
2012-02-21 | Name : Ubuntu Update for linux USN-1361-1 File : nvt/gb_ubuntu_USN_1361_1.nasl |
2012-02-21 | Name : Ubuntu Update for linux USN-1362-1 File : nvt/gb_ubuntu_USN_1362_1.nasl |
2012-02-21 | Name : Fedora Update for xen FEDORA-2012-1539 File : nvt/gb_fedora_2012_1539_xen_fc15.nasl |
2012-02-13 | Name : Fedora Update for kernel FEDORA-2012-1503 File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl |
2012-02-12 | Name : Debian Security Advisory DSA 2404-1 (xen-qemu-dm-4.0) File : nvt/deb_2404_1.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2396-1 (qemu-kvm) File : nvt/deb_2396_1.nasl |
2012-01-25 | Name : Ubuntu Update for qemu-kvm USN-1339-1 File : nvt/gb_ubuntu_USN_1339_1.nasl |
2012-01-25 | Name : Fedora Update for kernel FEDORA-2012-0861 File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl |
2012-01-16 | Name : Fedora Update for kernel FEDORA-2012-0492 File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78506 | Qemu hw/e1000.c process_tx_desc() Function DMA Request Legacy Packet Packet L... |
77985 | Linux Kernel arch/x86/kvm/i8254.c create_pit_timer() Function PIT Configuring... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-02-17 | IAVM : 2011-B-0021 - Multiple Vulnerabilities in IBM Tivoli Access Manager Severity : Category I - VMSKEY : V0026077 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-06-12 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0068.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0422.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0109.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-84.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-243.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-404.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kvm-120124.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libvirt-120208.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_qemu-120207.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-55.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-2003.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0370.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0050.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0051.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120428.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0050.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0051.nasl - Type : ACT_GATHER_INFO |
2012-10-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201210-04.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120307_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120306_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120123_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-06-08 | Name : The remote Fedora host is missing a security update. File : fedora_2012-8604.nasl - Type : ACT_GATHER_INFO |
2012-06-08 | Name : The remote Fedora host is missing a security update. File : fedora_2012-8592.nasl - Type : ACT_GATHER_INFO |
2012-03-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201202-120209.nasl - Type : ACT_GATHER_INFO |
2012-03-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201202-120210.nasl - Type : ACT_GATHER_INFO |
2012-03-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0370.nasl - Type : ACT_GATHER_INFO |
2012-03-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
2012-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0350.nasl - Type : ACT_GATHER_INFO |
2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1389-1.nasl - Type : ACT_GATHER_INFO |
2012-03-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1388-1.nasl - Type : ACT_GATHER_INFO |
2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1387-1.nasl - Type : ACT_GATHER_INFO |
2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1386-1.nasl - Type : ACT_GATHER_INFO |
2012-03-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1384-1.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1539.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1375.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1363-1.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1362-1.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1361-1.nasl - Type : ACT_GATHER_INFO |
2012-02-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2404.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2396.nasl - Type : ACT_GATHER_INFO |
2012-01-30 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_kvm-120116.nasl - Type : ACT_GATHER_INFO |
2012-01-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0051.nasl - Type : ACT_GATHER_INFO |
2012-01-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0050.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1339-1.nasl - Type : ACT_GATHER_INFO |
2012-01-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2389.nasl - Type : ACT_GATHER_INFO |
2012-01-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0492.nasl - Type : ACT_GATHER_INFO |
2012-01-09 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0145.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:55:31 |
|