Executive Summary
Summary | |
---|---|
Title | qemu-kvm security update |
Informations | |||
---|---|---|---|
Name | RHSA-2012:1234 | First vendor Publication | 2012-09-05 |
Vendor | RedHat | Last vendor Modification | 2012-09-05 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Enterprise Linux Workstation (v. 6) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain character devices. A guest user with privileges to write to a character device that is emulated on the host using a virtual console back-end could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host. (CVE-2012-3515) This flaw did not affect the default use of KVM. Affected configurations were: * When guests were started from the command line ("/usr/libexec/qemu-kvm") without the "-nodefaults" option, and also without specifying a serial or parallel device, or a virtio-console device, that specifically does not use a virtual console (vc) back-end. (Note that Red Hat does not support invoking "qemu-kvm" from the command line without "-nodefaults" on Red Hat Enterprise Linux 6.) * Guests that were managed via libvirt, such as when using Virtual Machine Manager (virt-manager), but that have a serial or parallel device, or a virtio-console device, that uses a virtual console back-end. By default, guests managed via libvirt will not use a virtual console back-end for such devices. Red Hat would like to thank the Xen project for reporting this issue. All users of qemu-kvm should upgrade to these updated packages, which resolve this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 851252 - CVE-2012-3515 qemu: VT100 emulation vulnerability |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2012-1234.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18182 | |||
Oval ID: | oval:org.mitre.oval:def:18182 | ||
Title: | USN-1590-1 -- qemu-kvm vulnerability | ||
Description: | QEMU could be made to crash or run programs. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1590-1 CVE-2012-3515 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18326 | |||
Oval ID: | oval:org.mitre.oval:def:18326 | ||
Title: | DSA-2542-1 qemu-kvm - multiple | ||
Description: | Multiple vulnerabilities have been discovered in KVM, a full virtualization solution on x86 hardware. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2542-1 CVE-2012-2652 CVE-2012-3515 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19980 | |||
Oval ID: | oval:org.mitre.oval:def:19980 | ||
Title: | DSA-2545-1 qemu - multiple | ||
Description: | Multiple vulnerabilities have been discovered in QEMU, a fast processor emulator. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2545-1 CVE-2012-2652 CVE-2012-3515 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | qemu |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21145 | |||
Oval ID: | oval:org.mitre.oval:def:21145 | ||
Title: | RHSA-2012:1236: xen security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1236-00 CESA-2012:1236 CVE-2012-3515 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21464 | |||
Oval ID: | oval:org.mitre.oval:def:21464 | ||
Title: | RHSA-2012:1235: kvm security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1235-00 CESA-2012:1235 CVE-2012-3515 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21575 | |||
Oval ID: | oval:org.mitre.oval:def:21575 | ||
Title: | RHSA-2012:1234: qemu-kvm security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1234-01 CESA-2012:1234 CVE-2012-3515 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22862 | |||
Oval ID: | oval:org.mitre.oval:def:22862 | ||
Title: | ELSA-2012:1235: kvm security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1235-00 CVE-2012-3515 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22996 | |||
Oval ID: | oval:org.mitre.oval:def:22996 | ||
Title: | ELSA-2012:1236: xen security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1236-00 CVE-2012-3515 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23955 | |||
Oval ID: | oval:org.mitre.oval:def:23955 | ||
Title: | ELSA-2012:1234: qemu-kvm security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1234-01 CVE-2012-3515 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27565 | |||
Oval ID: | oval:org.mitre.oval:def:27565 | ||
Title: | DEPRECATED: ELSA-2012-1235 -- kvm security update (important) | ||
Description: | [83-249.0.1.el5_8.5] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [83-249.el5_8.5] - kvm-console-bounds-check-whenever-changing-the-cursor-du-58.patch [bz#851255] - CVE: CVE-2012-3515 - Resolves: bz#851255 (EMBARGOED CVE-2012-3515 qemu/kvm: VT100 emulation vulnerability [rhel-5.8.z]) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1235 CVE-2012-3515 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27721 | |||
Oval ID: | oval:org.mitre.oval:def:27721 | ||
Title: | DEPRECATED: ELSA-2012-1234 -- qemu-kvm security update (important) | ||
Description: | [0.12.1.2-2.295.el6_3.2] - kvm-console-bounds-check-whenever-changing-the-cursor-du.patch [bz#851257 - Resolves: bz#851257 (EMBARGOED CVE-2012-3515 qemu/kvm: VT100 emulation vulnerability [rhel-6.3.z]) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1234 CVE-2012-3515 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27797 | |||
Oval ID: | oval:org.mitre.oval:def:27797 | ||
Title: | DEPRECATED: ELSA-2012-1236 -- xen security update (important) | ||
Description: | [3.0.3-135.el5_8.5] - console: Prevent escape sequence length overflow (rhbz 851253) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1236 CVE-2012-3515 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
2012-12-14 | Name : Fedora Update for xen FEDORA-2012-19717 File : nvt/gb_fedora_2012_19717_xen_fc17.nasl |
2012-12-13 | Name : SuSE Update for XEN openSUSE-SU-2012:1572-1 (XEN) File : nvt/gb_suse_2012_1572_1.nasl |
2012-12-13 | Name : SuSE Update for Security openSUSE-SU-2012:1174-1 (Security) File : nvt/gb_suse_2012_1174_1.nasl |
2012-12-13 | Name : SuSE Update for Security openSUSE-SU-2012:1172-1 (Security) File : nvt/gb_suse_2012_1172_1.nasl |
2012-12-13 | Name : SuSE Update for qemu openSUSE-SU-2012:1170-1 (qemu) File : nvt/gb_suse_2012_1170_1.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18242 File : nvt/gb_fedora_2012_18242_xen_fc17.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17204 File : nvt/gb_fedora_2012_17204_xen_fc17.nasl |
2012-10-19 | Name : Fedora Update for qemu FEDORA-2012-15606 File : nvt/gb_fedora_2012_15606_qemu_fc16.nasl |
2012-10-16 | Name : Fedora Update for qemu FEDORA-2012-15740 File : nvt/gb_fedora_2012_15740_qemu_fc17.nasl |
2012-10-03 | Name : Ubuntu Update for qemu-kvm USN-1590-1 File : nvt/gb_ubuntu_USN_1590_1.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13434 File : nvt/gb_fedora_2012_13434_xen_fc17.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2545-1 (qemu) File : nvt/deb_2545_1.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2543-1 (xen-qemu-dm-4.0) File : nvt/deb_2543_1.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2542-1 (qemu-kvm) File : nvt/deb_2542_1.nasl |
2012-09-07 | Name : RedHat Update for xen RHSA-2012:1236-01 File : nvt/gb_RHSA-2012_1236-01_xen.nasl |
2012-09-07 | Name : RedHat Update for qemu-kvm RHSA-2012:1234-01 File : nvt/gb_RHSA-2012_1234-01_qemu-kvm.nasl |
2012-09-07 | Name : CentOS Update for xen CESA-2012:1236 centos5 File : nvt/gb_CESA-2012_1236_xen_centos5.nasl |
2012-09-07 | Name : CentOS Update for kmod-kvm CESA-2012:1235 centos5 File : nvt/gb_CESA-2012_1235_kmod-kvm_centos5.nasl |
2012-09-07 | Name : CentOS Update for qemu-guest-agent CESA-2012:1234 centos6 File : nvt/gb_CESA-2012_1234_qemu-guest-agent_centos6.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-04-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201604-03.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13405416.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0068.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0048.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0046.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0040.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0039.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1325.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1262.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1233.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-591.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-596.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-597.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-598.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-599.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-811.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-812.nasl - Type : ACT_GATHER_INFO |
2013-09-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-24.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1236.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1235.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1234.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-121.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201209-120829.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201209-120831.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_kvm-120831.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1234.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1235.nasl - Type : ACT_GATHER_INFO |
2012-10-17 | Name : The remote Fedora host is missing a security update. File : fedora_2012-15606.nasl - Type : ACT_GATHER_INFO |
2012-10-15 | Name : The remote Fedora host is missing a security update. File : fedora_2012-15740.nasl - Type : ACT_GATHER_INFO |
2012-10-03 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1590-1.nasl - Type : ACT_GATHER_INFO |
2012-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13443.nasl - Type : ACT_GATHER_INFO |
2012-09-10 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xen-201209-8268.nasl - Type : ACT_GATHER_INFO |
2012-09-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2545.nasl - Type : ACT_GATHER_INFO |
2012-09-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2543.nasl - Type : ACT_GATHER_INFO |
2012-09-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2542.nasl - Type : ACT_GATHER_INFO |
2012-09-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1234.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120905_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1236.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120905_qemu_kvm_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120905_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1236.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1235.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:56:18 |
|
2012-11-26 21:19:51 |
|
2012-11-24 00:24:38 |
|