Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title kvm security update
Informations
Name RHSA-2017:0454 First vendor Publication 2017-03-07
Vendor RedHat Last vendor Modification 2017-03-07
Severity (Vendor) N/A Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score 9 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An update for kvm is now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Multi OS (v. 5 client) - x86_64 Red Hat Enterprise Linux Virtualization (v. 5 server) - x86_64

3. Description:

KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc.

Security Fix(es):

* Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. (CVE-2017-2615)

* Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. (CVE-2017-2620)

Red Hat would like to thank Wjjzhang (Tencent.com Inc.) and Li Qiang (360.cn Inc.) for reporting CVE-2017-2615.

4. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Note: The procedure in the Solution section must be performed before this update will take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1418200 - CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode 1420484 - CVE-2017-2620 Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2017-0454.html

CWE : Common Weakness Enumeration

% Id Name
67 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
33 % CWE-125 Out-of-bounds Read

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 5
Application 161
Application 6
Application 17
Os 1
Os 2
Os 2
Os 2
Os 3
Os 2
Os 128

Nessus® Vulnerability Scanner

Date Description
2018-09-07 Name : The remote Debian host is missing a security update.
File : debian_DLA-1497.nasl - Type : ACT_GATHER_INFO
2018-02-07 Name : The remote Debian host is missing a security update.
File : debian_DLA-1270.nasl - Type : ACT_GATHER_INFO
2017-11-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-3084-1.nasl - Type : ACT_GATHER_INFO
2017-10-13 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0153.nasl - Type : ACT_GATHER_INFO
2017-08-30 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0142.nasl - Type : ACT_GATHER_INFO
2017-07-13 Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-0454.nasl - Type : ACT_GATHER_INFO
2017-07-13 Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-0396.nasl - Type : ACT_GATHER_INFO
2017-07-13 Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-0352.nasl - Type : ACT_GATHER_INFO
2017-07-13 Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-0309.nasl - Type : ACT_GATHER_INFO
2017-05-17 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-589.nasl - Type : ACT_GATHER_INFO
2017-05-12 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-1241-1.nasl - Type : ACT_GATHER_INFO
2017-05-04 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0096.nasl - Type : ACT_GATHER_INFO
2017-05-04 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0095.nasl - Type : ACT_GATHER_INFO
2017-05-01 Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1037.nasl - Type : ACT_GATHER_INFO
2017-05-01 Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1038.nasl - Type : ACT_GATHER_INFO
2017-05-01 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-1135-1.nasl - Type : ACT_GATHER_INFO
2017-04-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3261-1.nasl - Type : ACT_GATHER_INFO
2017-04-11 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201704-01.nasl - Type : ACT_GATHER_INFO
2017-03-30 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2017-0055.nasl - Type : ACT_GATHER_INFO
2017-03-28 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201703-07.nasl - Type : ACT_GATHER_INFO
2017-03-22 Name : The remote Fedora host is missing a security update.
File : fedora_2017-62ac1230f7.nasl - Type : ACT_GATHER_INFO
2017-03-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0718-1.nasl - Type : ACT_GATHER_INFO
2017-03-20 Name : The remote Fedora host is missing a security update.
File : fedora_2017-31b976672b.nasl - Type : ACT_GATHER_INFO
2017-03-17 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-349.nasl - Type : ACT_GATHER_INFO
2017-03-14 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-329.nasl - Type : ACT_GATHER_INFO
2017-03-13 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0661-1.nasl - Type : ACT_GATHER_INFO
2017-03-10 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0647-1.nasl - Type : ACT_GATHER_INFO
2017-03-09 Name : The remote Fedora host is missing a security update.
File : fedora_2017-1607a3a78e.nasl - Type : ACT_GATHER_INFO
2017-03-09 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-0454.nasl - Type : ACT_GATHER_INFO
2017-03-08 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170307_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2017-03-08 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0625-1.nasl - Type : ACT_GATHER_INFO
2017-03-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0454.nasl - Type : ACT_GATHER_INFO
2017-03-08 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-0454.nasl - Type : ACT_GATHER_INFO
2017-03-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-0396.nasl - Type : ACT_GATHER_INFO
2017-03-03 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170302_qemu_kvm_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-03-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0396.nasl - Type : ACT_GATHER_INFO
2017-03-03 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-0396.nasl - Type : ACT_GATHER_INFO
2017-03-03 Name : The remote host is affected by multiple vulnerabilities.
File : citrix_xenserver_CTX220771.nasl - Type : ACT_GATHER_INFO
2017-03-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-0352.nasl - Type : ACT_GATHER_INFO
2017-03-02 Name : The remote Debian host is missing a security update.
File : debian_DLA-845.nasl - Type : ACT_GATHER_INFO
2017-03-02 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-0352.nasl - Type : ACT_GATHER_INFO
2017-03-02 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2017-0047.nasl - Type : ACT_GATHER_INFO
2017-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0344.nasl - Type : ACT_GATHER_INFO
2017-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0351.nasl - Type : ACT_GATHER_INFO
2017-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0352.nasl - Type : ACT_GATHER_INFO
2017-03-02 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170301_qemu_kvm_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0350.nasl - Type : ACT_GATHER_INFO
2017-03-01 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0582-1.nasl - Type : ACT_GATHER_INFO
2017-03-01 Name : The remote Fedora host is missing a security update.
File : fedora_2017-266ab882cd.nasl - Type : ACT_GATHER_INFO
2017-03-01 Name : The remote Debian host is missing a security update.
File : debian_DLA-842.nasl - Type : ACT_GATHER_INFO
2017-02-28 Name : The remote Fedora host is missing a security update.
File : fedora_2017-d4ee7018c1.nasl - Type : ACT_GATHER_INFO
2017-02-28 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0570-1.nasl - Type : ACT_GATHER_INFO
2017-02-28 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0571-1.nasl - Type : ACT_GATHER_INFO
2017-02-27 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2017-0043.nasl - Type : ACT_GATHER_INFO
2017-02-27 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-0309.nasl - Type : ACT_GATHER_INFO
2017-02-24 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170223_qemu_kvm_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-02-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0309.nasl - Type : ACT_GATHER_INFO
2017-02-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-0309.nasl - Type : ACT_GATHER_INFO
2017-02-22 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_8cbd9c08f8b911e6ae1b002590263bf5.nasl - Type : ACT_GATHER_INFO
2017-02-21 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201702-28.nasl - Type : ACT_GATHER_INFO
2017-02-21 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201702-27.nasl - Type : ACT_GATHER_INFO
2017-02-15 Name : The remote Fedora host is missing a security update.
File : fedora_2017-cdb53b04e0.nasl - Type : ACT_GATHER_INFO
2017-02-13 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_a73aba9aeffe11e6ae1b002590263bf5.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2018-09-04 21:22:39
  • Multiple Updates
2018-07-29 09:21:23
  • Multiple Updates
2018-07-04 09:21:45
  • Multiple Updates
2017-07-14 13:24:51
  • Multiple Updates
2017-03-10 13:24:48
  • Multiple Updates
2017-03-09 13:22:49
  • Multiple Updates
2017-03-07 21:21:56
  • First insertion