Executive Summary
Summary | |
---|---|
Title | New qemu packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1799 | First vendor Publication | 2009-05-11 |
Vendor | Debian | Last vendor Modification | 2009-05-11 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in the QEMU processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0928 Ian Jackson discovered that range checks of file operations on emulated disk devices were insufficiently enforced. CVE-2008-1945 It was discovered that an error in the format auto detection of removable media could lead to the disclosure of files in the host system. CVE-2008-4539 A buffer overflow has been found in the emulation of the Cirrus graphics adaptor. For the old stable distribution (etch), these problems have been fixed in version 0.8.2-4etch3. For the stable distribution (lenny), these problems have been fixed in version 0.9.1-10lenny1. For the unstable distribution (sid), these problems have been fixed in version 0.9.1+svn20081101-1. We recommend that you upgrade your qemu packages. |
Original Source
Url : http://www.debian.org/security/2009/dsa-1799 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:7873 | |||
Oval ID: | oval:org.mitre.oval:def:7873 | ||
Title: | DSA-1799 qemu -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the QEMU processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems: Ian Jackson discovered that range checks of file operations on emulated disk devices were insufficiently enforced. It was discovered that an error in the format auto detection of removable media could lead to the disclosure of files in the host system. A buffer overflow has been found in the emulation of the Cirrus graphics adaptor. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1799 CVE-2008-0928 CVE-2008-4539 CVE-2008-1945 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | qemu |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9706 | |||
Oval ID: | oval:org.mitre.oval:def:9706 | ||
Title: | Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. | ||
Description: | Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0928 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9905 | |||
Oval ID: | oval:org.mitre.oval:def:9905 | ||
Title: | QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004. | ||
Description: | QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1945 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : Mandrake Security Advisory MDVSA-2009:257 (qemu) File : nvt/mdksa_2009_257.nasl |
2009-06-05 | Name : Ubuntu USN-776-2 (kvm) File : nvt/ubuntu_776_2.nasl |
2009-06-05 | Name : Ubuntu USN-774-1 (moin) File : nvt/ubuntu_774_1.nasl |
2009-06-05 | Name : Ubuntu USN-773-1 (pango1.0) File : nvt/ubuntu_773_1.nasl |
2009-06-05 | Name : Ubuntu USN-772-1 (mpfr) File : nvt/ubuntu_772_1.nasl |
2009-06-05 | Name : Ubuntu USN-771-1 (libmodplug) File : nvt/ubuntu_771_1.nasl |
2009-05-20 | Name : Ubuntu USN-776-1 (kvm) File : nvt/ubuntu_776_1.nasl |
2009-05-20 | Name : Debian Security Advisory DSA 1799-1 (qemu) File : nvt/deb_1799_1.nasl |
2009-04-09 | Name : Mandriva Update for qemu MDVSA-2008:162 (qemu) File : nvt/gb_mandriva_MDVSA_2008_162.nasl |
2009-04-06 | Name : SuSE Security Summary SUSE-SR:2009:008 File : nvt/suse_sr_2009_008.nasl |
2009-03-06 | Name : RedHat Update for xen RHSA-2008:0194-01 File : nvt/gb_RHSA-2008_0194-01_xen.nasl |
2009-03-06 | Name : RedHat Update for xen RHSA-2008:0892-01 File : nvt/gb_RHSA-2008_0892-01_xen.nasl |
2009-02-17 | Name : Fedora Update for kvm FEDORA-2008-9556 File : nvt/gb_fedora_2008_9556_kvm_fc8.nasl |
2009-02-16 | Name : Fedora Update for xen FEDORA-2008-2057 File : nvt/gb_fedora_2008_2057_xen_fc8.nasl |
2009-02-16 | Name : Fedora Update for qemu FEDORA-2008-2001 File : nvt/gb_fedora_2008_2001_qemu_fc7.nasl |
2009-02-16 | Name : Fedora Update for qemu FEDORA-2008-1995 File : nvt/gb_fedora_2008_1995_qemu_fc8.nasl |
2009-02-16 | Name : Fedora Update for kvm FEDORA-2008-1993 File : nvt/gb_fedora_2008_1993_kvm_fc8.nasl |
2009-02-16 | Name : Fedora Update for kvm FEDORA-2008-1973 File : nvt/gb_fedora_2008_1973_kvm_fc7.nasl |
2009-02-16 | Name : Fedora Update for kvm FEDORA-2008-10000 File : nvt/gb_fedora_2008_10000_kvm_fc10.nasl |
2009-02-13 | Name : Fedora Update for kvm FEDORA-2008-11727 File : nvt/gb_fedora_2008_11727_kvm_fc10.nasl |
2009-02-13 | Name : Fedora Update for kvm FEDORA-2008-11705 File : nvt/gb_fedora_2008_11705_kvm_fc9.nasl |
2009-01-20 | Name : Mandrake Security Advisory MDVSA-2009:016 (xen) File : nvt/mdksa_2009_016.nasl |
2008-11-19 | Name : FreeBSD Ports: qemu, qemu-devel File : nvt/freebsd_qemu3.nasl |
2008-09-04 | Name : FreeBSD Ports: qemu, qemu-devel File : nvt/freebsd_qemu1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
48798 | QEMU -usbdevice Option diskformat: Parameter Host OS Arbitrary File Access |
42983 | QEMU Block Device Read/Write Request Arbitrary Memory Access |
35494 | QEMU Cirrus VGA Extension cirrus_invalidate_region Function Multiple Overflows |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2007.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2003.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0892.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0194.nasl - Type : ACT_GATHER_INFO |
2012-09-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-10083.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081001_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080513_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0892.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0194.nasl - Type : ACT_GATHER_INFO |
2009-10-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-257.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_qemu-090325.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_qemu-090325.nasl - Type : ACT_GATHER_INFO |
2009-05-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-776-2.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1799.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-776-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-162.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11727.nasl - Type : ACT_GATHER_INFO |
2009-04-03 | Name : The remote openSUSE host is missing a security update. File : suse_qemu-6123.nasl - Type : ACT_GATHER_INFO |
2008-12-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-11705.nasl - Type : ACT_GATHER_INFO |
2008-11-03 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_07bb3bd2a92011dd85030211060005df.nasl - Type : ACT_GATHER_INFO |
2008-10-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0892.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0194.nasl - Type : ACT_GATHER_INFO |
2008-03-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_9cfbca7fefb711dcbe010211060005df.nasl - Type : ACT_GATHER_INFO |
2008-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2083.nasl - Type : ACT_GATHER_INFO |
2008-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2057.nasl - Type : ACT_GATHER_INFO |
2008-02-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1995.nasl - Type : ACT_GATHER_INFO |
2008-02-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1973.nasl - Type : ACT_GATHER_INFO |
2008-02-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1993.nasl - Type : ACT_GATHER_INFO |
2008-02-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2001.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:28:29 |
|