Executive Summary
Summary | |
---|---|
Title | qemu-kvm security update |
Informations | |||
---|---|---|---|
Name | DSA-2542 | First vendor Publication | 2012-09-08 |
Vendor | Debian | Last vendor Modification | 2012-09-08 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2652: The snapshot mode of Qemu (-snapshot) incorrectly handles temporary files used to store the current state, making it vulnerable to symlink attacks (including arbitrary file overwriting and guest information disclosure) due to a race condition. CVE-2012-3515: Qemu does not properly handle VT100 escape sequences when emulating certain devices with a virtual console backend. An attacker within a guest with access to the vulnerable virtual console could overwrite memory of Qemu and escalate privileges to that of the qemu process. For the stable distribution (squeeze), these problems have been fixed in version 0.12.5+dfsg-5+squeeze9. For the testing distribution (wheezy), and the unstable distribution (sid), these problems will been fixed soon. We recommend that you upgrade your qemu-kvm packages. |
Original Source
Url : http://www.debian.org/security/2012/dsa-2542 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18066 | |||
Oval ID: | oval:org.mitre.oval:def:18066 | ||
Title: | USN-1522-1 -- qemu-kvm vulnerability | ||
Description: | QEMU could be made to overwrite files as the administrator, or expose sensitive information. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1522-1 CVE-2012-2652 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18182 | |||
Oval ID: | oval:org.mitre.oval:def:18182 | ||
Title: | USN-1590-1 -- qemu-kvm vulnerability | ||
Description: | QEMU could be made to crash or run programs. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1590-1 CVE-2012-3515 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18326 | |||
Oval ID: | oval:org.mitre.oval:def:18326 | ||
Title: | DSA-2542-1 qemu-kvm - multiple | ||
Description: | Multiple vulnerabilities have been discovered in KVM, a full virtualization solution on x86 hardware. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2542-1 CVE-2012-2652 CVE-2012-3515 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19980 | |||
Oval ID: | oval:org.mitre.oval:def:19980 | ||
Title: | DSA-2545-1 qemu - multiple | ||
Description: | Multiple vulnerabilities have been discovered in QEMU, a fast processor emulator. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2545-1 CVE-2012-2652 CVE-2012-3515 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | qemu |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21145 | |||
Oval ID: | oval:org.mitre.oval:def:21145 | ||
Title: | RHSA-2012:1236: xen security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1236-00 CESA-2012:1236 CVE-2012-3515 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21464 | |||
Oval ID: | oval:org.mitre.oval:def:21464 | ||
Title: | RHSA-2012:1235: kvm security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1235-00 CESA-2012:1235 CVE-2012-3515 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21575 | |||
Oval ID: | oval:org.mitre.oval:def:21575 | ||
Title: | RHSA-2012:1234: qemu-kvm security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1234-01 CESA-2012:1234 CVE-2012-3515 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22862 | |||
Oval ID: | oval:org.mitre.oval:def:22862 | ||
Title: | ELSA-2012:1235: kvm security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1235-00 CVE-2012-3515 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22996 | |||
Oval ID: | oval:org.mitre.oval:def:22996 | ||
Title: | ELSA-2012:1236: xen security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1236-00 CVE-2012-3515 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23955 | |||
Oval ID: | oval:org.mitre.oval:def:23955 | ||
Title: | ELSA-2012:1234: qemu-kvm security update (Important) | ||
Description: | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1234-01 CVE-2012-3515 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27565 | |||
Oval ID: | oval:org.mitre.oval:def:27565 | ||
Title: | DEPRECATED: ELSA-2012-1235 -- kvm security update (important) | ||
Description: | [83-249.0.1.el5_8.5] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [83-249.el5_8.5] - kvm-console-bounds-check-whenever-changing-the-cursor-du-58.patch [bz#851255] - CVE: CVE-2012-3515 - Resolves: bz#851255 (EMBARGOED CVE-2012-3515 qemu/kvm: VT100 emulation vulnerability [rhel-5.8.z]) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1235 CVE-2012-3515 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27721 | |||
Oval ID: | oval:org.mitre.oval:def:27721 | ||
Title: | DEPRECATED: ELSA-2012-1234 -- qemu-kvm security update (important) | ||
Description: | [0.12.1.2-2.295.el6_3.2] - kvm-console-bounds-check-whenever-changing-the-cursor-du.patch [bz#851257 - Resolves: bz#851257 (EMBARGOED CVE-2012-3515 qemu/kvm: VT100 emulation vulnerability [rhel-6.3.z]) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1234 CVE-2012-3515 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27797 | |||
Oval ID: | oval:org.mitre.oval:def:27797 | ||
Title: | DEPRECATED: ELSA-2012-1236 -- xen security update (important) | ||
Description: | [3.0.3-135.el5_8.5] - console: Prevent escape sequence length overflow (rhbz 851253) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1236 CVE-2012-3515 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
2012-12-14 | Name : Fedora Update for xen FEDORA-2012-19717 File : nvt/gb_fedora_2012_19717_xen_fc17.nasl |
2012-12-13 | Name : SuSE Update for XEN openSUSE-SU-2012:1572-1 (XEN) File : nvt/gb_suse_2012_1572_1.nasl |
2012-12-13 | Name : SuSE Update for Security openSUSE-SU-2012:1174-1 (Security) File : nvt/gb_suse_2012_1174_1.nasl |
2012-12-13 | Name : SuSE Update for Security openSUSE-SU-2012:1172-1 (Security) File : nvt/gb_suse_2012_1172_1.nasl |
2012-12-13 | Name : SuSE Update for qemu openSUSE-SU-2012:1170-1 (qemu) File : nvt/gb_suse_2012_1170_1.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18242 File : nvt/gb_fedora_2012_18242_xen_fc17.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17204 File : nvt/gb_fedora_2012_17204_xen_fc17.nasl |
2012-10-22 | Name : Gentoo Security Advisory GLSA 201210-04 (ebuild) File : nvt/glsa_201210_04.nasl |
2012-10-19 | Name : Fedora Update for qemu FEDORA-2012-15606 File : nvt/gb_fedora_2012_15606_qemu_fc16.nasl |
2012-10-16 | Name : Fedora Update for qemu FEDORA-2012-15740 File : nvt/gb_fedora_2012_15740_qemu_fc17.nasl |
2012-10-03 | Name : Ubuntu Update for qemu-kvm USN-1590-1 File : nvt/gb_ubuntu_USN_1590_1.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13434 File : nvt/gb_fedora_2012_13434_xen_fc17.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2542-1 (qemu-kvm) File : nvt/deb_2542_1.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2545-1 (qemu) File : nvt/deb_2545_1.nasl |
2012-09-15 | Name : Debian Security Advisory DSA 2543-1 (xen-qemu-dm-4.0) File : nvt/deb_2543_1.nasl |
2012-09-07 | Name : RedHat Update for xen RHSA-2012:1236-01 File : nvt/gb_RHSA-2012_1236-01_xen.nasl |
2012-09-07 | Name : RedHat Update for qemu-kvm RHSA-2012:1234-01 File : nvt/gb_RHSA-2012_1234-01_qemu-kvm.nasl |
2012-09-07 | Name : CentOS Update for xen CESA-2012:1236 centos5 File : nvt/gb_CESA-2012_1236_xen_centos5.nasl |
2012-09-07 | Name : CentOS Update for kmod-kvm CESA-2012:1235 centos5 File : nvt/gb_CESA-2012_1235_kmod-kvm_centos5.nasl |
2012-09-07 | Name : CentOS Update for qemu-guest-agent CESA-2012:1234 centos6 File : nvt/gb_CESA-2012_1234_qemu-guest-agent_centos6.nasl |
2012-08-30 | Name : Fedora Update for qemu FEDORA-2012-11302 File : nvt/gb_fedora_2012_11302_qemu_fc17.nasl |
2012-08-14 | Name : Fedora Update for qemu FEDORA-2012-11305 File : nvt/gb_fedora_2012_11305_qemu_fc16.nasl |
2012-08-03 | Name : Ubuntu Update for qemu-kvm USN-1522-1 File : nvt/gb_ubuntu_USN_1522_1.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-04-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201604-03.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13405416.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0068.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0048.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0046.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0040.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0039.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1262.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1233.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1325.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-812.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-364.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-591.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-596.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-597.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-598.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-811.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-599.nasl - Type : ACT_GATHER_INFO |
2013-09-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-24.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1236.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1235.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1234.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-121.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_kvm-120831.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201209-120831.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201209-120829.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1235.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1234.nasl - Type : ACT_GATHER_INFO |
2012-10-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201210-04.nasl - Type : ACT_GATHER_INFO |
2012-10-17 | Name : The remote Fedora host is missing a security update. File : fedora_2012-15606.nasl - Type : ACT_GATHER_INFO |
2012-10-15 | Name : The remote Fedora host is missing a security update. File : fedora_2012-15740.nasl - Type : ACT_GATHER_INFO |
2012-10-03 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1590-1.nasl - Type : ACT_GATHER_INFO |
2012-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13443.nasl - Type : ACT_GATHER_INFO |
2012-09-10 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xen-201209-8268.nasl - Type : ACT_GATHER_INFO |
2012-09-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2542.nasl - Type : ACT_GATHER_INFO |
2012-09-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2543.nasl - Type : ACT_GATHER_INFO |
2012-09-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2545.nasl - Type : ACT_GATHER_INFO |
2012-09-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1234.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1236.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120905_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120905_qemu_kvm_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120905_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1236.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1235.nasl - Type : ACT_GATHER_INFO |
2012-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11305.nasl - Type : ACT_GATHER_INFO |
2012-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11302.nasl - Type : ACT_GATHER_INFO |
2012-08-03 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1522-1.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:31:20 |
|
2012-11-26 21:19:49 |
|
2012-11-24 00:24:38 |
|