An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
https://access.redhat.com/errata/RHSA-2020:0669
https://access.redhat.com/errata/RHSA-2020:0730
https://access.redhat.com/errata/RHSA-2020:0731
https://access.redhat.com/errata/RHSA-2020:0773
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1711
https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html
https://lists.gnu.org/archive/html/qemu-devel/2020-01/msg05535.html
https://security.gentoo.org/glsa/202005-02
Source: MITRE
Published: 2020-02-11
Updated: 2020-09-13
Type: CWE-787
Base Score: 6
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 6.8
Severity: MEDIUM
Base Score: 6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
Impact Score: 3.7
Exploitability Score: 1.8
Severity: MEDIUM
OR
OR
cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:13.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
147700 | EulerOS : qemu (EulerOS-SA-2021-1667) | Nessus | Huawei Local Security Checks | medium |
147523 | EulerOS : qemu (EulerOS-SA-2021-1632) | Nessus | Huawei Local Security Checks | medium |
145992 | CentOS 8 : virt:rhel (CESA-2020:1358) | Nessus | CentOS Local Security Checks | medium |
140541 | Debian DLA-2373-1 : qemu security update | Nessus | Debian Local Security Checks | medium |
135664 | Oracle Linux 8 : virt:ol (ELSA-2020-1358) | Nessus | Oracle Linux Local Security Checks | medium |
139382 | RHEL 8 : virt:rhel (RHSA-2020:1358) | Nessus | Red Hat Local Security Checks | medium |
137586 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1538-1) | Nessus | SuSE Local Security Checks | medium |
137581 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1526-1) | Nessus | SuSE Local Security Checks | medium |
137579 | SUSE SLES15 Security Update : qemu (SUSE-SU-2020:1523-1) | Nessus | SuSE Local Security Checks | medium |
137577 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1514-1) | Nessus | SuSE Local Security Checks | medium |
137549 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1501-1) | Nessus | SuSE Local Security Checks | medium |
137306 | RHEL 8 : virt:rhel (RHSA-2020:2472) | Nessus | Red Hat Local Security Checks | medium |
136539 | GLSA-202005-02 : QEMU: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | medium |
135774 | RHEL 7 : qemu-kvm-ma (RHSA-2020:1505) | Nessus | Red Hat Local Security Checks | medium |
135265 | openSUSE Security Update : qemu (openSUSE-2020-468) | Nessus | SuSE Local Security Checks | medium |
135249 | RHEL 7 : qemu-kvm-ma (RHSA-2020:1352) | Nessus | Red Hat Local Security Checks | medium |
135176 | RHEL 7 : qemu-kvm-rhev (RHSA-2020:1296) | Nessus | Red Hat Local Security Checks | medium |
135173 | RHEL 7 : qemu-kvm-rhev (RHSA-2020:1300) | Nessus | Red Hat Local Security Checks | medium |
135169 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:0845-1) | Nessus | SuSE Local Security Checks | medium |
135168 | SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:0844-1) | Nessus | SuSE Local Security Checks | medium |
135051 | RHEL 7 : qemu-kvm-ma (RHSA-2020:1150) | Nessus | Red Hat Local Security Checks | medium |
135033 | RHEL 7 : qemu-kvm-rhev (RHSA-2020:1216) | Nessus | Red Hat Local Security Checks | medium |
134898 | Amazon Linux 2 : qemu (ALAS-2020-1407) | Nessus | Amazon Linux Local Security Checks | medium |
134631 | Debian DLA-2144-1 : qemu security update | Nessus | Debian Local Security Checks | medium |
134344 | RHEL 7 : Virtualization Manager (RHSA-2020:0730) | Nessus | Red Hat Local Security Checks | medium |
134272 | RHEL 8 : virt:8.1 and virt-devel:8.1 (RHSA-2020:0731) | Nessus | Red Hat Local Security Checks | medium |
134264 | RHEL 7 : qemu-kvm-ma (RHSA-2020:0669) | Nessus | Red Hat Local Security Checks | medium |
133796 | Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : QEMU vulnerabilities (USN-4283-1) | Nessus | Ubuntu Local Security Checks | medium |
133419 | Debian DSA-4616-1 : qemu - security update | Nessus | Debian Local Security Checks | medium |