Detections
Analytics

Alpine: multiple qemu packages: security update to 2.8.1.1-r0

critical Tenable Cloud Security Plugin ID 406784

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

 - Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an
 out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A
 privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute
 arbitrary code on host with privileges of the QEMU process. (CVE-2017-2620)

 - Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to
 cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x
 (PRO100) NIC device. (CVE-2016-9101)

 - Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local
 guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a
 large number of Txattrcreate messages with the same fid number. (CVE-2016-9102)

 - The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS
 administrators to obtain sensitive host heap memory information by reading xattribute values before
 writing to them. (CVE-2016-9103)

 - Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c
 in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU
 process crash) via a crafted offset, which triggers an out-of-bounds access. (CVE-2016-9104)

See Also

https://security.alpinelinux.org/vuln/CVE-2016-9101

https://security.alpinelinux.org/vuln/CVE-2016-9102

https://security.alpinelinux.org/vuln/CVE-2016-9103

https://security.alpinelinux.org/vuln/CVE-2016-9104

https://security.alpinelinux.org/vuln/CVE-2016-9105

https://security.alpinelinux.org/vuln/CVE-2016-9106

https://security.alpinelinux.org/vuln/CVE-2016-10155

https://security.alpinelinux.org/vuln/CVE-2017-2615

https://security.alpinelinux.org/vuln/CVE-2017-2620

https://security.alpinelinux.org/vuln/CVE-2017-5525

https://security.alpinelinux.org/vuln/CVE-2017-5552

https://security.alpinelinux.org/vuln/CVE-2017-5578

https://security.alpinelinux.org/vuln/CVE-2017-5579

https://security.alpinelinux.org/vuln/CVE-2017-5667

https://security.alpinelinux.org/vuln/CVE-2017-5856

https://security.alpinelinux.org/vuln/CVE-2017-5857

https://security.alpinelinux.org/vuln/CVE-2017-5898

https://security.alpinelinux.org/vuln/CVE-2017-5931

https://security.alpinelinux.org/vuln/CVE-2017-6505

Plugin Details

Severity: Critical

ID: 406784

Version: Revision 1.24

Type: Local

Published: 10/31/2023

Updated: 3/13/2025

Supported Sensors: Agentless Assessment

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2017-2620

CVSS v3

Risk Factor: Critical

Base Score: 9.9

Temporal Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 10/28/2016

Reference Information

CVE: CVE-2016-10155, CVE-2016-9101, CVE-2016-9102, CVE-2016-9103, CVE-2016-9104, CVE-2016-9105, CVE-2016-9106, CVE-2017-2615, CVE-2017-2620, CVE-2017-5525, CVE-2017-5552, CVE-2017-5578, CVE-2017-5579, CVE-2017-5667, CVE-2017-5856, CVE-2017-5857, CVE-2017-5898, CVE-2017-5931, CVE-2017-6505

BID: 95993, 96112, 96141, 96611, 93957, 93962, 93955, 93956, 93965, 93964, 95770, 95990, 96378, 95671, 95773, 95781, 95780, 95885, 95999