OracleVM 3.4 : qemu-kvm (OVMSA-2017-0101)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote OracleVM host is missing a security update.

Description :

The remote OracleVM system is missing necessary patches to address
critical security updates :

- kvm-cirrus-avoid-write-only-variables.patch [bz#1444377
bz#1444379]

-
kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt
.patch

-
kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt
.patch

-
kvm-cirrus-fix-off-by-one-in-cirrus_bitblt_rop_bkwd_tran
.patch

- kvm-cirrus-fix-PUTPIXEL-macro.patch [bz#1444377
bz#1444379]

- Resolves: bz#1444377 (CVE-2017-7980 qemu-kvm: Qemu:
display: cirrus: OOB r/w access issues in bitblt
routines [rhel-6.9.z])

- Resolves: bz#1444379 (CVE-2017-7980 qemu-kvm-rhev: Qemu:
display: cirrus: OOB r/w access issues in bitblt
routines [rhel-6.9.z])

-
kvm-fix-cirrus_vga-fix-OOB-read-case-qemu-Segmentation-f
.patch

-
kvm-cirrus-vnc-zap-bitblit-support-from-console-code.pat
ch [bz#1443447 bz#1443449]

- Resolves: bz#1443447 (CVE-2017-7718 qemu-kvm: Qemu:
display: cirrus: OOB read access issue [rhel-6.9.z])

- Resolves: bz#1443449 (CVE-2017-7718 qemu-kvm-rhev: Qemu:
display: cirrus: OOB read access issue [rhel-6.9.z])

- Resolves: bz#1447544 (CVE-2016-9603 qemu-kvm-rhev: Qemu:
cirrus: heap buffer overflow via vnc connection
[rhel-6.9.z])

- Resolves: bz#1447540 (CVE-2016-9603 qemu-kvm: Qemu:
cirrus: heap buffer overflow via vnc connection
[rhel-6.9.z])

- kvm-vns-tls-don-t-use-depricated-gnutls-functions.patch
[bz#1428750]

- kvm-vnc-apply-display-size-limits.patch [bz#1400438
bz#1425943]

- Resolves: bz#1400438 (qemu-kvm coredump in
vnc_refresh_server_surface [rhel-6.9.z])

- Resolves: bz#1425943 (CVE-2017-2633 qemu-kvm-rhev: Qemu:
VNC: memory corruption due to unchecked resolution limit
[rhel-6.9.z])

- Resolves: bz#1428750 (Fails to build in brew)

See also :

https://oss.oracle.com/pipermail/oraclevm-errata/2017-May/000694.html

Solution :

Update the affected qemu-img package.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 3.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: OracleVM Local Security Checks

Nessus Plugin ID: 100115 ()

Bugtraq ID:

CVE ID: CVE-2016-9603
CVE-2017-2633
CVE-2017-7718
CVE-2017-7980

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now