CentOS 7 : qemu-kvm (CESA-2017:3368)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote CentOS host is missing one or more security updates.

Description :

An update for qemu-kvm is now available for Red Hat Enterprise Linux
7.

Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

Kernel-based Virtual Machine (KVM) is a full virtualization solution
for Linux on a variety of architectures. The qemu-kvm package provides
the user-space component for running virtual machines that use KVM.

Security Fix(es) :

* Quick Emulator (QEMU), compiled with the PC System Emulator with
multiboot feature support, is vulnerable to an OOB r/w memory access
issue. The issue could occur due to an integer overflow while loading
a kernel image during a guest boot. A user or process could use this
flaw to potentially achieve arbitrary code execution on a host.
(CVE-2017-14167)

* Quick emulator (QEMU), compiled with the Cirrus CLGD 54xx VGA
Emulator support, is vulnerable to an OOB write access issue. The
issue could occur while writing to VGA memory via mode4and5 write
functions. A privileged user inside guest could use this flaw to crash
the QEMU process resulting in Denial of Serivce (DoS).
(CVE-2017-15289)

Red Hat would like to thank Thomas Garnier (Google.com) for reporting
CVE-2017-14167 and Guoxiang Niu (Huawei.com) for reporting
CVE-2017-15289.

See also :

http://www.nessus.org/u?08787e3b

Solution :

Update the affected qemu-kvm packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.1
(CVSS2#E:U/RL:U/RC:C)
Public Exploit Available : false

Family: CentOS Local Security Checks

Nessus Plugin ID: 105057 ()

Bugtraq ID:

CVE ID: CVE-2017-14167
CVE-2017-15289

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now