qemu-kvm-rhev < 2.1.2-23 el7 Venom Vulnerability

High Log Correlation Engine Plugin ID 801942

Synopsis

The qemu server is vulnerable to the Venom remote code execution attack.

Description

The remote host is running a version of qemu-kvm-rhev which is vulnerable to an out-of-bounds memory access flaw, which can cause a crash or execution of arbitrary code on the host.

Solution

Upgrade to qemu-kvm-rhev 2.1.2-23.

See Also

https://rhn.redhat.com/errata/RHSA-2015-1000.html

Plugin Details

Severity: High

ID: 801942

File Name: 801942.prm

Family: Generic

Nessus ID: 83419, 83422, 83426, 83427, 83459, 83438

Risk Information

Risk Factor: High

Reference Information

CVE: CVE-2015-3456