openSUSE Security Update : qemu (openSUSE-2020-468)

medium Nessus Plugin ID 135265

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for qemu fixes the following issues :

- CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1161066).

- CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation (bsc#1166379).

- CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine which could have allowed a remote denial of service or arbitrary code with privileges of the QEMU process on the host (bsc#1166240).

- CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating the identification protocol and copying message data to a socket buffer (bsc#1123156).

- CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1163018).

- CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to exhaustion of the host memory leading to a potential Denial of service (bsc#1165776).

- Fixed a live migration error (bsc#1154790).

- Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729).

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Solution

Update the affected qemu packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1123156

https://bugzilla.opensuse.org/show_bug.cgi?id=1154790

https://bugzilla.opensuse.org/show_bug.cgi?id=1161066

https://bugzilla.opensuse.org/show_bug.cgi?id=1162729

https://bugzilla.opensuse.org/show_bug.cgi?id=1163018

https://bugzilla.opensuse.org/show_bug.cgi?id=1165776

https://bugzilla.opensuse.org/show_bug.cgi?id=1166240

https://bugzilla.opensuse.org/show_bug.cgi?id=1166379

Plugin Details

Severity: Medium

ID: 135265

File Name: openSUSE-2020-468.nasl

Version: 1.3

Type: local

Agent: unix

Published: 4/7/2020

Updated: 7/21/2020

Dependencies: ssh_get_info.nasl

Risk Information

CVSS Score Source: CVE-2020-8608

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:o:novell:opensuse:15.1:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-arm:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-arm-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-curl:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-curl-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-rbd:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-rbd-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-debugsource:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-extra:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-extra-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-guest-agent:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-guest-agent-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ipxe:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-kvm:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-lang:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-linux-user:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-linux-user-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-linux-user-debugsource:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ppc:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ppc-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-s390:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-s390-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-seabios:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-sgabios:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-tools:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-tools-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-vgabios:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-x86:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-x86-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-dmg:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-dmg-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-iscsi:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-iscsi-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-ssh:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-ssh-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ksm:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-gluster:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-gluster-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-audio-alsa:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-audio-alsa-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-audio-oss:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-audio-oss-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-audio-pa:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-audio-pa-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-audio-sdl:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-audio-sdl-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-nfs:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-block-nfs-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ui-curses:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ui-curses-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ui-gtk:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ui-gtk-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ui-sdl:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:qemu-ui-sdl-debuginfo:*:*:*:*:*:*:*

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 4/6/2020

Vulnerability Publication Date: 3/21/2019

Reference Information

CVE: CVE-2019-6778, CVE-2020-7039, CVE-2020-1711, CVE-2020-8608, CVE-2019-20382, CVE-2019-15034