Detections
Analytics
RHEL 6 : qemu-kvm (RHSA-2011:1531)
medium Nessus Plugin ID 64006
Language:
Synopsis
The remote Red Hat host is missing a security update.Description
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1531 advisory.- qemu: when started as root, extra groups are not dropped correctly (CVE-2011-2527)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected qemu-img, qemu-kvm and / or qemu-kvm-tools packages.See Also
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=561414
https://bugzilla.redhat.com/show_bug.cgi?id=599306
https://bugzilla.redhat.com/show_bug.cgi?id=609342
https://bugzilla.redhat.com/show_bug.cgi?id=621482
https://bugzilla.redhat.com/show_bug.cgi?id=624983
https://bugzilla.redhat.com/show_bug.cgi?id=627585
https://bugzilla.redhat.com/show_bug.cgi?id=633370
https://bugzilla.redhat.com/show_bug.cgi?id=633380
https://bugzilla.redhat.com/show_bug.cgi?id=645351
https://bugzilla.redhat.com/show_bug.cgi?id=655719
https://bugzilla.redhat.com/show_bug.cgi?id=656779
https://bugzilla.redhat.com/show_bug.cgi?id=658467
https://bugzilla.redhat.com/show_bug.cgi?id=669581
https://bugzilla.redhat.com/show_bug.cgi?id=676982
https://bugzilla.redhat.com/show_bug.cgi?id=678729
https://bugzilla.redhat.com/show_bug.cgi?id=678731
https://bugzilla.redhat.com/show_bug.cgi?id=680378
https://bugzilla.redhat.com/show_bug.cgi?id=681736
https://bugzilla.redhat.com/show_bug.cgi?id=682227
https://bugzilla.redhat.com/show_bug.cgi?id=693645
https://bugzilla.redhat.com/show_bug.cgi?id=694373
https://bugzilla.redhat.com/show_bug.cgi?id=694378
https://bugzilla.redhat.com/show_bug.cgi?id=698537
https://bugzilla.redhat.com/show_bug.cgi?id=700134
https://bugzilla.redhat.com/show_bug.cgi?id=705070
https://bugzilla.redhat.com/show_bug.cgi?id=707130
https://bugzilla.redhat.com/show_bug.cgi?id=709397
https://bugzilla.redhat.com/show_bug.cgi?id=710046
https://bugzilla.redhat.com/show_bug.cgi?id=711354
https://bugzilla.redhat.com/show_bug.cgi?id=712046
https://bugzilla.redhat.com/show_bug.cgi?id=714773
https://bugzilla.redhat.com/show_bug.cgi?id=715017
https://bugzilla.redhat.com/show_bug.cgi?id=715141
https://bugzilla.redhat.com/show_bug.cgi?id=715582
https://bugzilla.redhat.com/show_bug.cgi?id=717958
https://bugzilla.redhat.com/show_bug.cgi?id=718664
https://bugzilla.redhat.com/show_bug.cgi?id=720237
https://bugzilla.redhat.com/show_bug.cgi?id=720773
https://bugzilla.redhat.com/show_bug.cgi?id=720979
https://bugzilla.redhat.com/show_bug.cgi?id=722728
https://bugzilla.redhat.com/show_bug.cgi?id=723270
https://bugzilla.redhat.com/show_bug.cgi?id=723858
https://bugzilla.redhat.com/show_bug.cgi?id=723863
https://bugzilla.redhat.com/show_bug.cgi?id=723864
https://bugzilla.redhat.com/show_bug.cgi?id=723870
https://bugzilla.redhat.com/show_bug.cgi?id=725565
https://bugzilla.redhat.com/show_bug.cgi?id=725625
https://bugzilla.redhat.com/show_bug.cgi?id=725965
https://bugzilla.redhat.com/show_bug.cgi?id=726014
https://bugzilla.redhat.com/show_bug.cgi?id=726015
https://bugzilla.redhat.com/show_bug.cgi?id=726020
https://bugzilla.redhat.com/show_bug.cgi?id=726023
https://bugzilla.redhat.com/show_bug.cgi?id=728120
https://bugzilla.redhat.com/show_bug.cgi?id=728464
https://bugzilla.redhat.com/show_bug.cgi?id=729104
https://bugzilla.redhat.com/show_bug.cgi?id=729572
https://bugzilla.redhat.com/show_bug.cgi?id=729621
https://bugzilla.redhat.com/show_bug.cgi?id=729869
https://bugzilla.redhat.com/show_bug.cgi?id=729969
https://bugzilla.redhat.com/show_bug.cgi?id=731759
https://bugzilla.redhat.com/show_bug.cgi?id=732949
https://bugzilla.redhat.com/show_bug.cgi?id=733010
https://bugzilla.redhat.com/show_bug.cgi?id=733993
https://bugzilla.redhat.com/show_bug.cgi?id=734860
https://bugzilla.redhat.com/show_bug.cgi?id=734995
https://bugzilla.redhat.com/show_bug.cgi?id=735716
https://bugzilla.redhat.com/show_bug.cgi?id=736975
https://bugzilla.redhat.com/show_bug.cgi?id=737921
https://bugzilla.redhat.com/show_bug.cgi?id=738487
https://bugzilla.redhat.com/show_bug.cgi?id=738555
https://bugzilla.redhat.com/show_bug.cgi?id=739480
https://bugzilla.redhat.com/show_bug.cgi?id=740547
https://bugzilla.redhat.com/show_bug.cgi?id=741878
https://bugzilla.redhat.com/show_bug.cgi?id=742401
https://bugzilla.redhat.com/show_bug.cgi?id=742458
https://bugzilla.redhat.com/show_bug.cgi?id=742469
https://bugzilla.redhat.com/show_bug.cgi?id=742476
https://bugzilla.redhat.com/show_bug.cgi?id=742480
https://bugzilla.redhat.com/show_bug.cgi?id=742484
https://bugzilla.redhat.com/show_bug.cgi?id=743269
https://bugzilla.redhat.com/show_bug.cgi?id=743342
https://bugzilla.redhat.com/show_bug.cgi?id=743391
https://bugzilla.redhat.com/show_bug.cgi?id=744518
https://bugzilla.redhat.com/show_bug.cgi?id=744780
http://www.nessus.org/u?06f690f6
Plugin Details
Severity: Medium
ID: 64006
File Name: redhat-RHSA-2011-1531.nasl
Version: 1.18
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 1/24/2013
Updated: 4/27/2024
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.1
CVSS v2
Risk Factor: Low
Base Score: 2.1
Temporal Score: 1.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2011-2527
CVSS v3
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 5.6
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:qemu-img, p-cpe:/a:redhat:enterprise_linux:qemu-kvm, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools, cpe:/o:redhat:enterprise_linux:6
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 12/6/2011
Vulnerability Publication Date: 6/21/2012
Reference Information
CVE: CVE-2011-2527
BID: 48659
RHSA: 2011:1531