Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-2560-1:73BB2
HistoryFeb 18, 2021 - 4:57 p.m.

[SECURITY] [DLA 2560-1] qemu security update

2021-02-1816:57:32
lists.debian.org
51
qemu
debian
vulnerabilities
denial-of-service
information leak
arbitrary code
host
cve
package
update
security tracker
lts
advisory

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

8.5

Confidence

Low

EPSS

0.003

Percentile

66.1%

JSON

Debian LTS Advisory DLA-2560-1 [email protected]
https://www.debian.org/lts/security/ Sylvain Beucler
February 18, 2021 https://wiki.debian.org/LTS

Package : qemu
Version : 1:2.8+dfsg-6+deb9u13
CVE ID : CVE-2020-15469 CVE-2020-15859 CVE-2020-25084 CVE-2020-28916
CVE-2020-29130 CVE-2020-29443 CVE-2021-20181 CVE-2021-20221
Debian Bug : 970253 965978 970539 974687 976388

Several vulnerabilities were discovered in QEMU, a fast processor
emulator (notably used in KVM and Xen HVM virtualization). An attacker
could trigger a denial-of-service (DoS), information leak, and
possibly execute arbitrary code with the privileges of the QEMU
process on the host.

CVE-2020-15469

A MemoryRegionOps object may lack read/write callback methods,
leading to a NULL pointer dereference.

CVE-2020-15859

QEMU has a use-after-free in hw/net/e1000e_core.c because a guest
OS user can trigger an e1000e packet with the data's address set
to the e1000e's MMIO address.

CVE-2020-25084

QEMU has a use-after-free in hw/usb/hcd-xhci.c because the
usb_packet_map return value is not checked.

CVE-2020-28916

hw/net/e1000e_core.c has an infinite loop via an RX descriptor
with a NULL buffer address.

CVE-2020-29130

slirp.c has a buffer over-read because it tries to read a certain
amount of header data even if that exceeds the total packet
length.

CVE-2020-29443

ide_atapi_cmd_reply_end in hw/ide/atapi.c allows out-of-bounds
read access because a buffer index is not validated.

CVE-2021-20181

9pfs: ZDI-CAN-10904: QEMU Plan 9 file system TOCTOU privilege
escalation vulnerability.

CVE-2021-20221

aarch64: GIC: out-of-bound heap buffer access via an interrupt ID
field.

For Debian 9 stretch, these problems have been fixed in version
1:2.8+dfsg-6+deb9u13.

We recommend that you upgrade your qemu packages.

For the detailed security status of qemu please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/qemu

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature

OSVersionArchitecturePackageVersionFilename
Debian9armelqemu-guest-agent< 1:2.8+dfsg-6+deb9u13qemu-guest-agent_1:2.8+dfsg-6+deb9u13_armel.deb
Debian9amd64qemu-system-common< 1:2.8+dfsg-6+deb9u13qemu-system-common_1:2.8+dfsg-6+deb9u13_amd64.deb
Debian9armhfqemu-user-static< 1:2.8+dfsg-6+deb9u13qemu-user-static_1:2.8+dfsg-6+deb9u13_armhf.deb
Debian9i386qemu< 1:2.8+dfsg-6+deb9u13qemu_1:2.8+dfsg-6+deb9u13_i386.deb
Debian9i386qemu-system-arm< 1:2.8+dfsg-6+deb9u13qemu-system-arm_1:2.8+dfsg-6+deb9u13_i386.deb
Debian9i386qemu-system-misc< 1:2.8+dfsg-6+deb9u13qemu-system-misc_1:2.8+dfsg-6+deb9u13_i386.deb
Debian9armhfqemu-system-arm< 1:2.8+dfsg-6+deb9u13qemu-system-arm_1:2.8+dfsg-6+deb9u13_armhf.deb
Debian9armelqemu< 1:2.8+dfsg-6+deb9u13qemu_1:2.8+dfsg-6+deb9u13_armel.deb
Debian10amd64qemu-system-common< 1:3.1+dfsg-8+deb10u9qemu-system-common_1:3.1+dfsg-8+deb10u9_amd64.deb
Debian9amd64qemu-utils< 1:2.8+dfsg-6+deb9u13qemu-utils_1:2.8+dfsg-6+deb9u13_amd64.deb
Rows per page:
1-10 of 1461

Related

openvas 33
nessus 51
osv 13
ubuntu 1
oraclelinux 5
suse 3
cvelist 8
redhatcve 9
ubuntucve 8
debiancve 8
veracode 8
prion 8
nvd 8
redhat 5
f5 2
zdi 1
alpinelinux 8
cve 8
cbl_mariner 4
centos 1
rocky 1
almalinux 1
amazon 1
fedora 2
debian 1
archlinux 1
openvas
openvas
Debian: Security Advisory (DLA-2560-1)
2021-02-19 00:00:00
Ubuntu: Security Advisory (USN-4725-1)
2021-02-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1242-1)
2021-04-19 00:00:00
nessus
nessus
Debian DLA-2560-1 : qemu security update
2021-02-19 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-4725-1)
2021-02-08 00:00:00
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1242-1)
2021-04-19 00:00:00
osv
osv
qemu - security update
2021-02-16 00:00:00
qemu vulnerabilities
2021-02-08 13:12:32
CVE-2020-15859
2020-07-21 16:15:11
ubuntu
ubuntu
QEMU vulnerabilities
2021-02-08 00:00:00
oraclelinux
oraclelinux
qemu security update
2021-06-06 00:00:00
qemu-kvm security update
2021-06-09 00:00:00
qemu security update
2021-03-12 00:00:00
suse
suse
Security update for qemu (important)
2021-03-01 00:00:00
Security update for qemu (important)
2021-04-23 00:00:00
Security update for slirp4netns (moderate)
2022-03-24 00:00:00
cvelist
cvelist
CVE-2020-25084
2020-09-25 04:06:51
CVE-2020-28916
2020-12-04 06:22:37
CVE-2021-20221
2021-05-13 15:34:48
redhatcve
redhatcve
CVE-2020-28916
2020-12-01 09:30:25
CVE-2020-15859
2020-07-21 11:37:57
CVE-2020-25084
2020-09-16 18:30:07
ubuntucve
ubuntucve
CVE-2020-28916
2020-12-04 00:00:00
CVE-2020-15469
2020-07-02 00:00:00
CVE-2020-25084
2020-09-25 00:00:00
debiancve
debiancve
CVE-2020-15859
2020-07-21 16:15:11
CVE-2020-28916
2020-12-04 07:15:10
CVE-2021-20181
2021-05-13 16:15:07
veracode
veracode
Denial Of Service (DoS)
2021-02-19 03:00:38
Denial Of Service (DoS)
2021-02-10 00:57:31
Use-After-Free
2020-12-06 02:17:48
prion
prion
Null pointer dereference
2020-12-04 07:15:00
Design/Logic Flaw
2020-07-21 16:15:00
Design/Logic Flaw
2021-01-26 18:15:00
nvd
nvd
CVE-2020-15469
2020-07-02 20:15:11
CVE-2020-29443
2021-01-26 18:15:51
CVE-2020-28916
2020-12-04 07:15:10
redhat
redhat
(RHSA-2021:2529) Moderate: qemu-kvm-rhev security update
2021-06-23 13:49:16
(RHSA-2021:2322) Moderate: qemu-kvm security update
2021-06-08 18:00:49
(RHSA-2021:1125) Low: virt:8.3 and virt-devel:8.3 security and bug fix update
2021-04-07 07:37:40
f5
f5
K41301038 : QEMU vulnerability CVE-2020-25084
2020-12-15 00:00:00
K69488451 : Multiple QEMU vulnerabilities CVE-2020-13791, CVE-2020-13800, CVE-2020-15469, CVE-2020-15859, and CVE-2020-15863
2020-08-03 00:00:00
zdi
zdi
QEMU Plan 9 File System Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
2021-02-10 00:00:00
alpinelinux
alpinelinux
CVE-2020-25084
2020-09-25 05:15:12
CVE-2021-20221
2021-05-13 16:15:07
CVE-2020-29443
2021-01-26 18:15:51
cve
cve
CVE-2020-29443
2021-01-26 18:15:51
CVE-2020-25084
2020-09-25 05:15:12
CVE-2020-28916
2020-12-04 07:15:10
cbl_mariner
cbl_mariner
CVE-2020-15469 affecting package qemu-kvm 4.2.0-48
2020-11-30 19:31:04
CVE-2020-15859 affecting package qemu-kvm 4.2.0-48
2020-11-30 19:31:04
CVE-2021-20221 affecting package qemu-kvm 4.2.0-48
2021-07-08 21:56:54
centos
centos
qemu security update
2021-06-14 18:42:09
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-05-18 06:02:26
almalinux
almalinux
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-05-18 06:02:26
amazon
amazon
Medium: qemu
2021-06-16 20:37:00
fedora
fedora
[SECURITY] Fedora 33 Update: libslirp-4.3.1-3.fc33
2020-12-13 02:10:05
[SECURITY] Fedora 32 Update: libslirp-4.3.1-3.fc32
2020-12-13 02:35:41
debian
debian
[SECURITY] [DLA 3099-1] qemu security update
2022-09-05 03:28:05
archlinux
archlinux
[ASA-202012-7] libslirp: information disclosure
2020-12-05 00:00:00

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

8.5

Confidence

Low

EPSS

0.003

Percentile

66.1%

JSON
Related for DEBIAN:DLA-2560-1:73BB2
openvas33nessus51osv13ubuntu1oraclelinux5suse3cvelist8redhatcve9ubuntucve8debiancve8veracode8prion8nvd8redhat5f52zdi1alpinelinux8cve8cbl_mariner4centos1rocky1almalinux1amazon1fedora2debian1archlinux1