Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2017-31B976672B.NASL
HistoryMar 20, 2017 - 12:00 a.m.

Fedora 25 : 2:qemu (2017-31b976672b)

2017-03-2000:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.027 Low

EPSS

Percentile

90.5%

JSON

  • CVE-2016-7907: net: imx: infinite loop (bz #1381182)

    • CVE-2017-5525: audio: memory leakage in ac97 (bz #1414110)

    • CVE-2017-5526: audio: memory leakage in es1370 (bz #1414210)

    • CVE-2016-10155 watchdog: memory leakage in i6300esb (bz #1415200)

    • CVE-2017-5552: virtio-gpu-3d: memory leakage (bz #1415283)

    • CVE-2017-5578: virtio-gpu: memory leakage (bz #1415797)

    • CVE-2017-5667: sd: sdhci OOB access during multi block transfer (bz #1417560)

    • CVE-2017-5856: scsi: megasas: memory leakage (bz #1418344)

    • CVE-2017-5857: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref (bz #1418383)

    • CVE-2017-5898: usb: integer overflow in emulated_apdu_from_guest (bz #1419700)

    • CVE-2017-5987: sd: infinite loop issue in multi block transfers (bz #1422001)

    • CVE-2017-6058: vmxnet3: OOB access when doing vlan stripping (bz #1423359)

    • CVE-2017-6505: usb: an infinite loop issue in ohci_service_ed_list (bz #1429434)

    • CVE-2017-2615: cirrus: oob access while doing bitblt copy backward (bz #1418206)

    • CVE-2017-2620: cirrus: potential arbitrary code execution (bz #1425419)

    • Fix spice GL with new mesa/libglvnd (bz #1431905)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory FEDORA-2017-31b976672b.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(97804);
  script_version("3.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/06/03");

  script_cve_id("CVE-2016-10155", "CVE-2016-7907", "CVE-2017-2615", "CVE-2017-2620", "CVE-2017-5525", "CVE-2017-5526", "CVE-2017-5552", "CVE-2017-5578", "CVE-2017-5667", "CVE-2017-5856", "CVE-2017-5857", "CVE-2017-5898", "CVE-2017-5987", "CVE-2017-6058", "CVE-2017-6505");
  script_xref(name:"FEDORA", value:"2017-31b976672b");
  script_xref(name:"IAVB", value:"2017-B-0024-S");

  script_name(english:"Fedora 25 : 2:qemu (2017-31b976672b)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - CVE-2016-7907: net: imx: infinite loop (bz #1381182)

  - CVE-2017-5525: audio: memory leakage in ac97 (bz
    #1414110)

  - CVE-2017-5526: audio: memory leakage in es1370 (bz
    #1414210)

  - CVE-2016-10155 watchdog: memory leakage in i6300esb (bz
    #1415200)

  - CVE-2017-5552: virtio-gpu-3d: memory leakage (bz
    #1415283)

  - CVE-2017-5578: virtio-gpu: memory leakage (bz #1415797)

  - CVE-2017-5667: sd: sdhci OOB access during multi block
    transfer (bz #1417560)

  - CVE-2017-5856: scsi: megasas: memory leakage (bz
    #1418344)

  - CVE-2017-5857: virtio-gpu-3d: host memory leakage in
    virgl_cmd_resource_unref (bz #1418383)

  - CVE-2017-5898: usb: integer overflow in
    emulated_apdu_from_guest (bz #1419700)

  - CVE-2017-5987: sd: infinite loop issue in multi block
    transfers (bz #1422001)

  - CVE-2017-6058: vmxnet3: OOB access when doing vlan
    stripping (bz #1423359)

  - CVE-2017-6505: usb: an infinite loop issue in
    ohci_service_ed_list (bz #1429434)

  - CVE-2017-2615: cirrus: oob access while doing bitblt
    copy backward (bz #1418206)

  - CVE-2017-2620: cirrus: potential arbitrary code
    execution (bz #1425419)

  - Fix spice GL with new mesa/libglvnd (bz #1431905)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-31b976672b"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected 2:qemu package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:2:qemu");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/03/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/03/20");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^25([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);


flag = 0;
if (rpm_check(release:"FC25", reference:"qemu-2.7.1-4.fc25", epoch:"2")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "2:qemu");
}
VendorProductVersionCPE
fedoraprojectfedora2p-cpe:/a:fedoraproject:fedora:2:qemu
fedoraprojectfedora25cpe:/o:fedoraproject:fedora:25

References

Related

fedora 4
openvas 26
nessus 39
gentoo 3
suse 11
osv 12
ubuntu 2
redhat 10
oraclelinux 2
centos 2
debian 2
ubuntucve 12
debiancve 10
cvelist 10
cve 12
prion 11
nvd 11
redhatcve 6
veracode 6
alpinelinux 7
freebsd 1
fedora
fedora
[SECURITY] Fedora 25 Update: qemu-2.7.1-4.fc25
2017-03-18 20:00:53
[SECURITY] Fedora 24 Update: qemu-2.6.2-7.fc24
2017-03-21 16:52:35
[SECURITY] Fedora 25 Update: xen-4.7.1-7.fc25
2017-02-14 21:27:38
openvas
openvas
Fedora Update for qemu FEDORA-2017-31b976672b
2017-03-19 00:00:00
Fedora Update for qemu FEDORA-2017-62ac1230f7
2017-03-22 00:00:00
openSUSE: Security Advisory for qemu (openSUSE-SU-2017:0707-1)
2017-03-17 00:00:00
nessus
nessus
Fedora 24 : 2:qemu (2017-62ac1230f7)
2017-03-22 00:00:00
GLSA-201702-28 : QEMU: Multiple vulnerabilities
2017-02-21 00:00:00
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)
2017-03-08 00:00:00
gentoo
gentoo
QEMU: Multiple vulnerabilities
2017-02-21 00:00:00
QEMU: Multiple vulnerabilities
2017-04-10 00:00:00
Xen: Multiple vulnerabilities
2017-02-21 00:00:00
suse
suse
Security update for qemu (important)
2017-03-16 18:08:06
Security update for qemu (important)
2017-03-07 18:10:16
Security update for qemu (important)
2017-05-11 15:09:39
osv
osv
qemu - security update
2017-03-01 00:00:00
qemu-kvm - security update
2017-02-28 00:00:00
CVE-2016-10155
2017-03-15 15:59:00
ubuntu
ubuntu
QEMU vulnerabilities
2017-04-20 00:00:00
QEMU vulnerabilities
2017-04-25 00:00:00
redhat
redhat
(RHSA-2017:0331) Important: qemu-kvm-rhev security update
2017-02-27 23:06:55
(RHSA-2017:0330) Important: qemu-kvm-rhev security update
2017-02-27 23:06:51
(RHSA-2017:0332) Important: qemu-kvm-rhev security update
2017-02-27 23:06:59
oraclelinux
oraclelinux
kvm security update
2017-03-07 00:00:00
qemu-kvm security and bug fix update
2017-03-02 00:00:00
centos
centos
kmod, kvm security update
2017-03-08 18:33:47
qemu security update
2017-03-03 13:27:17
debian
debian
[SECURITY] [DLA 842-1] qemu-kvm security update
2017-02-28 22:09:32
[SECURITY] [DLA 845-1] qemu security update
2017-03-01 19:51:15
ubuntucve
ubuntucve
CVE-2016-7907
2016-10-05 00:00:00
CVE-2017-5987
2017-03-20 00:00:00
CVE-2016-10155
2017-03-15 00:00:00
debiancve
debiancve
CVE-2016-7907
2016-10-05 16:59:10
CVE-2017-5987
2017-03-20 16:59:02
CVE-2017-5578
2017-03-15 15:59:00
cvelist
cvelist
CVE-2016-7907
2016-10-05 16:00:00
CVE-2016-10155
2017-03-15 15:00:00
CVE-2017-5578
2017-03-15 15:00:00
cve
cve
CVE-2016-7907
2016-10-05 16:59:10
CVE-2017-5578
2017-03-15 15:59:00
CVE-2016-10155
2017-03-15 15:59:00
prion
prion
Design/Logic Flaw
2016-10-05 16:59:00
Memory corruption
2017-03-15 15:59:00
Memory corruption
2017-03-15 15:59:00
nvd
nvd
CVE-2016-7907
2016-10-05 16:59:10
CVE-2016-10155
2017-03-15 15:59:00
CVE-2017-5667
2017-03-16 15:59:00
redhatcve
redhatcve
CVE-2016-7907
2016-10-04 08:17:34
CVE-2017-5578
2017-01-25 12:47:26
CVE-2017-5857
2017-02-02 06:47:52
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:18:10
Denial Of Service (DoS)
2020-09-21 06:32:38
Memory Leak
2020-09-21 06:18:31
alpinelinux
alpinelinux
CVE-2016-10155
2017-03-15 15:59:00
CVE-2017-5667
2017-03-16 15:59:00
CVE-2017-5525
2017-03-15 15:59:00
freebsd
freebsd
xen-tools -- oob access in cirrus bitblt copy
2017-02-10 00:00:00

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.027 Low

EPSS

Percentile

90.5%

JSON
Related for FEDORA_2017-31B976672B.NASL
fedora4openvas26nessus39gentoo3suse11osv12ubuntu2redhat10oraclelinux2centos2debian2ubuntucve12debiancve10cvelist10cve12prion11nvd11redhatcve6veracode6alpinelinux7freebsd1