Vulnerabilities > CVE-2014-0148 - Infinite Loop vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
qemu
redhat
CWE-835
nessus

Summary

Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user able to alter the Qemu disk image could ise this flaw to crash the Qemu instance resulting in DoS.

Vulnerable Configurations

Part Description Count
Application
Qemu
153
Application
Redhat
1
OS
Redhat
7

Nessus

  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20140422_QEMU_KVM_ON_SL6_X.NASL
    descriptionMultiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
    last seen2020-03-18
    modified2014-04-23
    plugin id73664
    published2014-04-23
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/73664
    titleScientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20140422)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(73664);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/25");
    
      script_cve_id("CVE-2014-0142", "CVE-2014-0143", "CVE-2014-0144", "CVE-2014-0145", "CVE-2014-0146", "CVE-2014-0147", "CVE-2014-0148", "CVE-2014-0150");
    
      script_name(english:"Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20140422)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple integer overflow, input validation, logic error, and buffer
    overflow flaws were discovered in various QEMU block drivers. An
    attacker able to modify a disk image file loaded by a guest could use
    these flaws to crash the guest, or corrupt QEMU process memory on the
    host, potentially resulting in arbitrary code execution on the host
    with the privileges of the QEMU process. (CVE-2014-0143,
    CVE-2014-0144, CVE-2014-0145, CVE-2014-0147)
    
    A buffer overflow flaw was found in the way the
    virtio_net_handle_mac() function of QEMU processed guest requests to
    update the table of MAC addresses. A privileged guest user could use
    this flaw to corrupt QEMU process memory on the host, potentially
    resulting in arbitrary code execution on the host with the privileges
    of the QEMU process. (CVE-2014-0150)
    
    A divide-by-zero flaw was found in the seek_to_sector() function of
    the parallels block driver in QEMU. An attacker able to modify a disk
    image file loaded by a guest could use this flaw to crash the guest.
    (CVE-2014-0142)
    
    A NULL pointer dereference flaw was found in the QCOW2 block driver in
    QEMU. An attacker able to modify a disk image file loaded by a guest
    could use this flaw to crash the guest. (CVE-2014-0146)
    
    It was found that the block driver for Hyper-V VHDX images did not
    correctly calculate BAT (Block Allocation Table) entries due to a
    missing bounds check. An attacker able to modify a disk image file
    loaded by a guest could use this flaw to crash the guest.
    (CVE-2014-0148)
    
    After installing this update, shut down all running virtual machines.
    Once all virtual machines have shut down, start them again for this
    update to take effect."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1404&L=scientific-linux-errata&T=0&P=2095
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?dc02b47a"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:S/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:qemu-guest-agent");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:qemu-img");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:qemu-kvm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-tools");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2014/04/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2014/04/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL6", reference:"qemu-guest-agent-0.12.1.2-2.415.el6_5.8")) flag++;
    if (rpm_check(release:"SL6", cpu:"x86_64", reference:"qemu-img-0.12.1.2-2.415.el6_5.8")) flag++;
    if (rpm_check(release:"SL6", cpu:"x86_64", reference:"qemu-kvm-0.12.1.2-2.415.el6_5.8")) flag++;
    if (rpm_check(release:"SL6", reference:"qemu-kvm-debuginfo-0.12.1.2-2.415.el6_5.8")) flag++;
    if (rpm_check(release:"SL6", cpu:"x86_64", reference:"qemu-kvm-tools-0.12.1.2-2.415.el6_5.8")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu-guest-agent / qemu-img / qemu-kvm / qemu-kvm-debuginfo / etc");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-5825.NASL
    description - Fix arm sd warnings with latest kernel (bz #1091548) - Fix regression in CVE backport that affects openstack (thanks lbezdick) - Fix guest startup crashes from autotest (bz #1081610) - Block/image format validation CVE-2014-0142 - 2014-0148 (bz #1078201, bz #1086710, bz #1079140, bz #1086724, bz #1079240, bz #1086735, bz #1078885, bz #1086720, bz #1078232, bz #1086713, bz #1078848, bz #1086717, bz #1078212, bz #1086712) - CVE-2014-0150: virtio-net: buffer overflow in virtio_net_handle_mac() function (bz #1086775, bz #1078846) - CVE-2013-4544: vmxnet3: bounds checking buffer overrun (bz #1087513, bz #1087522) - CVE-2014-2894: out of bounds buffer accesses, guest triggerable via IDE SMART (bz #1087981, bz #1087971) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-05-02
    plugin id73818
    published2014-05-02
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/73818
    titleFedora 20 : qemu-1.6.2-4.fc20 (2014-5825)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2014-5825.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(73818);
      script_version("1.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2013-4544", "CVE-2014-0142", "CVE-2014-0143", "CVE-2014-0144", "CVE-2014-0145", "CVE-2014-0146", "CVE-2014-0147", "CVE-2014-0148", "CVE-2014-0150", "CVE-2014-2894");
      script_bugtraq_id(66464, 66472, 66480, 66481, 66483, 66484, 66486, 66821, 66932, 66955);
      script_xref(name:"FEDORA", value:"2014-5825");
    
      script_name(english:"Fedora 20 : qemu-1.6.2-4.fc20 (2014-5825)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - Fix arm sd warnings with latest kernel (bz #1091548)
    
        - Fix regression in CVE backport that affects openstack
          (thanks lbezdick)
    
        - Fix guest startup crashes from autotest (bz #1081610)
    
        - Block/image format validation CVE-2014-0142 -
          2014-0148 (bz #1078201, bz #1086710, bz #1079140, bz
          #1086724, bz #1079240, bz #1086735, bz #1078885, bz
          #1086720, bz #1078232, bz #1086713, bz #1078848, bz
          #1086717, bz #1078212, bz #1086712)
    
        - CVE-2014-0150: virtio-net: buffer overflow in
          virtio_net_handle_mac() function (bz #1086775, bz
          #1078846)
    
        - CVE-2013-4544: vmxnet3: bounds checking buffer overrun
          (bz #1087513, bz #1087522)
    
        - CVE-2014-2894: out of bounds buffer accesses, guest
          triggerable via IDE SMART (bz #1087981, bz #1087971)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1078201"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1078212"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1078232"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1078846"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1078848"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1078885"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1079140"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1079240"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1087513"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1087971"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2014-May/132409.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a47d1447"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected qemu package.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:qemu");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/05/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/02");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC20", reference:"qemu-1.6.2-4.fc20")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-220.NASL
    descriptionUpdated qemu packages fix security vulnerabilities : Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host (CVE-2013-4544). Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147). A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process (CVE-2014-0150). A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest (CVE-2014-0142). A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest (CVE-2014-0146). It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest (CVE-2014-0148). An out-of-bounds memory access flaw was found in the way QEMU
    last seen2020-06-01
    modified2020-06-02
    plugin id79407
    published2014-11-23
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79407
    titleMandriva Linux Security Advisory : qemu (MDVSA-2014:220)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2014:220. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(79407);
      script_version("1.3");
      script_cvs_date("Date: 2019/08/02 13:32:56");
    
      script_cve_id("CVE-2013-4148", "CVE-2013-4149", "CVE-2013-4150", "CVE-2013-4151", "CVE-2013-4526", "CVE-2013-4527", "CVE-2013-4529", "CVE-2013-4530", "CVE-2013-4531", "CVE-2013-4533", "CVE-2013-4534", "CVE-2013-4535", "CVE-2013-4536", "CVE-2013-4537", "CVE-2013-4538", "CVE-2013-4539", "CVE-2013-4540", "CVE-2013-4541", "CVE-2013-4542", "CVE-2013-6399", "CVE-2014-0142", "CVE-2014-0143", "CVE-2014-0144", "CVE-2014-0145", "CVE-2014-0146", "CVE-2014-0147", "CVE-2014-0148", "CVE-2014-0150", "CVE-2014-0182", "CVE-2014-0222", "CVE-2014-0223", "CVE-2014-3461", "CVE-2014-3615", "CVE-2014-3640", "CVE-2014-3689", "CVE-2014-5263", "CVE-2014-7815");
      script_bugtraq_id(66464, 66472, 66480, 66481, 66483, 66484, 66486, 66821, 66976, 67357, 67391, 67392, 67394, 67483, 69247, 69654, 70237, 70997, 70998);
      script_xref(name:"MDVSA", value:"2014:220");
    
      script_name(english:"Mandriva Linux Security Advisory : qemu (MDVSA-2014:220)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated qemu packages fix security vulnerabilities :
    
    Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3
    devices. A local guest could possibly use this issue to cause a denial
    of service, or possibly execute arbitrary code on the host
    (CVE-2013-4544).
    
    Multiple integer overflow, input validation, logic error, and buffer
    overflow flaws were discovered in various QEMU block drivers. An
    attacker able to modify a disk image file loaded by a guest could use
    these flaws to crash the guest, or corrupt QEMU process memory on the
    host, potentially resulting in arbitrary code execution on the host
    with the privileges of the QEMU process (CVE-2014-0143, CVE-2014-0144,
    CVE-2014-0145, CVE-2014-0147).
    
    A buffer overflow flaw was found in the way the
    virtio_net_handle_mac() function of QEMU processed guest requests to
    update the table of MAC addresses. A privileged guest user could use
    this flaw to corrupt QEMU process memory on the host, potentially
    resulting in arbitrary code execution on the host with the privileges
    of the QEMU process (CVE-2014-0150).
    
    A divide-by-zero flaw was found in the seek_to_sector() function of
    the parallels block driver in QEMU. An attacker able to modify a disk
    image file loaded by a guest could use this flaw to crash the guest
    (CVE-2014-0142).
    
    A NULL pointer dereference flaw was found in the QCOW2 block driver in
    QEMU. An attacker able to modify a disk image file loaded by a guest
    could use this flaw to crash the guest (CVE-2014-0146).
    
    It was found that the block driver for Hyper-V VHDX images did not
    correctly calculate BAT (Block Allocation Table) entries due to a
    missing bounds check. An attacker able to modify a disk image file
    loaded by a guest could use this flaw to crash the guest
    (CVE-2014-0148).
    
    An out-of-bounds memory access flaw was found in the way QEMU's IDE
    device driver handled the execution of SMART EXECUTE OFFLINE commands.
    A privileged guest user could use this flaw to corrupt QEMU process
    memory on the host, which could potentially result in arbitrary code
    execution on the host with the privileges of the QEMU process
    (CVE-2014-2894).
    
    Two integer overflow flaws were found in the QEMU block driver for
    QCOW version 1 disk images. A user able to alter the QEMU disk image
    files loaded by a guest could use either of these flaws to corrupt
    QEMU process memory on the host, which could potentially result in
    arbitrary code execution on the host with the privileges of the QEMU
    process (CVE-2014-0222, CVE-2014-0223).
    
    Multiple buffer overflow, input validation, and out-of-bounds write
    flaws were found in the way the virtio, virtio-net, virtio-scsi, and
    usb drivers of QEMU handled state loading after migration. A user able
    to alter the savevm data (either on the disk or over the wire during
    migration) could use either of these flaws to corrupt QEMU process
    memory on the (destination) host, which could potentially result in
    arbitrary code execution on the host with the privileges of the QEMU
    process (CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536,
    CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182,
    CVE-2014-3461).
    
    An information leak flaw was found in the way QEMU's VGA emulator
    accessed frame buffer memory for high resolution displays. A
    privileged guest user could use this flaw to leak memory contents of
    the host to the guest by setting the display to use a high resolution
    in the guest (CVE-2014-3615).
    
    When guest sends udp packet with source port and source addr 0,
    uninitialized socket is picked up when looking for matching and
    already created udp sockets, and later passed to sosendto() where NULL
    pointer dereference is hit during so->slirp->vnetwork_mask.s_addr
    access Only guests using qemu user networking are affected
    (CVE-2014-3640).
    
    The Advanced Threat Research team at Intel Security reported that
    guest provided parameter were insufficiently validated in rectangle
    functions in the vmware-vga driver. A privileged guest user could use
    this flaw to write into qemu address space on the host, potentially
    escalating their privileges to those of the qemu host process
    (CVE-2014-3689).
    
    It was discovered that QEMU incorrectly handled USB xHCI controller
    live migration. An attacker could possibly use this issue to cause a
    denial of service, or possibly execute arbitrary code (CVE-2014-5263).
    
    James Spadaro of Cisco reported insufficiently sanitized
    bits_per_pixel from the client in the QEMU VNC display driver. An
    attacker having access to the guest's VNC console could use this flaw
    to crash the guest (CVE-2014-7815).
    
    Additionally qemu-1.6+ requires usbredir-0.6+ for USB redirection
    support which is also being provided with this advisory."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://advisories.mageia.org/MGASA-2014-0426.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://advisories.mageia.org/MGASA-2014-0467.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64usbredirhost-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64usbredirhost1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64usbredirparser-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64usbredirparser1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:qemu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:qemu-img");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:usbredir");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:usbredir-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/11/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64usbredirhost-devel-0.7-1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64usbredirhost1-0.7-1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64usbredirparser-devel-0.7-1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64usbredirparser1-0.7-1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"qemu-1.6.2-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"qemu-img-1.6.2-1.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"usbredir-0.7-1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"usbredir-devel-0.7-1.mbs1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0674.NASL
    descriptionUpdated rhev-hypervisor6 packages that fix multiple security issues, several bugs, and add various enhancements are now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way the virtio, virtio-net, virtio-scsi, and usb drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461) An out-of-bounds memory access flaw was found in the way QEMU
    last seen2020-06-01
    modified2020-06-02
    plugin id79029
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79029
    titleRHEL 6 : rhev-hypervisor6 3.4.0 (RHSA-2014:0674)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-0420.NASL
    descriptionUpdated qemu-kvm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) The CVE-2014-0143 issues were discovered by Kevin Wolf and Stefan Hajnoczi of Red Hat, the CVE-2014-0144 issues were discovered by Fam Zheng, Jeff Cody, Kevin Wolf, and Stefan Hajnoczi of Red Hat, the CVE-2014-0145 issues were discovered by Stefan Hajnoczi of Red Hat, the CVE-2014-0150 issue was discovered by Michael S. Tsirkin of Red Hat, the CVE-2014-0142, CVE-2014-0146, and CVE-2014-0147 issues were discovered by Kevin Wolf of Red Hat, and the CVE-2014-0148 issue was discovered by Jeff Cody of Red Hat. All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id73656
    published2014-04-23
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/73656
    titleCentOS 6 : qemu-kvm (CESA-2014:0420)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0420.NASL
    descriptionUpdated qemu-kvm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) The CVE-2014-0143 issues were discovered by Kevin Wolf and Stefan Hajnoczi of Red Hat, the CVE-2014-0144 issues were discovered by Fam Zheng, Jeff Cody, Kevin Wolf, and Stefan Hajnoczi of Red Hat, the CVE-2014-0145 issues were discovered by Stefan Hajnoczi of Red Hat, the CVE-2014-0150 issue was discovered by Michael S. Tsirkin of Red Hat, the CVE-2014-0142, CVE-2014-0146, and CVE-2014-0147 issues were discovered by Kevin Wolf of Red Hat, and the CVE-2014-0148 issue was discovered by Jeff Cody of Red Hat. All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id73663
    published2014-04-23
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/73663
    titleRHEL 6 : qemu-kvm (RHSA-2014:0420)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-061.NASL
    descriptionUpdated qemu packages fix multiple security vulnerabilities : Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this flaw to cause a denial of service (CVE-2013-4377). Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host (CVE-2013-4544). Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147). A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process (CVE-2014-0150). A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest (CVE-2014-0142). A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest (CVE-2014-0146). It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest (CVE-2014-0148). An out-of-bounds memory access flaw was found in the way QEMU
    last seen2020-06-01
    modified2020-06-02
    plugin id81944
    published2015-03-19
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81944
    titleMandriva Linux Security Advisory : qemu (MDVSA-2015:061)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0420.NASL
    descriptionFrom Red Hat Security Advisory 2014:0420 : Updated qemu-kvm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) The CVE-2014-0143 issues were discovered by Kevin Wolf and Stefan Hajnoczi of Red Hat, the CVE-2014-0144 issues were discovered by Fam Zheng, Jeff Cody, Kevin Wolf, and Stefan Hajnoczi of Red Hat, the CVE-2014-0145 issues were discovered by Stefan Hajnoczi of Red Hat, the CVE-2014-0150 issue was discovered by Michael S. Tsirkin of Red Hat, the CVE-2014-0142, CVE-2014-0146, and CVE-2014-0147 issues were discovered by Kevin Wolf of Red Hat, and the CVE-2014-0148 issue was discovered by Jeff Cody of Red Hat. All qemu-kvm users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id73662
    published2014-04-23
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/73662
    titleOracle Linux 6 : qemu-kvm (ELSA-2014-0420)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0421.NASL
    descriptionUpdated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Virtualization. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) The CVE-2014-0143 issues were discovered by Kevin Wolf and Stefan Hajnoczi of Red Hat, the CVE-2014-0144 issues were discovered by Fam Zheng, Jeff Cody, Kevin Wolf, and Stefan Hajnoczi of Red Hat, the CVE-2014-0145 issues were discovered by Stefan Hajnoczi of Red Hat, the CVE-2014-0150 issue was discovered by Michael S. Tsirkin of Red Hat, the CVE-2014-0142, CVE-2014-0146, and CVE-2014-0147 issues were discovered by Kevin Wolf of Red Hat, and the CVE-2014-0148 issue was discovered by Jeff Cody of Red Hat. All users of qemu-kvm-rhev are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id79015
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79015
    titleRHEL 6 : qemu-kvm-rhev (RHSA-2014:0421)

Redhat

rpms
  • qemu-guest-agent-2:0.12.1.2-2.415.el6_5.8
  • qemu-img-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-debuginfo-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-tools-2:0.12.1.2-2.415.el6_5.8
  • qemu-img-rhev-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-rhev-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-rhev-debuginfo-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-rhev-tools-2:0.12.1.2-2.415.el6_5.8
  • qemu-img-rhev-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-rhev-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-rhev-debuginfo-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-rhev-tools-2:0.12.1.2-2.415.el6_5.8
  • qemu-img-rhev-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-rhev-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-rhev-debuginfo-2:0.12.1.2-2.415.el6_5.8
  • qemu-kvm-rhev-tools-2:0.12.1.2-2.415.el6_5.8
  • rhev-hypervisor6-0:6.5-20140603.2.el6ev