Vulnerabilities > CVE-2018-20815 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qemu 3.1.0

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
qemu
CWE-119
critical
nessus

Summary

In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.

Vulnerable Configurations

Part Description Count
Application
Qemu
1

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1348-1.NASL
    descriptionThis update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionally also use CPU Microcode updates. The mitigation can be controlled via the
    last seen2020-06-01
    modified2020-06-02
    plugin id125463
    published2019-05-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125463
    titleSUSE SLES12 Security Update : xen (SUSE-SU-2019:1348-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:1348-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(125463);
      script_version("1.4");
      script_cvs_date("Date: 2020/01/15");
    
      script_cve_id("CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-20815", "CVE-2019-11091");
    
      script_name(english:"SUSE SLES12 Security Update : xen (SUSE-SU-2019:1348-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for xen fixes the following issues :
    
    Four new speculative execution information leak issues have been
    identified in Intel CPUs. (bsc#1111331)
    
    CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
    
    CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
    
    CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS)
    
    CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory
    (MDSUM)
    
    These updates contain the XEN Hypervisor adjustments, that
    additionally also use CPU Microcode updates.
    
    The mitigation can be controlled via the 'mds' commandline option, see
    the documentation.
    
    For more information on this set of vulnerabilities, check out
    https://www.suse.com/support/kb/doc/?id=7023736
    
    Other fixes: CVE-2018-20815: Fixed a heap buffer overflow while
    loading device tree blob (bsc#1130680).
    
    Added upstream bug fix (bsc#1027519).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1027519"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1111331"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1130680"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-12126/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-12127/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-12130/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-20815/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11091/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/support/kb/doc/?id=7023736"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20191348-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?62a04bd9"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-2019-1348=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-doc-html");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-kmp-default-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-tools-domU");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/05/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/28");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-debugsource-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-doc-html-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-kmp-default-4.4.4_40_k3.12.61_52.149-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-kmp-default-debuginfo-4.4.4_40_k3.12.61_52.149-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-libs-32bit-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-libs-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-libs-debuginfo-32bit-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-libs-debuginfo-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-tools-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-tools-debuginfo-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-tools-domU-4.4.4_40-22.80.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"xen-tools-domU-debuginfo-4.4.4_40-22.80.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xen");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-E9DE40D53F.NASL
    description - CVE-2019-12155: qxl: NULL pointer dereference while releasing spice resources (bz #1712727, bz #1712670) - CVE-2019-5008: NULL pointer dereference in hw/sparc64/sun4u.c leading to DoS (bz #1705916, bz #1705915) - CVE-2018-20815: device_tree: heap buffer overflow while loading device tree blob (bz #1693117, bz #1693101) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126533
    published2019-07-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126533
    titleFedora 29 : 2:qemu (2019-e9de40d53f)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2019-e9de40d53f.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126533);
      script_version("1.3");
      script_cvs_date("Date: 2020/01/08");
    
      script_cve_id("CVE-2018-20815", "CVE-2019-12155", "CVE-2019-5008");
      script_xref(name:"FEDORA", value:"2019-e9de40d53f");
    
      script_name(english:"Fedora 29 : 2:qemu (2019-e9de40d53f)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - CVE-2019-12155: qxl: NULL pointer dereference while
        releasing spice resources (bz #1712727, bz #1712670)
    
      - CVE-2019-5008: NULL pointer dereference in
        hw/sparc64/sun4u.c leading to DoS (bz #1705916, bz
        #1705915)
    
      - CVE-2018-20815: device_tree: heap buffer overflow while
        loading device tree blob (bz #1693117, bz #1693101)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-e9de40d53f"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected 2:qemu package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:2:qemu");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/09");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC29", reference:"qemu-3.0.1-4.fc29", epoch:"2")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "2:qemu");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1272-1.NASL
    descriptionThis update for qemu fixes the following issues : Security issues fixed : CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature
    last seen2020-06-01
    modified2020-06-02
    plugin id125249
    published2019-05-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125249
    titleSUSE SLES12 Security Update : qemu (SUSE-SU-2019:1272-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:1272-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(125249);
      script_version("1.4");
      script_cvs_date("Date: 2020/01/15");
    
      script_cve_id("CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-20815", "CVE-2019-11091", "CVE-2019-9824");
    
      script_name(english:"SUSE SLES12 Security Update : qemu (SUSE-SU-2019:1272-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for qemu fixes the following issues :
    
    Security issues fixed :
    
    CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622)
    
    CVE-2018-20815: Fix DOS possibility in device tree processing
    (bsc#1130675)
    
    CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86
    cpu feature 'md-clear' (bsc#1111331)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1111331"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1129622"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1130675"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-12126/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-12127/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-12130/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-20815/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11091/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-9824/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20191272-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3a6cccd7"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-2019-1272=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-rbd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-guest-agent");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-kvm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-lang");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-s390");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-x86");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/05/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/17");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"qemu-block-rbd-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"qemu-block-rbd-debuginfo-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"qemu-x86-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"qemu-x86-debuginfo-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"s390x", reference:"qemu-s390-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", cpu:"s390x", reference:"qemu-s390-debuginfo-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-block-curl-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-block-curl-debuginfo-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-debugsource-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-guest-agent-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-guest-agent-debuginfo-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-lang-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-tools-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-tools-debuginfo-2.0.2-48.52.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"qemu-kvm-2.0.2-48.52.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4506.NASL
    descriptionMultiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs. In addition this update fixes a regression which could cause NBD connections to hang.
    last seen2020-06-01
    modified2020-06-02
    plugin id128180
    published2019-08-27
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128180
    titleDebian DSA-4506-1 : qemu - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4506. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128180);
      script_version("1.2");
      script_cvs_date("Date: 2019/09/24 11:01:32");
    
      script_cve_id("CVE-2018-20815", "CVE-2019-13164", "CVE-2019-14378");
      script_xref(name:"DSA", value:"4506");
    
      script_name(english:"Debian DSA-4506-1 : qemu - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple security issues were discovered in QEMU, a fast processor
    emulator, which could result in denial of service, the execution of
    arbitrary code or bypass of ACLs.
    
    In addition this update fixes a regression which could cause NBD
    connections to hang."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873012"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933741"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931351"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/source-package/qemu"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/stretch/qemu"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2019/dsa-4506"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the qemu packages.
    
    For the oldstable distribution (stretch), these problems have been
    fixed in version 1:2.8+dfsg-6+deb9u8."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/31");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/08/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/27");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"9.0", prefix:"qemu", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-block-extra", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-guest-agent", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-kvm", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-system", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-system-arm", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-system-common", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-system-mips", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-system-misc", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-system-ppc", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-system-sparc", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-system-x86", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-user", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-user-binfmt", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-user-static", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    if (deb_check(release:"9.0", prefix:"qemu-utils", reference:"1:2.8+dfsg-6+deb9u8")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1269-1.NASL
    descriptionThis update for qemu fixes the following issues : Following security issues were fixed : CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature
    last seen2020-06-01
    modified2020-06-02
    plugin id125248
    published2019-05-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125248
    titleSUSE SLES12 Security Update : qemu (SUSE-SU-2019:1269-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:1269-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(125248);
      script_version("1.4");
      script_cvs_date("Date: 2020/01/15");
    
      script_cve_id("CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-20815", "CVE-2019-11091", "CVE-2019-9824");
    
      script_name(english:"SUSE SLES12 Security Update : qemu (SUSE-SU-2019:1269-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for qemu fixes the following issues :
    
    Following security issues were fixed :
    
    CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622)
    
    CVE-2018-20815: Fix DOS possibility in device tree processing
    (bsc#1130675)
    
    CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86
    cpu feature 'md-clear' (bsc#1111331)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1111331"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1129622"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1130675"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-12126/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-12127/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-12130/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-20815/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11091/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-9824/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20191269-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?7056ce14"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch
    SUSE-SLE-SAP-12-SP1-2019-1269=1
    
    SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-SP1-2019-1269=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-rbd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-guest-agent");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-kvm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-lang");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-s390");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-x86");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/05/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/17");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"1", cpu:"x86_64", reference:"qemu-block-rbd-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", cpu:"x86_64", reference:"qemu-block-rbd-debuginfo-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", cpu:"x86_64", reference:"qemu-x86-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", cpu:"s390x", reference:"qemu-s390-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", cpu:"s390x", reference:"qemu-s390-debuginfo-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-block-curl-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-block-curl-debuginfo-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-debugsource-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-guest-agent-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-guest-agent-debuginfo-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-lang-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-tools-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-tools-debuginfo-2.3.1-33.23.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"qemu-kvm-2.3.1-33.23.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190729_QEMU_KVM_ON_SL7_X.NASL
    descriptionKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Security Fix(es) : - QEMU: device_tree: heap buffer overflow while loading device tree blob (CVE-2018-20815) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : - As newer machine remove csske feature, detection of the processor fail and machine used old version as fallback. This update make feature conditional so detection of newer cpu works properly. (BZ#1720262)
    last seen2020-03-18
    modified2019-08-12
    plugin id127728
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127728
    titleScientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20190729)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1175.NASL
    descriptionFrom Red Hat Security Advisory 2019:1175 : An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es) : * A flaw was found in the implementation of the
    last seen2020-06-01
    modified2020-06-02
    plugin id127584
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127584
    titleOracle Linux 8 : virt:rhel (ELSA-2019-1175) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1349-1.NASL
    descriptionThis update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionally also use CPU Microcode updates. The mitigation can be controlled via the
    last seen2020-06-01
    modified2020-06-02
    plugin id125464
    published2019-05-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125464
    titleSUSE SLES12 Security Update : xen (SUSE-SU-2019:1349-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1268-1.NASL
    descriptionThis update for qemu fixes the following issues : Following security issues were fixed : CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature
    last seen2020-06-01
    modified2020-06-02
    plugin id125247
    published2019-05-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125247
    titleSUSE SLES12 Security Update : qemu (SUSE-SU-2019:1268-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-14063-1.NASL
    descriptionThis update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionally also use CPU Microcode updates. The mitigation can be controlled via the
    last seen2020-06-01
    modified2020-06-02
    plugin id125472
    published2019-05-28
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125472
    titleSUSE SLES11 Security Update : xen (SUSE-SU-2019:14063-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201904-25.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201904-25 (QEMU: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id124289
    published2019-04-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124289
    titleGLSA-201904-25 : QEMU: Multiple vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2553.NASL
    descriptionAn update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es) : * A flaw was found in the implementation of the
    last seen2020-06-01
    modified2020-06-02
    plugin id128205
    published2019-08-27
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128205
    titleRHEL 7 : Virtualization Manager (RHSA-2019:2553) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3978-1.NASL
    descriptionKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12130) Brandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that memory previously stored in microarchitectural load ports of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12127) Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory previously stored in microarchitectural store buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12126) Kurtis Miller discovered that a buffer overflow existed in QEMU when loading a device tree blob. A local attacker could use this to execute arbitrary code. (CVE-2018-20815) Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur, Moritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that uncacheable memory previously stored in microarchitectural buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11091) It was discovered that a NULL pointer dereference existed in the sun4u power device implementation in QEMU. A local attacker could use this to cause a denial of service. This issue only affected Ubuntu 18.10 and Ubuntu 19.04. (CVE-2019-5008) William Bowling discovered that an information leak existed in the SLiRP networking implementation of QEMU. An attacker could use this to expose sensitive information. (CVE-2019-9824). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125137
    published2019-05-15
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125137
    titleUbuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : qemu update (USN-3978-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1274.NASL
    descriptionThis update for qemu fixes the following issues : Security issues fixed : - CVE-2019-9824: Fixed information leak in slirp (bsc#1129622). - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 hostinformation (bsc#1126455). - CVE-2019-3812: Fixed Out-of-bounds memory access and information leak in virtual monitor interface (bsc#1125721). - CVE-2018-20815: Fixed a denial of service possibility in device tree processing (bsc#1130675). Non-security issue fixed : - Backported Skylake-Server vcpu model support from qemu v2.11 (FATE#327261 bsc#1131955). - Added ability to set virtqueue size using virtqueue_size parameter (FATE#327255 bsc#1118900). This update was imported from the SUSE:SLE-12-SP3:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id124311
    published2019-04-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124311
    titleopenSUSE Security Update : qemu (openSUSE-2019-1274)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2019-1248.NASL
    descriptionA heap buffer overflow issue was found in the load_device_tree() function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potentially execute arbitrary code on a host system with privileges of the QEMU process. (CVE-2018-20815) hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver. (CVE-2019-5008) Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824) qxl: NULL pointer dereference while releasing spice resources (CVE-2019-12155)
    last seen2020-06-01
    modified2020-06-02
    plugin id126960
    published2019-07-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126960
    titleAmazon Linux 2 : qemu (ALAS-2019-1248)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1371-1.NASL
    descriptionThis update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionally also use CPU Microcode updates. The mitigation can be controlled via the
    last seen2020-06-01
    modified2020-06-02
    plugin id125540
    published2019-05-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125540
    titleSUSE SLES12 Security Update : xen (SUSE-SU-2019:1371-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1881.NASL
    descriptionAn update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Security Fix(es) : * QEMU: device_tree: heap buffer overflow while loading device tree blob (CVE-2018-20815) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * As newer machine remove csske feature, detection of the processor fail and machine used old version as fallback. This update make feature conditional so detection of newer cpu works properly. (BZ#1720262)
    last seen2020-06-01
    modified2020-06-02
    plugin id127620
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127620
    titleRHEL 7 : qemu-kvm-ma (RHSA-2019:1881)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1419.NASL
    descriptionThis update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionaly also use CPU Microcode updates. The mitigation can be controlled via the
    last seen2020-06-01
    modified2020-06-02
    plugin id125305
    published2019-05-21
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125305
    titleopenSUSE Security Update : xen (openSUSE-2019-1419) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1968.NASL
    descriptionAn update for qemu-kvm-rhev is now available for Red Hat Virtualization for Red Hat Virtualization Host 7. Red Hat Product Security has rated this update as having a Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es) : * CVE-2018-20815 QEMU: device_tree: heap buffer overflow while loading device tree blob * CVE-2019-6778 QEMU: slirp: heap buffer overflow in tcp_em This update fixes the following bug : * 1705364 RHV VM pauses when
    last seen2020-06-01
    modified2020-06-02
    plugin id127640
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127640
    titleRHEL 7 : Virtualization Manager (RHSA-2019:1968)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-14052-1.NASL
    descriptionThis update for kvm fixes the following issues : CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature
    last seen2020-06-01
    modified2020-06-02
    plugin id125284
    published2019-05-20
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125284
    titleSUSE SLES11 Security Update : kvm (SUSE-SU-2019:14052-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-52A8F5468E.NASL
    description - CVE-2019-12155: qxl: NULL pointer dereference while releasing spice resources (bz #1712727, bz #1712670) - CVE-2019-5008: NULL pointer dereference in hw/sparc64/sun4u.c leading to DoS (bz #1705916, bz #1705915) - CVE-2018-20815: device_tree: heap buffer overflow while loading device tree blob (bz #1693117, bz #1693101) - CVE-2019-9824: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (bz #1689794, bz #1678515) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126530
    published2019-07-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126530
    titleFedora 30 : 2:qemu (2019-52a8f5468e)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1175.NASL
    descriptionAn update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es) : * A flaw was found in the implementation of the
    last seen2020-05-23
    modified2019-05-14
    plugin id125041
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125041
    titleRHEL 8 : virt:rhel (RHSA-2019:1175) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1405.NASL
    descriptionThis update for qemu fixes the following issues : Security issues fixed : - CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue (bsc#1126455) - CVE-2019-3812: Fixed OOB memory access and information leak in virtual monitor interface (bsc#1125721) - CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) - Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature
    last seen2020-06-01
    modified2020-06-02
    plugin id125302
    published2019-05-21
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125302
    titleopenSUSE Security Update : qemu (openSUSE-2019-1405) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1781.NASL
    descriptionSeveral vulnerabilities were found in QEMU, a fast processor emulator : CVE-2018-11806 It was found that the SLiRP networking implementation could use a wrong size when reallocating its buffers, which can be exploited by a priviledged user on a guest to cause denial of service or possibly arbitrary code execution on the host system. CVE-2018-18849 It was found that the LSI53C895A SCSI Host Bus Adapter emulation was susceptible to an out of bounds memory access, which could be leveraged by a malicious guest user to crash the QEMU process. CVE-2018-20815 A heap buffer overflow was found in the load_device_tree function, which could be used by a malicious user to potentially execute arbitrary code with the priviledges of the QEMU process. CVE-2019-9824 William Bowling discovered that the SLiRP networking implementation did not handle some messages properly, which could be triggered to leak memory via crafted messages. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id124720
    published2019-05-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124720
    titleDebian DLA-1781-1 : qemu security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1029.NASL
    descriptionAccording to the version of the qemu packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.(CVE-2018-20815) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-03
    modified2020-01-02
    plugin id132622
    published2020-01-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132622
    titleEulerOS 2.0 SP8 : qemu (EulerOS-SA-2020-1029)

Redhat

advisories
  • bugzilla
    id1693101
    titleCVE-2018-20815 QEMU: device_tree: heap buffer overflow while loading device tree blob
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentqemu-kvm-common-ma is earlier than 10:2.12.0-18.el7_6.4
            ovaloval:com.redhat.rhsa:tst:20191881001
          • commentqemu-kvm-common-ma is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182762004
        • AND
          • commentqemu-kvm-tools-ma is earlier than 10:2.12.0-18.el7_6.4
            ovaloval:com.redhat.rhsa:tst:20191881003
          • commentqemu-kvm-tools-ma is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182762002
        • AND
          • commentqemu-kvm-ma is earlier than 10:2.12.0-18.el7_6.4
            ovaloval:com.redhat.rhsa:tst:20191881005
          • commentqemu-kvm-ma is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182762006
        • AND
          • commentqemu-img-ma is earlier than 10:2.12.0-18.el7_6.4
            ovaloval:com.redhat.rhsa:tst:20191881007
          • commentqemu-img-ma is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182762008
    rhsa
    idRHSA-2019:1881
    released2019-07-29
    severityImportant
    titleRHSA-2019:1881: qemu-kvm-ma security and bug fix update (Important)
  • rhsa
    idRHSA-2019:1667
  • rhsa
    idRHSA-2019:1723
  • rhsa
    idRHSA-2019:1743
  • rhsa
    idRHSA-2019:1968
  • rhsa
    idRHSA-2019:2507
  • rhsa
    idRHSA-2019:2553
rpms
  • SLOF-0:20171214-5.gitfa98132.module+el8.0.0+3075+09be6b65
  • hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • hivex-debugsource-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • hivex-devel-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • libguestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-bash-completion-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-benchmarking-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-benchmarking-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-debugsource-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-devel-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gfs2-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gobject-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gobject-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gobject-devel-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-inspect-icons-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-java-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-java-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-java-devel-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-javadoc-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-man-pages-ja-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-man-pages-uk-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-rescue-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-rsync-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-tools-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-tools-c-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-tools-c-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-winsupport-0:8.0-2.module+el8.0.0+3075+09be6b65
  • libguestfs-xfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libiscsi-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-debuginfo-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-debugsource-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-devel-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-utils-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-utils-debuginfo-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libssh2-0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
  • libssh2-debuginfo-0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
  • libssh2-debugsource-0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
  • libvirt-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-admin-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-admin-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-bash-completion-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-client-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-client-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-config-network-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-config-nwfilter-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-interface-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-interface-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-network-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-network-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nodedev-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nodedev-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nwfilter-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nwfilter-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-qemu-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-qemu-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-secret-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-secret-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-core-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-core-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-disk-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-disk-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-gluster-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-gluster-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-iscsi-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-iscsi-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-logical-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-logical-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-mpath-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-mpath-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-rbd-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-rbd-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-scsi-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-scsi-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-kvm-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-dbus-0:1.2.0-2.module+el8.0.0+3075+09be6b65
  • libvirt-dbus-debuginfo-0:1.2.0-2.module+el8.0.0+3075+09be6b65
  • libvirt-dbus-debugsource-0:1.2.0-2.module+el8.0.0+3075+09be6b65
  • libvirt-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-debugsource-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-devel-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-docs-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-libs-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-libs-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-lock-sanlock-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-lock-sanlock-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-nss-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-nss-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • lua-guestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • lua-guestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • nbdkit-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-bash-completion-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-basic-plugins-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-basic-plugins-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-debugsource-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-devel-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-example-plugins-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-example-plugins-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-gzip-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-gzip-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-python-common-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-python3-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-python3-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-vddk-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-vddk-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-xz-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-xz-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • netcf-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-debuginfo-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-debugsource-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-devel-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-libs-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-libs-debuginfo-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • perl-Sys-Guestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • perl-Sys-Guestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • perl-Sys-Virt-0:4.5.0-4.module+el8.0.0+3075+09be6b65
  • perl-Sys-Virt-debuginfo-0:4.5.0-4.module+el8.0.0+3075+09be6b65
  • perl-Sys-Virt-debugsource-0:4.5.0-4.module+el8.0.0+3075+09be6b65
  • perl-hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • perl-hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • python3-hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • python3-hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • python3-libguestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • python3-libguestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • python3-libvirt-0:4.5.0-1.module+el8.0.0+3075+09be6b65
  • python3-libvirt-debuginfo-0:4.5.0-1.module+el8.0.0+3075+09be6b65
  • qemu-guest-agent-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-guest-agent-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-img-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-img-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-curl-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-curl-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-gluster-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-gluster-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-iscsi-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-iscsi-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-rbd-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-rbd-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-ssh-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-ssh-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-common-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-common-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-core-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-core-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-debugsource-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • ruby-hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • ruby-hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • ruby-libguestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • ruby-libguestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • seabios-0:1.11.1-3.module+el8.0.0+3075+09be6b65
  • seabios-bin-0:1.11.1-3.module+el8.0.0+3075+09be6b65
  • seavgabios-bin-0:1.11.1-3.module+el8.0.0+3075+09be6b65
  • sgabios-1:0.20170427git-2.module+el8.0.0+3075+09be6b65
  • sgabios-bin-1:0.20170427git-2.module+el8.0.0+3075+09be6b65
  • supermin-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • supermin-debuginfo-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • supermin-debugsource-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • supermin-devel-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • virt-dib-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-dib-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-p2v-maker-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-v2v-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-v2v-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • qemu-img-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-common-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-rhev-debuginfo-10:2.12.0-18.el7_6.6
  • qemu-kvm-tools-rhev-10:2.12.0-18.el7_6.6
  • qemu-img-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-common-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-rhev-debuginfo-10:2.12.0-18.el7_6.6
  • qemu-kvm-tools-rhev-10:2.12.0-18.el7_6.6
  • qemu-img-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-common-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-rhev-debuginfo-10:2.12.0-18.el7_6.6
  • qemu-kvm-tools-rhev-10:2.12.0-18.el7_6.6
  • qemu-img-ma-10:2.12.0-18.el7_6.4
  • qemu-kvm-common-ma-10:2.12.0-18.el7_6.4
  • qemu-kvm-ma-10:2.12.0-18.el7_6.4
  • qemu-kvm-ma-debuginfo-10:2.12.0-18.el7_6.4
  • qemu-kvm-tools-ma-10:2.12.0-18.el7_6.4
  • qemu-img-rhev-10:2.12.0-18.el7_6.7
  • qemu-kvm-common-rhev-10:2.12.0-18.el7_6.7
  • qemu-kvm-rhev-10:2.12.0-18.el7_6.7
  • qemu-kvm-rhev-debuginfo-10:2.12.0-18.el7_6.7
  • qemu-kvm-tools-rhev-10:2.12.0-18.el7_6.7
  • qemu-img-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-common-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-rhev-10:2.12.0-18.el7_6.6
  • qemu-kvm-rhev-debuginfo-10:2.12.0-18.el7_6.6
  • qemu-kvm-tools-rhev-10:2.12.0-18.el7_6.6
  • qemu-img-rhev-10:2.12.0-33.el7
  • qemu-kvm-common-rhev-10:2.12.0-33.el7
  • qemu-kvm-rhev-10:2.12.0-33.el7
  • qemu-kvm-rhev-debuginfo-10:2.12.0-33.el7
  • qemu-kvm-tools-rhev-10:2.12.0-33.el7