Vulnerabilities > CVE-2019-8934 - Exposure of Resource to Wrong Sphere vulnerability in multiple products

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

qemu

opensuse

CWE-668

nessus

NVD

Published: 2019-03-21

Updated: 2022-04-05

Summary

hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.

Vulnerable Configurations

Part	Description	Count
Application	Qemu Qemu Qemu - Qemu Qemu 0.1 Qemu Qemu 0.1.0 Qemu Qemu 0.1.1 Qemu Qemu 0.1.2 Qemu Qemu 0.1.3 Qemu Qemu 0.1.4 Qemu Qemu 0.1.5 Qemu Qemu 0.1.6 Qemu Qemu 0.2 Qemu Qemu 0.2.0 Qemu Qemu 0.3 Qemu Qemu 0.3.0 Qemu Qemu 0.4 Qemu Qemu 0.4.0 Qemu Qemu 0.4.1 Qemu Qemu 0.4.2 Qemu Qemu 0.4.3 Qemu Qemu 0.4.4 Qemu Qemu 0.5.0 Qemu Qemu 0.5.1 Qemu Qemu 0.5.2 Qemu Qemu 0.5.3 Qemu Qemu 0.5.4 Qemu Qemu 0.5.5 Qemu Qemu 0.6.0 Qemu Qemu 0.6.1 Qemu Qemu 0.7.0 Qemu Qemu 0.7.1 Qemu Qemu 0.7.2 Qemu Qemu 0.8.0 Qemu Qemu 0.8.1 Qemu Qemu 0.8.2 Qemu Qemu 0.9.0 Qemu Qemu 0.9.1 Qemu Qemu 0.9.1-5 Qemu Qemu 0.10.0 Qemu Qemu 0.10.1 Qemu Qemu 0.10.2 Qemu Qemu 0.10.3 Qemu Qemu 0.10.4 Qemu Qemu 0.10.5 Qemu Qemu 0.10.6 Qemu Qemu 0.11.0 Qemu Qemu 0.11.0-Rc0 Qemu Qemu 0.11.0-Rc1 Qemu Qemu 0.11.0-Rc2 Qemu Qemu 0.11.1 Qemu Qemu 0.12.0 Qemu Qemu 0.12.1 Qemu Qemu 0.12.2 Qemu Qemu 0.12.3 Qemu Qemu 0.12.4 Qemu Qemu 0.12.5 Qemu Qemu 0.13.0 Qemu Qemu 0.14.0 Qemu Qemu 0.14.1 Qemu Qemu 0.15.0 Qemu Qemu 0.15.1 Qemu Qemu 0.15.2 Qemu Qemu 1.0 Qemu Qemu 1.0.1 Qemu Qemu 1.1 Qemu Qemu 1.1.0 Qemu Qemu 1.1.1 Qemu Qemu 1.1.2 Qemu Qemu 1.1.2\+Dfsg Qemu Qemu 1.2.0 Qemu Qemu 1.2.1 Qemu Qemu 1.2.2 Qemu Qemu 1.3.0 Qemu Qemu 1.3.1 Qemu Qemu 1.4.0 Qemu Qemu 1.4.1 Qemu Qemu 1.4.2 Qemu Qemu 1.5.0 Qemu Qemu 1.5.1 Qemu Qemu 1.5.2 Qemu Qemu 1.5.3 Qemu Qemu 1.6.0 Qemu Qemu 1.6.1 Qemu Qemu 1.6.2 Qemu Qemu 1.7.0 Qemu Qemu 1.7.1 Qemu Qemu 1.7.2 Qemu Qemu 1\ Qemu Qemu 2.0.0 Qemu Qemu 2.0.1 Qemu Qemu 2.0.2 Qemu Qemu 2.1\+Dfsg Qemu Qemu 2.1.0 Qemu Qemu 2.1.1 Qemu Qemu 2.1.2 Qemu Qemu 2.1.3 Qemu Qemu 2.2.0 Qemu Qemu 2.2.1 Qemu Qemu 2.3.0 Qemu Qemu 2.3.1 Qemu Qemu 2.4.0 Qemu Qemu 2.4.0.1 Qemu Qemu 2.4.1 Qemu Qemu 2.5.0 Qemu Qemu 2.5.1 Qemu Qemu 2.5.1.1 Qemu Qemu 2.6.0 Qemu Qemu 2.6.1 Qemu Qemu 2.6.2 Qemu Qemu 2.7.0 Qemu Qemu 2.7.1 Qemu Qemu 2.8.0 Qemu Qemu 2.8.1 Qemu Qemu 2.8.1.1 Qemu Qemu 2.9.0 Qemu Qemu 2.9.1 Qemu Qemu 2.10.0 Qemu Qemu 2.10.1 Qemu Qemu 2.10.2 Qemu Qemu 2.11.0 Qemu Qemu 2.11.1 Qemu Qemu 2.11.2 Qemu Qemu 2.12.0 Qemu Qemu 2.12.1 Qemu Qemu 2.12.50 Qemu Qemu 3.0.0 Qemu Qemu 3.0.1 Qemu Qemu 3.1 Qemu Qemu 3.1.0	290
OS	Opensuse Opensuse Leap 15.0 Opensuse Leap 42.3	2

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

Nessus

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-1274.NASL
description	This update for qemu fixes the following issues : Security issues fixed : - CVE-2019-9824: Fixed information leak in slirp (bsc#1129622). - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 hostinformation (bsc#1126455). - CVE-2019-3812: Fixed Out-of-bounds memory access and information leak in virtual monitor interface (bsc#1125721). - CVE-2018-20815: Fixed a denial of service possibility in device tree processing (bsc#1130675). Non-security issue fixed : - Backported Skylake-Server vcpu model support from qemu v2.11 (FATE#327261 bsc#1131955). - Added ability to set virtqueue size using virtqueue_size parameter (FATE#327255 bsc#1118900). This update was imported from the SUSE:SLE-12-SP3:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	124311
published	2019-04-26
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/124311
title	openSUSE Security Update : qemu (openSUSE-2019-1274)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-1274. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(124311); script_version("1.3"); script_cvs_date("Date: 2020/01/21"); script_cve_id("CVE-2018-20815", "CVE-2019-3812", "CVE-2019-8934", "CVE-2019-9824"); script_name(english:"openSUSE Security Update : qemu (openSUSE-2019-1274)"); script_summary(english:"Check for the openSUSE-2019-1274 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for qemu fixes the following issues : Security issues fixed : - CVE-2019-9824: Fixed information leak in slirp (bsc#1129622). - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 hostinformation (bsc#1126455). - CVE-2019-3812: Fixed Out-of-bounds memory access and information leak in virtual monitor interface (bsc#1125721). - CVE-2018-20815: Fixed a denial of service possibility in device tree processing (bsc#1130675). Non-security issue fixed : - Backported Skylake-Server vcpu model support from qemu v2.11 (FATE#327261 bsc#1131955). - Added ability to set virtqueue size using virtqueue_size parameter (FATE#327255 bsc#1118900). This update was imported from the SUSE:SLE-12-SP3:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1118900" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1125721" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1126455" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1129622" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1130675" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1131955" ); script_set_attribute( attribute:"see_also", value:"https://features.opensuse.org/327255" ); script_set_attribute( attribute:"see_also", value:"https://features.opensuse.org/327261" ); script_set_attribute(attribute:"solution", value:"Update the affected qemu packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ipxe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ksm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-kvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-seabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-sgabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-testsuite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-vgabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/02/19"); script_set_attribute(attribute:"patch_publication_date", value:"2019/04/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/26"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE42.3", reference:"qemu-ipxe-1.0.0+-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"qemu-linux-user-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"qemu-linux-user-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"qemu-linux-user-debugsource-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"qemu-seabios-1.10.2-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"qemu-sgabios-8-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"qemu-vgabios-1.10.2-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-arm-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-arm-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-curl-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-curl-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-dmg-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-dmg-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-iscsi-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-iscsi-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-rbd-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-rbd-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-ssh-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-block-ssh-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-debugsource-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-extra-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-extra-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-guest-agent-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-guest-agent-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-ksm-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-kvm-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-lang-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-ppc-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-ppc-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-s390-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-s390-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-testsuite-2.9.1-59.2") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-tools-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-tools-debuginfo-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-x86-2.9.1-59.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"qemu-x86-debuginfo-2.9.1-59.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu-linux-user / qemu-linux-user-debuginfo / etc"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-1405.NASL
description	This update for qemu fixes the following issues : Security issues fixed : - CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue (bsc#1126455) - CVE-2019-3812: Fixed OOB memory access and information leak in virtual monitor interface (bsc#1125721) - CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) - Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature
last seen	2020-06-01
modified	2020-06-02
plugin id	125302
published	2019-05-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/125302
title	openSUSE Security Update : qemu (openSUSE-2019-1405) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-1405. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(125302); script_version("1.3"); script_cvs_date("Date: 2020/01/15"); script_cve_id("CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-20815", "CVE-2019-11091", "CVE-2019-3812", "CVE-2019-8934", "CVE-2019-9824"); script_name(english:"openSUSE Security Update : qemu (openSUSE-2019-1405) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)"); script_summary(english:"Check for the openSUSE-2019-1405 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for qemu fixes the following issues : Security issues fixed : - CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue (bsc#1126455) - CVE-2019-3812: Fixed OOB memory access and information leak in virtual monitor interface (bsc#1125721) - CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) - Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature 'md-clear' (bsc#1111331) Other bugs fixed : - Use a new approach to handling the file input to -smbios option, which accepts either legacy or per-spec formats regardless of the machine type. This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1111331" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1125721" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1126455" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1129622" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1130675" ); script_set_attribute(attribute:"solution", value:"Update the affected qemu packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-gluster"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-gluster-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ipxe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ksm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-kvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-seabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-sgabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-vgabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/02/19"); script_set_attribute(attribute:"patch_publication_date", value:"2019/05/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/21"); script_set_attribute(attribute:"in_the_news", value:"true"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"qemu-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-arm-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-arm-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-curl-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-curl-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-dmg-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-dmg-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-gluster-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-gluster-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-iscsi-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-iscsi-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-rbd-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-rbd-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-ssh-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-ssh-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-debugsource-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-extra-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-extra-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-guest-agent-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-guest-agent-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-ipxe-1.0.0+-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-ksm-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-kvm-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-lang-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-ppc-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-ppc-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-s390-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-s390-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-seabios-1.11.0-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-sgabios-8-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-tools-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-tools-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-vgabios-1.11.0-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-x86-2.11.2-lp150.7.22.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"qemu-x86-debuginfo-2.11.2-lp150.7.22.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu / qemu-arm / qemu-arm-debuginfo / qemu-block-curl / etc"); }

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References