ID |
CVE-2019-6778
|
Summary |
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:qemu:qemu:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:3.0.0:*:*:*:*:*:*:*
-
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
-
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
-
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
-
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
|
CVSS |
Base: | 4.6 (as of 24-08-2020 - 17:37) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-787 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
redhat
via4
|
advisories | bugzilla | id | 1664205 | title | CVE-2019-6778 QEMU: slirp: heap buffer overflow in tcp_emu() |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 7 is installed | oval | oval:com.redhat.rhba:tst:20150364027 |
OR | AND | comment | qemu-img is earlier than 10:1.5.3-160.el7_6.3 | oval | oval:com.redhat.rhsa:tst:20191883001 |
comment | qemu-img is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110345002 |
|
AND | comment | qemu-kvm is earlier than 10:1.5.3-160.el7_6.3 | oval | oval:com.redhat.rhsa:tst:20191883003 |
comment | qemu-kvm is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110345004 |
|
AND | comment | qemu-kvm-common is earlier than 10:1.5.3-160.el7_6.3 | oval | oval:com.redhat.rhsa:tst:20191883005 |
comment | qemu-kvm-common is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20140704014 |
|
AND | comment | qemu-kvm-tools is earlier than 10:1.5.3-160.el7_6.3 | oval | oval:com.redhat.rhsa:tst:20191883007 |
comment | qemu-kvm-tools is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110345006 |
|
|
|
|
| rhsa | id | RHSA-2019:1883 | released | 2019-07-29 | severity | Important | title | RHSA-2019:1883: qemu-kvm security update (Important) |
|
bugzilla | id | 1712670 | title | CVE-2019-12155 QEMU: qxl: null pointer dereference while releasing spice resources |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | qemu-guest-agent is earlier than 2:0.12.1.2-2.506.el6_10.5 | oval | oval:com.redhat.rhsa:tst:20192892001 |
comment | qemu-guest-agent is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121234002 |
|
AND | comment | qemu-img is earlier than 2:0.12.1.2-2.506.el6_10.5 | oval | oval:com.redhat.rhsa:tst:20192892003 |
comment | qemu-img is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110345002 |
|
AND | comment | qemu-kvm is earlier than 2:0.12.1.2-2.506.el6_10.5 | oval | oval:com.redhat.rhsa:tst:20192892005 |
comment | qemu-kvm is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110345004 |
|
AND | comment | qemu-kvm-tools is earlier than 2:0.12.1.2-2.506.el6_10.5 | oval | oval:com.redhat.rhsa:tst:20192892007 |
comment | qemu-kvm-tools is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110345006 |
|
|
|
|
| rhsa | id | RHSA-2019:2892 | released | 2019-09-24 | severity | Important | title | RHSA-2019:2892: qemu-kvm security update (Important) |
|
| rpms | - qemu-img-10:1.5.3-160.el7_6.3
- qemu-kvm-10:1.5.3-160.el7_6.3
- qemu-kvm-common-10:1.5.3-160.el7_6.3
- qemu-kvm-debuginfo-10:1.5.3-160.el7_6.3
- qemu-kvm-tools-10:1.5.3-160.el7_6.3
- qemu-img-rhev-10:2.12.0-18.el7_6.7
- qemu-kvm-common-rhev-10:2.12.0-18.el7_6.7
- qemu-kvm-rhev-10:2.12.0-18.el7_6.7
- qemu-kvm-rhev-debuginfo-10:2.12.0-18.el7_6.7
- qemu-kvm-tools-rhev-10:2.12.0-18.el7_6.7
- qemu-img-rhev-10:2.12.0-33.el7
- qemu-kvm-common-rhev-10:2.12.0-33.el7
- qemu-kvm-rhev-10:2.12.0-33.el7
- qemu-kvm-rhev-debuginfo-10:2.12.0-33.el7
- qemu-kvm-tools-rhev-10:2.12.0-33.el7
- qemu-guest-agent-2:0.12.1.2-2.506.el6_10.5
- qemu-img-2:0.12.1.2-2.506.el6_10.5
- qemu-kvm-2:0.12.1.2-2.506.el6_10.5
- qemu-kvm-debuginfo-2:0.12.1.2-2.506.el6_10.5
- qemu-kvm-tools-2:0.12.1.2-2.506.el6_10.5
|
|
refmap
via4
|
bid | 106758 | bugtraq | 20190531 [SECURITY] [DSA 4454-1] qemu security update | debian | DSA-4454 | fedora | - FEDORA-2019-0664c7724d
- FEDORA-2019-88a98ce795
| misc | - [Qemu-devel][PULL 65/65] 20190114 slirp: check data length while emulating ident
- [oss-security] 20190124 CVE-2019-6778 QEMU: slirp: heap buffer overflow in tcp_emu()
| suse | - SUSE-SA-2019:0254-1
- openSUSE-SU-2019:1074
- openSUSE-SU-2019:1226
- openSUSE-SU-2019:2044
- openSUSE-SU-2020:0468
| ubuntu | USN-3923-1 |
|
Last major update |
24-08-2020 - 17:37 |
Published |
21-03-2019 - 16:01 |
Last modified |
24-08-2020 - 17:37 |