SB2018060814 - Amazon Linux AMI update for qemu-kvm

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018060814

SB2018060814 - Amazon Linux AMI update for qemu-kvm

Published: June 8, 2018 Updated: June 12, 2018

Security Bulletin ID SB2018060814
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 14% Low 86%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Memory leak (CVE-ID: CVE-2017-15268)

The vulnerability allows a remote attacker to cause DoІ condition on the target system.

The weakness exists in io/channel-websock.c due to memory leak in slow data-channel read operations. A remote attacker can trigger memory corruption and cause the service to crash.


2) Out-of-bounds read (CVE-ID: CVE-2018-5683)

The vulnerability allows an adjacent low-privileged attacker to cause DoS condition on the target system.

The weakness exists in the vga_draw_text function due to out-of-bounds read. A remote attacker can leverage improper memory address validation, trigger memory error and cause QEMU process to crash.

3) Speculative Store Bypass (CVE-ID: CVE-2018-3639)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to race conditions in CPU cache processing. A local attacker can conduct a side-channel attack to exploit a flaw in the speculative execution of Load and Store instructions to read privileged memory.

Note: the vulnerability is referred to as "Spectre variant 4".

4) Use-after-free error (CVE-ID: CVE-2017-13711)

The vulnerability allows an adjacent attacker to cause DoS condition on the target system.

The weakness exists in the Slirp networking implementation due to use-after-free error when a Socket referenced from multiple packets is freed while responding to a message.  An adjacent attacker can cause the service to crash.


5) Memory allocation (CVE-ID: CVE-2017-15124)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to uncontrolled memory allocation when not throttling the framebuffer updates sent to the client. A remote attacker can cause the service to crash.

6) Out-of-bounds read (CVE-ID: CVE-2018-7858)

The vulnerability allows an adjacent attacker to cause DoS condition on the target system.

The weakness exists due to improper VGA display updates. An adjacent attacker can use incorrect region calculations during VGA display updates, trigger out-of-bounds read and cause the service to crash.

7) Out-of-bounds read (CVE-ID: CVE-2017-13672)

The vulnerability allows an adjacent unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read. An adjacent attacker can trigger memory corruption and cause the service to crash.

Remediation

Install update from vendor's website.

References