qemu-kvm < 1.5.3-86 el6 Venom Vulnerability

high Log Correlation Engine Plugin ID 801941

Synopsis

The qemu-kvm server is vulnerable to the Venom remote code execution attack.

Description

The remote host is running a version of qemu-kvm which is vulnerable to an out-of-bounds memory access flaw, which can cause a crash or execution of arbitrary code on the host.

Solution

Upgrade to qemu-kvm 1.5.3-86.

See Also

https://rhn.redhat.com/errata/RHSA-2015-0999.html

Plugin Details

Severity: High

ID: 801941

Family: Generic

Nessus ID: 83419, 83422, 83426, 83427, 83459, 83438

Reference Information

CVE: CVE-2015-3456