• 公告ID (KylinSec-SA-2023-2219)

摘要:

qemu security update

安全等级: High

公告ID: KylinSec-SA-2023-2219

发布日期: 2023年8月6日

关联CVE: CVE-2023-0664   CVE-2023-2861  

  • 详细介绍

1. 漏洞描述

   

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed.

Security Fix(es):

A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.(CVE-2023-0664)

A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.(CVE-2023-2861)

2. 影响范围

cve名称 产品 组件 是否受影响
CVE-2023-0664 KY3.5.2 qemu Fixed
CVE-2023-2861 KY3.5.2 qemu Fixed

3. 影响组件

    qemu

4. 修复版本

   

KY3.5.2

软件名称 架构 版本号
qemu-help noarch 6.2.0-86.ky3_5.kb1
qemu-block-curl x86_64 6.2.0-86.ky3_5.kb1
qemu-system-arm x86_64 6.2.0-86.ky3_5.kb1
qemu-hw-usb-host x86_64 6.2.0-86.ky3_5.kb1
qemu-seabios x86_64 6.2.0-86.ky3_5.kb1
qemu-system-x86_64 x86_64 6.2.0-86.ky3_5.kb1
qemu x86_64 6.2.0-86.ky3_5.kb1
qemu-system-riscv x86_64 6.2.0-86.ky3_5.kb1
qemu-system-aarch64 x86_64 6.2.0-86.ky3_5.kb1
qemu-guest-agent x86_64 6.2.0-86.ky3_5.kb1
qemu-img x86_64 6.2.0-86.ky3_5.kb1
qemu-block-rbd x86_64 6.2.0-86.ky3_5.kb1
qemu-block-iscsi x86_64 6.2.0-86.ky3_5.kb1
qemu-block-ssh x86_64 6.2.0-86.ky3_5.kb1
qemu-block-curl aarch64 6.2.0-86.ky3_5.kb1
qemu-img aarch64 6.2.0-86.ky3_5.kb1
qemu-guest-agent aarch64 6.2.0-86.ky3_5.kb1
qemu-block-rbd aarch64 6.2.0-86.ky3_5.kb1
qemu-system-x86_64 aarch64 6.2.0-86.ky3_5.kb1
qemu-hw-usb-host aarch64 6.2.0-86.ky3_5.kb1
qemu-block-ssh aarch64 6.2.0-86.ky3_5.kb1
qemu-system-aarch64 aarch64 6.2.0-86.ky3_5.kb1
qemu-system-arm aarch64 6.2.0-86.ky3_5.kb1
qemu aarch64 6.2.0-86.ky3_5.kb1
qemu-system-riscv aarch64 6.2.0-86.ky3_5.kb1
qemu-block-iscsi aarch64 6.2.0-86.ky3_5.kb1

5. 修复方法


方法一:下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存,如 xxx.rpm
2、通过rpm命令升级,如 rpm -Uvh xxx.rpm

方法二:通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包,如 yum install 包名

6. 下载链接

   

KY3.5.2:

x86_64:

     qemu-help   

     qemu-block-curl   

     qemu-system-arm   

     qemu-hw-usb-host   

     qemu-seabios   

     qemu-system-x86_64   

     qemu   

     qemu-system-riscv   

     qemu-system-aarch64   

     qemu-guest-agent   

     qemu-img   

     qemu-block-rbd   

     qemu-block-iscsi   

     qemu-block-ssh   

aarch64:

     qemu-help   

     qemu-block-curl   

     qemu-img   

     qemu-guest-agent   

     qemu-block-rbd   

     qemu-system-x86_64   

     qemu-hw-usb-host   

     qemu-block-ssh   

     qemu-system-aarch64   

     qemu-system-arm   

     qemu   

     qemu-system-riscv   

     qemu-block-iscsi   
上一篇:KylinSec-SA-2023-2217 下一篇:KylinSec-SA-2023-2220

产品中心

解决方案

技术支持

生态与合作

分支机构

全国统一服务热线

400-012-6606

微信公众号

Copyright © 湖南麒麟信安科技股份有限公司   版权所有   备案号:湘ICP备16010502号-1

技术支持:蒲公英长沙网站建设