Description
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Affected Software
Related
{"id": "CVE-2020-25637", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2020-25637", "description": "A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "published": "2020-10-06T14:15:00", "modified": "2022-11-07T17:35:00", "epss": [{"cve": "CVE-2020-25637", "epss": 0.00042, "percentile": 0.05671, "modified": "2023-06-06"}], "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2}, "severity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 0.8, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25637", "reporter": "secalert@redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1881037", "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00073.html", "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00072.html", "https://security.gentoo.org/glsa/202210-06"], "cvelist": ["CVE-2020-25637"], "immutableFields": [], "lastseen": "2023-06-06T14:39:07", "viewCount": 256, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2021:1762"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2020-25637"]}, {"type": "amazon", "idList": ["ALAS2-2020-1569"]}, {"type": "archlinux", "idList": ["ASA-202101-42"]}, {"type": "centos", "idList": ["CESA-2020:5040"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2395-1:BF385"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-25637"]}, {"type": "gentoo", "idList": ["GLSA-202210-06"]}, {"type": "githubexploit", "idList": ["5E3AFF02-95F1-59CA-869C-4AEF305EFA7E"]}, {"type": "mageia", "idList": ["MGASA-2020-0473"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1569.NASL", "ALMA_LINUX_ALSA-2021-1762.NASL", "CENTOS8_RHSA-2021-1762.NASL", "CENTOS_RHSA-2020-5040.NASL", "DEBIAN_DLA-2395.NASL", "EULEROS_SA-2021-1045.NASL", "EULEROS_SA-2021-1456.NASL", "EULEROS_SA-2021-1526.NASL", "EULEROS_SA-2021-1631.NASL", "EULEROS_SA-2021-1666.NASL", "GENTOO_GLSA-202210-06.NASL", "NUTANIX_NXSA-AHV-20201105_1021.NASL", "OPENSUSE-2020-1777.NASL", "OPENSUSE-2020-1778.NASL", "ORACLELINUX_ELSA-2020-5040.NASL", "ORACLELINUX_ELSA-2020-5961.NASL", "ORACLELINUX_ELSA-2021-1762.NASL", "REDHAT-RHSA-2020-5040.NASL", "REDHAT-RHSA-2020-5111.NASL", "REDHAT-RHSA-2021-1762.NASL", "SL_20201110_LIBVIRT_ON_SL7_X.NASL", "SUSE_SU-2020-2969-1.NASL", "SUSE_SU-2020-2970-1.NASL", "SUSE_SU-2020-3037-1.NASL", "SUSE_SU-2020-3038-1.NASL", "SUSE_SU-2020-3039-1.NASL", "SUSE_SU-2020-3095-1.NASL", "SUSE_SU-2020-3143-1.NASL", "UBUNTU_USN-5399-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-5040", "ELSA-2020-5961", "ELSA-2021-1762"]}, {"type": "osv", "idList": ["OSV:CVE-2020-25637", "OSV:DLA-2395-1"]}, {"type": "photon", "idList": ["PHSA-2021-0007", "PHSA-2021-4.0-0007"]}, {"type": "redhat", "idList": ["RHSA-2020:5040", "RHSA-2020:5111", "RHSA-2020:5118", "RHSA-2021:1762"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-25637"]}, {"type": "rocky", "idList": ["RLSA-2021:1762"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1777-1", "OPENSUSE-SU-2020:1778-1"]}, {"type": "ubuntu", "idList": ["USN-5399-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-25637"]}, {"type": "veracode", "idList": ["VERACODE:27549"]}]}, "score": {"value": 2.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2021:1762"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2020-25637"]}, {"type": "amazon", "idList": ["ALAS2-2020-1569"]}, {"type": "archlinux", "idList": ["ASA-202101-42"]}, {"type": "centos", "idList": ["CESA-2020:5040"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2395-1:BF385"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-25637"]}, {"type": "githubexploit", "idList": ["5E3AFF02-95F1-59CA-869C-4AEF305EFA7E"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2020-25637/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1569.NASL", "CENTOS_RHSA-2020-5040.NASL", "DEBIAN_DLA-2395.NASL", "ORACLELINUX_ELSA-2020-5040.NASL", "REDHAT-RHSA-2020-5040.NASL", "REDHAT-RHSA-2020-5111.NASL", "SL_20201110_LIBVIRT_ON_SL7_X.NASL", "SUSE_SU-2020-2969-1.NASL", "SUSE_SU-2020-2970-1.NASL", "SUSE_SU-2020-3037-1.NASL", "SUSE_SU-2020-3038-1.NASL", "SUSE_SU-2020-3039-1.NASL", "SUSE_SU-2020-3095-1.NASL", "SUSE_SU-2020-3143-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-5040", "ELSA-2020-5961"]}, {"type": "photon", "idList": ["PHSA-2021-0007"]}, {"type": "redhat", "idList": ["RHSA-2020:5040"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-25637"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1777-1", "OPENSUSE-SU-2020:1778-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-25637"]}]}, "exploitation": null, "twitter": {"counter": 3, "tweets": [{"link": "https://twitter.com/threatintelctr/status/1575994444192653314", "text": " NEW: CVE-2020-25637 A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This fla... (click for more) Severity: MEDIUM https://t.co/DWJ5QS7KBx", "author": "threatintelctr", "author_photo": "https://pbs.twimg.com/profile_images/904224973987840000/dMy1x9Ho_400x400.jpg"}, {"link": "https://twitter.com/threatintelctr/status/1589674594675609600", "text": " NEW: CVE-2020-25637 A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This fla... (click for more) Severity: MEDIUM https://t.co/DWJ5QS8ir5", "author": "threatintelctr", "author_photo": "https://pbs.twimg.com/profile_images/904224973987840000/dMy1x9Ho_400x400.jpg"}]}, "affected_software": {"major_version": [{"name": "redhat libvirt", "version": 6}, {"name": "opensuse leap", "version": 15}, {"name": "opensuse leap", "version": 15}]}, "epss": [{"cve": "CVE-2020-25637", "epss": 0.00042, "percentile": 0.05667, "modified": "2023-05-07"}], "vulnersScore": 2.4}, "_state": {"dependencies": 1686073041, "score": 1686062979, "twitter": 0, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "964903d874ff96ef446fb36f0379c0c5"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:opensuse:leap:15.2", "cpe:/o:opensuse:leap:15.1"], "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*"], "cwe": ["CWE-415"], "affectedSoftware": [{"cpeName": "redhat:libvirt", "version": "6.8.0", "operator": "lt", "name": "redhat libvirt"}, {"cpeName": "opensuse:leap", "version": "15.1", "operator": "eq", "name": "opensuse leap"}, {"cpeName": "opensuse:leap", "version": "15.2", "operator": "eq", "name": "opensuse leap"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:redhat:libvirt:6.8.0:*:*:*:*:*:*:*", "versionEndExcluding": "6.8.0", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881037", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1881037", "refsource": "MISC", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00073.html", "name": "openSUSE-SU-2020:1777", "refsource": "SUSE", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00072.html", "name": "openSUSE-SU-2020:1778", "refsource": "SUSE", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://security.gentoo.org/glsa/202210-06", "name": "GLSA-202210-06", "refsource": "GENTOO", "tags": ["Third Party Advisory"]}], "product_info": [{"vendor": "Opensuse", "product": "Leap"}, {"vendor": "Redhat", "product": "Libvirt"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-415", "cweId": "CWE-415"}]}], "exploits": [], "assigned": "1976-01-01T00:00:00"}
{"nessus": [{"lastseen": "2023-05-18T15:23:43", "description": "A double free vulnerability was discovered in libvirt, a toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes).\n\nFor Debian 9 stretch, this problem has been fixed in version 3.0.0-4+deb9u5.\n\nWe recommend that you upgrade your libvirt packages.\n\nFor the detailed security status of libvirt please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/libvirt\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-10-05T00:00:00", "type": "nessus", "title": "Debian DLA-2395-1 : libvirt security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2020-10-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnss-libvirt", "p-cpe:/a:debian:debian_linux:libvirt-clients", "p-cpe:/a:debian:debian_linux:libvirt-daemon", "p-cpe:/a:debian:debian_linux:libvirt-daemon-system", "p-cpe:/a:debian:debian_linux:libvirt-dev", "p-cpe:/a:debian:debian_linux:libvirt-doc", "p-cpe:/a:debian:debian_linux:libvirt-sanlock", "p-cpe:/a:debian:debian_linux:libvirt0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2395.NASL", "href": "https://www.tenable.com/plugins/nessus/141137", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2395-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141137);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/13\");\n\n script_cve_id(\"CVE-2020-25637\");\n\n script_name(english:\"Debian DLA-2395-1 : libvirt security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A double free vulnerability was discovered in libvirt, a toolkit to\ninteract with the virtualization capabilities of recent versions of\nLinux (and other OSes).\n\nFor Debian 9 stretch, this problem has been fixed in version\n3.0.0-4+deb9u5.\n\nWe recommend that you upgrade your libvirt packages.\n\nFor the detailed security status of libvirt please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/libvirt\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/10/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/libvirt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/libvirt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvirt-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvirt-daemon-system\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvirt-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvirt-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvirt0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libnss-libvirt\", reference:\"3.0.0-4+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvirt-clients\", reference:\"3.0.0-4+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvirt-daemon\", reference:\"3.0.0-4+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvirt-daemon-system\", reference:\"3.0.0-4+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvirt-dev\", reference:\"3.0.0-4+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvirt-doc\", reference:\"3.0.0-4+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvirt-sanlock\", reference:\"3.0.0-4+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libvirt0\", reference:\"3.0.0-4+deb9u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:14:15", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1569 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : libvirt (ALAS-2020-1569)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2020-12-09T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libvirt", "p-cpe:/a:amazon:linux:libvirt-admin", "p-cpe:/a:amazon:linux:libvirt-bash-completion", "p-cpe:/a:amazon:linux:libvirt-client", "p-cpe:/a:amazon:linux:libvirt-daemon", "p-cpe:/a:amazon:linux:libvirt-daemon-config-network", "p-cpe:/a:amazon:linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-interface", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-lxc", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-network", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-qemu", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-secret", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:amazon:linux:libvirt-daemon-kvm", "p-cpe:/a:amazon:linux:libvirt-daemon-lxc", "p-cpe:/a:amazon:linux:libvirt-debuginfo", "p-cpe:/a:amazon:linux:libvirt-devel", "p-cpe:/a:amazon:linux:libvirt-docs", "p-cpe:/a:amazon:linux:libvirt-libs", "p-cpe:/a:amazon:linux:libvirt-lock-sanlock", "p-cpe:/a:amazon:linux:libvirt-login-shell", "p-cpe:/a:amazon:linux:libvirt-nss", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1569.NASL", "href": "https://www.tenable.com/plugins/nessus/143577", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1569.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143577);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/09\");\n\n script_cve_id(\"CVE-2020-25637\");\n script_xref(name:\"ALAS\", value:\"2020-1569\");\n\n script_name(english:\"Amazon Linux 2 : libvirt (ALAS-2020-1569)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a\nvulnerability as referenced in the ALAS2-2020-1569 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible\n for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or\n potentially escalate their privileges on the system. The highest threat from this vulnerability is to data\n confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1569.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25637\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update libvirt' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'libvirt-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-admin-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-admin-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-admin-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-bash-completion-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-bash-completion-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-bash-completion-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-client-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-client-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-client-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-kvm-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-kvm-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-debuginfo-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-debuginfo-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-debuginfo-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-devel-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-devel-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-devel-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-docs-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-docs-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-docs-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-libs-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-libs-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-libs-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-lock-sanlock-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-lock-sanlock-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-login-shell-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-login-shell-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-login-shell-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'libvirt-nss-4.5.0-36.amzn2.3', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libvirt-nss-4.5.0-36.amzn2.3', 'cpu':'i686', 'release':'AL2'},\n {'reference':'libvirt-nss-4.5.0-36.amzn2.3', 'cpu':'x86_64', 'release':'AL2'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-admin / libvirt-bash-completion / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:24:25", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5040 advisory.\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-11T00:00:00", "type": "nessus", "title": "RHEL 7 : libvirt (RHSA-2020:5040)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-admin", "p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-lxc", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt-login-shell", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss"], "id": "REDHAT-RHSA-2020-5040.NASL", "href": "https://www.tenable.com/plugins/nessus/142700", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:5040. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142700);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2020-25637\");\n script_xref(name:\"RHSA\", value:\"2020:5040\");\n\n script_name(english:\"RHEL 7 : libvirt (RHSA-2020:5040)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:5040 advisory.\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25637\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:5040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1881037\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(415, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libvirt-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-4.5.0-36.el7_9.3', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-4.5.0-36.el7_9.3', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-4.5.0-36.el7_9.3', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-login-shell-4.5.0-36.el7_9.3', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-login-shell-4.5.0-36.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-login-shell-4.5.0-36.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-login-shell-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-4.5.0-36.el7_9.3', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libvirt / libvirt-admin / libvirt-bash-completion / libvirt-client / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:45", "description": "The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:5040 advisory.\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-18T00:00:00", "type": "nessus", "title": "CentOS 7 : libvirt (CESA-2020:5040)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2020-11-30T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libvirt", "p-cpe:/a:centos:centos:libvirt-admin", "p-cpe:/a:centos:centos:libvirt-bash-completion", "p-cpe:/a:centos:centos:libvirt-client", "p-cpe:/a:centos:centos:libvirt-daemon", "p-cpe:/a:centos:centos:libvirt-daemon-config-network", "p-cpe:/a:centos:centos:libvirt-daemon-config-nwfilter", "p-cpe:/a:centos:centos:libvirt-daemon-driver-interface", "p-cpe:/a:centos:centos:libvirt-daemon-driver-lxc", "p-cpe:/a:centos:centos:libvirt-daemon-driver-network", "p-cpe:/a:centos:centos:libvirt-daemon-driver-nodedev", "p-cpe:/a:centos:centos:libvirt-daemon-driver-nwfilter", "p-cpe:/a:centos:centos:libvirt-daemon-driver-qemu", "p-cpe:/a:centos:centos:libvirt-daemon-driver-secret", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-core", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-disk", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-logical", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:centos:centos:libvirt-daemon-kvm", "p-cpe:/a:centos:centos:libvirt-daemon-lxc", "p-cpe:/a:centos:centos:libvirt-devel", "p-cpe:/a:centos:centos:libvirt-docs", "p-cpe:/a:centos:centos:libvirt-libs", "p-cpe:/a:centos:centos:libvirt-lock-sanlock", "p-cpe:/a:centos:centos:libvirt-login-shell", "p-cpe:/a:centos:centos:libvirt-nss", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-5040.NASL", "href": "https://www.tenable.com/plugins/nessus/143055", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:5040 and\n# CentOS Errata and Security Advisory 2020:5040 respectively.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143055);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/30\");\n\n script_cve_id(\"CVE-2020-25637\");\n script_xref(name:\"RHSA\", value:\"2020:5040\");\n\n script_name(english:\"CentOS 7 : libvirt (CESA-2020:5040)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2020:5040 advisory.\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2020-November/035841.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?583345b5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'libvirt-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-admin-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-bash-completion-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-client-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'i686', 'release':'CentOS-7'},\n {'reference':'libvirt-client-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-kvm-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-devel-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'i686', 'release':'CentOS-7'},\n {'reference':'libvirt-devel-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-docs-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-libs-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'i686', 'release':'CentOS-7'},\n {'reference':'libvirt-libs-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-lock-sanlock-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-login-shell-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'libvirt-nss-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'i686', 'release':'CentOS-7'},\n {'reference':'libvirt-nss-4.5.0-36.el7_9.3', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libvirt / libvirt-admin / libvirt-bash-completion / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:22", "description": "The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5961 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-04T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : libvirt (ELSA-2020-5961)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2021-02-05T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:libvirt", "p-cpe:/a:oracle:linux:libvirt-admin", "p-cpe:/a:oracle:linux:libvirt-bash-completion", "p-cpe:/a:oracle:linux:libvirt-client", "p-cpe:/a:oracle:linux:libvirt-daemon", "p-cpe:/a:oracle:linux:libvirt-daemon-config-network", "p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-lxc", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-network", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:oracle:linux:libvirt-daemon-kvm", "p-cpe:/a:oracle:linux:libvirt-daemon-lxc", "p-cpe:/a:oracle:linux:libvirt-daemon-qemu", "p-cpe:/a:oracle:linux:libvirt-devel", "p-cpe:/a:oracle:linux:libvirt-docs", "p-cpe:/a:oracle:linux:libvirt-libs", "p-cpe:/a:oracle:linux:libvirt-lock-sanlock", "p-cpe:/a:oracle:linux:libvirt-login-shell", "p-cpe:/a:oracle:linux:libvirt-nss"], "id": "ORACLELINUX_ELSA-2020-5961.NASL", "href": "https://www.tenable.com/plugins/nessus/146198", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5961.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146198);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2020-25637\");\n\n script_name(english:\"Oracle Linux 7 : libvirt (ELSA-2020-5961)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2020-5961 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible\n for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or\n potentially escalate their privileges on the system. The highest threat from this vulnerability is to data\n confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-5961.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-nss\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'libvirt-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-admin-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-admin-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-bash-completion-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-bash-completion-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-client-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-client-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-config-network-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-config-network-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-config-nwfilter-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-config-nwfilter-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-interface-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-interface-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-lxc-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-lxc-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-network-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-network-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-nodedev-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-nodedev-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-nwfilter-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-nwfilter-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-qemu-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-qemu-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-secret-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-secret-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-core-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-core-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-disk-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-disk-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-gluster-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-gluster-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-iscsi-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-iscsi-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-logical-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-logical-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-mpath-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-mpath-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-rbd-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-rbd-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-scsi-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-scsi-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-kvm-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-kvm-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-lxc-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-lxc-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-qemu-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-daemon-qemu-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-devel-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-devel-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-docs-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-docs-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-libs-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-libs-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-lock-sanlock-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-lock-sanlock-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-login-shell-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-login-shell-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-nss-5.7.0-21.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'libvirt-nss-5.7.0-21.el7', 'cpu':'x86_64', 'release':'7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libvirt / libvirt-admin / libvirt-bash-completion / etc');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:12:41", "description": "The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5040 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : libvirt (ELSA-2020-5040)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2020-11-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:libvirt", "p-cpe:/a:oracle:linux:libvirt-admin", "p-cpe:/a:oracle:linux:libvirt-bash-completion", "p-cpe:/a:oracle:linux:libvirt-client", "p-cpe:/a:oracle:linux:libvirt-daemon", "p-cpe:/a:oracle:linux:libvirt-daemon-config-network", "p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-lxc", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-network", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:oracle:linux:libvirt-daemon-kvm", "p-cpe:/a:oracle:linux:libvirt-daemon-lxc", "p-cpe:/a:oracle:linux:libvirt-devel", "p-cpe:/a:oracle:linux:libvirt-docs", "p-cpe:/a:oracle:linux:libvirt-libs", "p-cpe:/a:oracle:linux:libvirt-lock-sanlock", "p-cpe:/a:oracle:linux:libvirt-login-shell", "p-cpe:/a:oracle:linux:libvirt-nss"], "id": "ORACLELINUX_ELSA-2020-5040.NASL", "href": "https://www.tenable.com/plugins/nessus/142784", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5040.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142784);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/13\");\n\n script_cve_id(\"CVE-2020-25637\");\n\n script_name(english:\"Oracle Linux 7 : libvirt (ELSA-2020-5040)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2020-5040 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible\n for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or\n potentially escalate their privileges on the system. The highest threat from this vulnerability is to data\n confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-5040.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-nss\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'libvirt-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-admin-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-bash-completion-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-client-4.5.0-36.el7_9.3', 'cpu':'i686', 'release':'7'},\n {'reference':'libvirt-client-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-kvm-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-devel-4.5.0-36.el7_9.3', 'cpu':'i686', 'release':'7'},\n {'reference':'libvirt-devel-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-docs-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-libs-4.5.0-36.el7_9.3', 'cpu':'i686', 'release':'7'},\n {'reference':'libvirt-libs-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-lock-sanlock-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-login-shell-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'},\n {'reference':'libvirt-nss-4.5.0-36.el7_9.3', 'cpu':'i686', 'release':'7'},\n {'reference':'libvirt-nss-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libvirt / libvirt-admin / libvirt-bash-completion / etc');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:22:56", "description": "According to the version of the libvirt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.(CVE-2020-25637)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-01-05T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : libvirt (EulerOS-SA-2021-1045)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvirt", "p-cpe:/a:huawei:euleros:libvirt-admin", "p-cpe:/a:huawei:euleros:libvirt-client", "p-cpe:/a:huawei:euleros:libvirt-daemon", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-kvm", "p-cpe:/a:huawei:euleros:libvirt-devel", "p-cpe:/a:huawei:euleros:libvirt-docs", "p-cpe:/a:huawei:euleros:libvirt-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2021-1045.NASL", "href": "https://www.tenable.com/plugins/nessus/144728", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144728);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\n \"CVE-2020-25637\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : libvirt (EulerOS-SA-2021-1045)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libvirt packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - A double free memory issue was found to occur in the\n libvirt API, in versions before 6.8.0, responsible for\n requesting information about network interfaces of a\n running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting\n to the read-write socket with limited ACL permissions\n could use this flaw to crash the libvirt daemon,\n resulting in a denial of service, or potentially\n escalate their privileges on the system. The highest\n threat from this vulnerability is to data\n confidentiality and integrity as well as system\n availability.(CVE-2020-25637)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1045\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b7116a79\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvirt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libvirt-3.2.0-286\",\n \"libvirt-3.2.0-286.src\",\n \"libvirt-admin-3.2.0-286\",\n \"libvirt-client-3.2.0-286\",\n \"libvirt-daemon-3.2.0-286\",\n \"libvirt-daemon-config-network-3.2.0-286\",\n \"libvirt-daemon-config-nwfilter-3.2.0-286\",\n \"libvirt-daemon-driver-interface-3.2.0-286\",\n \"libvirt-daemon-driver-network-3.2.0-286\",\n \"libvirt-daemon-driver-nodedev-3.2.0-286\",\n \"libvirt-daemon-driver-nwfilter-3.2.0-286\",\n \"libvirt-daemon-driver-qemu-3.2.0-286\",\n \"libvirt-daemon-driver-secret-3.2.0-286\",\n \"libvirt-daemon-driver-storage-3.2.0-286\",\n \"libvirt-daemon-driver-storage-core-3.2.0-286\",\n \"libvirt-daemon-driver-storage-disk-3.2.0-286\",\n \"libvirt-daemon-driver-storage-iscsi-3.2.0-286\",\n \"libvirt-daemon-driver-storage-logical-3.2.0-286\",\n \"libvirt-daemon-driver-storage-mpath-3.2.0-286\",\n \"libvirt-daemon-driver-storage-scsi-3.2.0-286\",\n \"libvirt-daemon-kvm-3.2.0-286\",\n \"libvirt-devel-3.2.0-286\",\n \"libvirt-docs-3.2.0-286\",\n \"libvirt-libs-3.2.0-286\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:27", "description": "According to the version of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.(CVE-2020-25637)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : libvirt (EulerOS-SA-2021-1456)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2021-03-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvirt", "p-cpe:/a:huawei:euleros:libvirt-admin", "p-cpe:/a:huawei:euleros:libvirt-client", "p-cpe:/a:huawei:euleros:libvirt-libs", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2021-1456.NASL", "href": "https://www.tenable.com/plugins/nessus/147562", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147562);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/16\");\n\n script_cve_id(\n \"CVE-2020-25637\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : libvirt (EulerOS-SA-2021-1456)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libvirt packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - A double free memory issue was found to occur in the\n libvirt API, in versions before 6.8.0, responsible for\n requesting information about network interfaces of a\n running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting\n to the read-write socket with limited ACL permissions\n could use this flaw to crash the libvirt daemon,\n resulting in a denial of service, or potentially\n escalate their privileges on the system. The highest\n threat from this vulnerability is to data\n confidentiality and integrity as well as system\n availability.(CVE-2020-25637)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1456\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?db16b81b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvirt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libvirt-3.2.0-543\",\n \"libvirt-admin-3.2.0-543\",\n \"libvirt-client-3.2.0-543\",\n \"libvirt-libs-3.2.0-543\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:27", "description": "According to the version of the libvirt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - A double free memory issue was found to occur in the libvirt API responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver.\n Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.(CVE-2020-25637)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-03-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : libvirt (EulerOS-SA-2021-1526)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2021-03-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvirt", "p-cpe:/a:huawei:euleros:libvirt-admin", "p-cpe:/a:huawei:euleros:libvirt-client", "p-cpe:/a:huawei:euleros:libvirt-daemon", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-kvm", "p-cpe:/a:huawei:euleros:libvirt-devel", "p-cpe:/a:huawei:euleros:libvirt-docs", "p-cpe:/a:huawei:euleros:libvirt-libs", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2021-1526.NASL", "href": "https://www.tenable.com/plugins/nessus/147104", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147104);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/08\");\n\n script_cve_id(\n \"CVE-2020-25637\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : libvirt (EulerOS-SA-2021-1526)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libvirt packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - A double free memory issue was found to occur in the\n libvirt API responsible for requesting information\n about network interfaces of a running QEMU domain. This\n flaw affects the polkit access control driver.\n Specifically, clients connecting to the read-write\n socket with limited ACL permissions could use this flaw\n to crash the libvirt daemon, resulting in a denial of\n service, or potentially escalate their privileges on\n the system. The highest threat from this vulnerability\n is to data confidentiality and integrity as well as\n system availability.(CVE-2020-25637)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1526\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?56a287d5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvirt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libvirt-3.2.0-516\",\n \"libvirt-admin-3.2.0-516\",\n \"libvirt-client-3.2.0-516\",\n \"libvirt-daemon-3.2.0-516\",\n \"libvirt-daemon-config-network-3.2.0-516\",\n \"libvirt-daemon-config-nwfilter-3.2.0-516\",\n \"libvirt-daemon-driver-interface-3.2.0-516\",\n \"libvirt-daemon-driver-network-3.2.0-516\",\n \"libvirt-daemon-driver-nodedev-3.2.0-516\",\n \"libvirt-daemon-driver-nwfilter-3.2.0-516\",\n \"libvirt-daemon-driver-qemu-3.2.0-516\",\n \"libvirt-daemon-driver-secret-3.2.0-516\",\n \"libvirt-daemon-driver-storage-3.2.0-516\",\n \"libvirt-daemon-driver-storage-core-3.2.0-516\",\n \"libvirt-daemon-driver-storage-disk-3.2.0-516\",\n \"libvirt-daemon-driver-storage-iscsi-3.2.0-516\",\n \"libvirt-daemon-driver-storage-logical-3.2.0-516\",\n \"libvirt-daemon-driver-storage-mpath-3.2.0-516\",\n \"libvirt-daemon-driver-storage-scsi-3.2.0-516\",\n \"libvirt-daemon-kvm-3.2.0-516\",\n \"libvirt-devel-3.2.0-516\",\n \"libvirt-docs-3.2.0-516\",\n \"libvirt-libs-3.2.0-516\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:12:40", "description": "The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2020:5040-1 advisory.\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libvirt on SL7.x i686/x86_64 (2020:5040)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2020-11-24T00:00:00", "cpe": ["cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:libvirt", "p-cpe:/a:fermilab:scientific_linux:libvirt-admin", "p-cpe:/a:fermilab:scientific_linux:libvirt-bash-completion", "p-cpe:/a:fermilab:scientific_linux:libvirt-client", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-config-network", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-interface", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-network", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-secret", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-kvm", "p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-lxc", "p-cpe:/a:fermilab:scientific_linux:libvirt-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libvirt-devel", "p-cpe:/a:fermilab:scientific_linux:libvirt-docs", "p-cpe:/a:fermilab:scientific_linux:libvirt-libs", "p-cpe:/a:fermilab:scientific_linux:libvirt-lock-sanlock", "p-cpe:/a:fermilab:scientific_linux:libvirt-login-shell", "p-cpe:/a:fermilab:scientific_linux:libvirt-nss"], "id": "SL_20201110_LIBVIRT_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/142821", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142821);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/24\");\n\n script_cve_id(\"CVE-2020-25637\");\n script_xref(name:\"RHSA\", value:\"RHSA-2020:5040\");\n\n script_name(english:\"Scientific Linux Security Update : libvirt on SL7.x i686/x86_64 (2020:5040)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the\nSLSA-2020:5040-1 advisory.\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.scientificlinux.org/category/sl-errata/slsa-20205040-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fermilab:scientific_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libvirt-nss\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Scientific Linux' >!< release) audit(AUDIT_OS_NOT, 'Scientific Linux');\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Scientific Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Scientific Linux 7.x', 'Scientific Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Scientific Linux', cpu);\n\npkgs = [\n {'reference':'libvirt-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-admin-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-bash-completion-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-client-4.5.0-36.el7_9.3', 'cpu':'i686', 'release':'SL7'},\n {'reference':'libvirt-client-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-config-network-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-lxc-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-network-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-kvm-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-daemon-lxc-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-debuginfo-4.5.0-36.el7_9.3', 'cpu':'i686', 'release':'SL7'},\n {'reference':'libvirt-debuginfo-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-devel-4.5.0-36.el7_9.3', 'cpu':'i686', 'release':'SL7'},\n {'reference':'libvirt-devel-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-docs-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-libs-4.5.0-36.el7_9.3', 'cpu':'i686', 'release':'SL7'},\n {'reference':'libvirt-libs-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-lock-sanlock-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-login-shell-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'},\n {'reference':'libvirt-nss-4.5.0-36.el7_9.3', 'cpu':'i686', 'release':'SL7'},\n {'reference':'libvirt-nss-4.5.0-36.el7_9.3', 'cpu':'x86_64', 'release':'SL7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libvirt / libvirt-admin / libvirt-bash-completion / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:59", "description": "This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:3143-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15708", "CVE-2020-25637"], "modified": "2022-05-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-3143-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143851", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3143-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143851);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2020-15708\", \"CVE-2020-25637\");\n\n script_name(english:\"SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:3143-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in\nSUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces()\n(bsc#1177155).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15708/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25637/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203143-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?52633d8c\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-3143=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-3143=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-3143=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-3143=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-15708\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-client-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-client-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-config-network-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-config-nwfilter-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-interface-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-interface-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-lxc-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-network-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-network-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-nodedev-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-nwfilter-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-qemu-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-secret-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-secret-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-hooks-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-lxc-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-daemon-qemu-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-debugsource-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-doc-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-lock-sanlock-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-lock-sanlock-debuginfo-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-nss-2.0.0-27.64.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libvirt-nss-debuginfo-2.0.0-27.64.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:13:13", "description": "This update for libvirt fixes the following issues :\n\n - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955).\n\n - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155).\n\n - qemu: Avoid stale capabilities cache host CPU or kernel command line changes (bsc#1173157).\n\n - virdevmapper: Handle kernel without device-mapper support (bsc#1175465).\n\n - Xen: Added support for passing arbitrary commands to the qemu device model, similar to the xl.cfg(5) device_model_args setting (bsc#1174139).\n\n - Xen: Don't add dom0 twice on driver reload (bsc#1176430).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {}, "published": "2020-11-02T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libvirt (openSUSE-2020-1777)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15708", "CVE-2020-25637"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libvirt", "p-cpe:/a:novell:opensuse:libvirt-admin", "p-cpe:/a:novell:opensuse:libvirt-admin-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-bash-completion", "p-cpe:/a:novell:opensuse:libvirt-client", "p-cpe:/a:novell:opensuse:libvirt-client-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-client-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-network", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-hooks", "p-cpe:/a:novell:opensuse:libvirt-daemon-lxc", "p-cpe:/a:novell:opensuse:libvirt-daemon-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-xen", "p-cpe:/a:novell:opensuse:libvirt-debugsource", "p-cpe:/a:novell:opensuse:libvirt-devel", "p-cpe:/a:novell:opensuse:libvirt-devel-32bit", "p-cpe:/a:novell:opensuse:libvirt-libs", "p-cpe:/a:novell:opensuse:libvirt-libs-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-lock-sanlock", "p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-nss", "p-cpe:/a:novell:opensuse:libvirt-nss-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt", "p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt-debuginfo", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1777.NASL", "href": "https://www.tenable.com/plugins/nessus/142183", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1777.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142183);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-15708\", \"CVE-2020-25637\");\n\n script_name(english:\"openSUSE Security Update : libvirt (openSUSE-2020-1777)\");\n script_summary(english:\"Check for the openSUSE-2020-1777 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libvirt fixes the following issues :\n\n - CVE-2020-15708: Added a note to libvirtd.conf about\n polkit auth in SUSE distros (bsc#1174955).\n\n - CVE-2020-25637: Fixed a double free in\n qemuAgentGetInterfaces() (bsc#1177155).\n\n - qemu: Avoid stale capabilities cache host CPU or kernel\n command line changes (bsc#1173157).\n\n - virdevmapper: Handle kernel without device-mapper\n support (bsc#1175465).\n\n - Xen: Added support for passing arbitrary commands to the\n qemu device model, similar to the xl.cfg(5)\n device_model_args setting (bsc#1174139).\n\n - Xen: Don't add dom0 twice on driver reload\n (bsc#1176430).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1175465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1176430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1177155\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libvirt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-admin-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-admin-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-bash-completion-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-client-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-client-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-config-network-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-config-nwfilter-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-interface-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-interface-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-lxc-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-lxc-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-network-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-network-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-nodedev-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-nwfilter-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-qemu-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-qemu-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-secret-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-secret-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-core-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-disk-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-gluster-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-gluster-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-iscsi-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-logical-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-mpath-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-scsi-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-hooks-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-lxc-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-daemon-qemu-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-debugsource-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-devel-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-libs-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-libs-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-lock-sanlock-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-lock-sanlock-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-nss-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libvirt-nss-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-plugin-libvirt-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-plugin-libvirt-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libvirt-client-32bit-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-6.0.0-lp152.9.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libvirt-devel-32bit-6.0.0-lp152.9.6.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-admin / libvirt-admin-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:12", "description": "This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155).\n\nqemu: Adjust max memlock on mdev hotplug (bsc#1177480).\n\nXen: Don't add dom0 twice on driver reload (bsc#1176430).\n\nvirdevmapper: Handle kernel without device-mapper support (bsc#1175465).\n\nFixed an issue where building was failing (bsc#1175574).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2020:3037-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15708", "CVE-2020-25637"], "modified": "2022-05-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-devel", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3037-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143649", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3037-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143649);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2020-15708\", \"CVE-2020-25637\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2020:3037-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in\nSUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces()\n(bsc#1177155).\n\nqemu: Adjust max memlock on mdev hotplug (bsc#1177480).\n\nXen: Don't add dom0 twice on driver reload (bsc#1176430).\n\nvirdevmapper: Handle kernel without device-mapper support\n(bsc#1175465).\n\nFixed an issue where building was failing (bsc#1175574).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1175465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1175574\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1176430\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177480\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15708/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25637/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203037-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d7ba527d\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Server-Applications-15-SP1-2020-3037=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-3037=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-15708\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-admin-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-admin-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-client-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-client-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-config-network-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-config-nwfilter-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-interface-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-interface-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-lxc-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-lxc-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-network-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-network-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-nodedev-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-nwfilter-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-qemu-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-qemu-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-secret-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-secret-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-core-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-disk-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-iscsi-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-logical-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-mpath-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-scsi-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-hooks-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-lxc-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-daemon-qemu-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-debugsource-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-devel-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-libs-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-libs-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-lock-sanlock-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-lock-sanlock-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-nss-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libvirt-nss-debuginfo-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libvirt-debugsource-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libvirt-libs-5.1.0-8.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libvirt-libs-debuginfo-5.1.0-8.24.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:49", "description": "This update for libvirt fixes the following issues :\n\n - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955).\n CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:3095-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15708", "CVE-2020-25637"], "modified": "2022-05-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical"], "id": "SUSE_SU-2020-3095-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143635", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3095-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143635);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2020-15708\", \"CVE-2020-25637\");\n\n script_name(english:\"SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:3095-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for libvirt fixes the following issues :\n\n - CVE-2020-15708: Added a note to libvirtd.conf about\n polkit auth in SUSE distros (bsc#1174955).\n CVE-2020-25637: Fixed a double free in\n qemuAgentGetInterfaces() (bsc#1177155).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15708/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25637/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203095-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8171aa87\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-3095=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-3095=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-3095=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-3095=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-3095=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-3095=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-3095=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-15708\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-admin-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-admin-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-client-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-client-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-config-network-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-config-nwfilter-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-interface-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-interface-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-lxc-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-lxc-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-network-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-network-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-nodedev-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-nwfilter-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-qemu-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-qemu-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-secret-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-secret-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-core-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-disk-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-iscsi-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-logical-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-mpath-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-scsi-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-hooks-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-lxc-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-qemu-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-debugsource-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-doc-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-libs-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-libs-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-lock-sanlock-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-lock-sanlock-debuginfo-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-nss-3.3.0-5.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-nss-debuginfo-3.3.0-5.46.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:52", "description": "This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155).\n\nlibxl: Fixed lock manager lock ordering (bsc#1171701).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : libvirt (SUSE-SU-2020:2969-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15708", "CVE-2020-25637"], "modified": "2022-05-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-devel", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-2969-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143850", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2969-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143850);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2020-15708\", \"CVE-2020-25637\");\n\n script_name(english:\"SUSE SLES15 Security Update : libvirt (SUSE-SU-2020:2969-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in\nSUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces()\n(bsc#1177155).\n\nlibxl: Fixed lock manager lock ordering (bsc#1171701).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15708/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25637/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202969-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8bb3855f\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-2969=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2020-2969=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-2969=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-2969=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-15708\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"s390x\") audit(AUDIT_ARCH_NOT, \"s390x\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-admin-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-admin-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-client-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-client-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-config-network-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-config-nwfilter-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-interface-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-interface-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-lxc-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-lxc-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-network-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-network-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-nodedev-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-nwfilter-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-qemu-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-qemu-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-secret-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-secret-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-core-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-disk-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-iscsi-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-logical-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-mpath-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-scsi-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-hooks-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-lxc-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-daemon-qemu-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-debugsource-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-devel-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-doc-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-libs-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-libs-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-lock-sanlock-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-lock-sanlock-debuginfo-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-nss-4.0.0-9.35.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libvirt-nss-debuginfo-4.0.0-9.35.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:13", "description": "This update for libvirt fixes the following issues :\n\n	 - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955).\n\n - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155).\n\n - qemu: Adjust max memlock on mdev hotplug (bsc#1177480).\n\n - Xen: Don't add dom0 twice on driver reload (bsc#1176430).\n\n - virdevmapper: Handle kernel without device-mapper support (bsc#1175465).\n\n - Fixed an issue where building was failing (bsc#1175574).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {}, "published": "2020-11-02T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libvirt (openSUSE-2020-1778)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15708", "CVE-2020-25637"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libvirt", "p-cpe:/a:novell:opensuse:libvirt-admin", "p-cpe:/a:novell:opensuse:libvirt-admin-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-bash-completion", "p-cpe:/a:novell:opensuse:libvirt-client", "p-cpe:/a:novell:opensuse:libvirt-client-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-network", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-hooks", "p-cpe:/a:novell:opensuse:libvirt-daemon-lxc", "p-cpe:/a:novell:opensuse:libvirt-daemon-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-xen", "p-cpe:/a:novell:opensuse:libvirt-debugsource", "p-cpe:/a:novell:opensuse:libvirt-devel", "p-cpe:/a:novell:opensuse:libvirt-libs", "p-cpe:/a:novell:opensuse:libvirt-libs-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-lock-sanlock", "p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-nss", "p-cpe:/a:novell:opensuse:libvirt-nss-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt", "p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1778.NASL", "href": "https://www.tenable.com/plugins/nessus/142188", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1778.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142188);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-15708\", \"CVE-2020-25637\");\n\n script_name(english:\"openSUSE Security Update : libvirt (openSUSE-2020-1778)\");\n script_summary(english:\"Check for the openSUSE-2020-1778 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libvirt fixes the following issues :\n\n	 - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth\nin SUSE distros (bsc#1174955).\n\n - CVE-2020-25637: Fixed a double free in\n qemuAgentGetInterfaces() (bsc#1177155).\n\n - qemu: Adjust max memlock on mdev hotplug (bsc#1177480).\n\n - Xen: Don't add dom0 twice on driver reload\n (bsc#1176430).\n\n - virdevmapper: Handle kernel without device-mapper\n support (bsc#1175465).\n\n - Fixed an issue where building was failing (bsc#1175574).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1175465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1175574\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1176430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1177155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1177480\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libvirt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-admin-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-admin-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-bash-completion-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-client-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-client-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-config-network-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-config-nwfilter-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-interface-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-interface-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-libxl-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-libxl-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-lxc-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-lxc-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-network-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-network-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-nodedev-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-nwfilter-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-qemu-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-qemu-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-secret-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-secret-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-core-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-disk-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-gluster-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-gluster-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-iscsi-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-logical-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-mpath-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-rbd-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-scsi-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-hooks-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-lxc-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-qemu-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-daemon-xen-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-debugsource-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-devel-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-libs-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-libs-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-lock-sanlock-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-lock-sanlock-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-nss-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libvirt-nss-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-plugin-libvirt-5.1.0-lp151.7.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-plugin-libvirt-debuginfo-5.1.0-lp151.7.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-admin / libvirt-admin-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:29", "description": "This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155).\n\nqemu: Adjust max memlock on mdev hotplug (bsc#1177480).\n\nXen: Don't add dom0 twice on driver reload (bsc#1176430).\n\nFixed an issue where building was failing (bsc#1175574).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:3039-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15708", "CVE-2020-25637"], "modified": "2022-05-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-3039-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143759", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3039-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143759);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2020-15708\", \"CVE-2020-25637\");\n\n script_name(english:\"SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:3039-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in\nSUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces()\n(bsc#1177155).\n\nqemu: Adjust max memlock on mdev hotplug (bsc#1177480).\n\nXen: Don't add dom0 twice on driver reload (bsc#1176430).\n\nFixed an issue where building was failing (bsc#1175574).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1175574\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1176430\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177480\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15708/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25637/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203039-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e70de171\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2020-3039=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3039=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-15708\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-admin-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-admin-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-client-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-client-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-config-network-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-config-nwfilter-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-interface-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-interface-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-lxc-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-lxc-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-network-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-network-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-nodedev-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-nwfilter-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-qemu-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-qemu-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-secret-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-secret-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-core-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-disk-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-iscsi-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-logical-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-mpath-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-scsi-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-hooks-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-lxc-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-daemon-qemu-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-debugsource-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-doc-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-libs-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-libs-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-lock-sanlock-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-lock-sanlock-debuginfo-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-nss-5.1.0-13.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libvirt-nss-debuginfo-5.1.0-13.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:31", "description": "This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155).\n\nqemu: Avoid stale capabilities cache host CPU or kernel command line changes (bsc#1173157).\n\nvirdevmapper: Handle kernel without device-mapper support (bsc#1175465).\n\nXen: Added support for passing arbitrary commands to the qemu device model, similar to the xl.cfg(5) device_model_args setting (bsc#1174139).\n\nXen: Don't add dom0 twice on driver reload (bsc#1176430).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2020:2970-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15708", "CVE-2020-25637"], "modified": "2022-05-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-devel", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-2970-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143884", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2970-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143884);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2020-15708\", \"CVE-2020-25637\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2020:2970-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in\nSUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces()\n(bsc#1177155).\n\nqemu: Avoid stale capabilities cache host CPU or kernel command line\nchanges (bsc#1173157).\n\nvirdevmapper: Handle kernel without device-mapper support\n(bsc#1175465).\n\nXen: Added support for passing arbitrary commands to the qemu device\nmodel, similar to the xl.cfg(5) device_model_args setting\n(bsc#1174139).\n\nXen: Don't add dom0 twice on driver reload (bsc#1176430).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173157\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174139\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1175465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1176430\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15708/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25637/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202970-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8487243f\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Server-Applications-15-SP2-2020-2970=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-2970=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-15708\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-admin-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-admin-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-client-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-client-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-config-network-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-config-nwfilter-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-interface-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-interface-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-lxc-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-lxc-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-network-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-network-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-nodedev-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-nwfilter-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-qemu-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-qemu-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-secret-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-secret-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-core-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-disk-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-iscsi-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-logical-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-mpath-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-scsi-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-hooks-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-lxc-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-daemon-qemu-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-debugsource-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-devel-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-libs-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-libs-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-lock-sanlock-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-lock-sanlock-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-nss-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libvirt-nss-debuginfo-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libvirt-debugsource-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libvirt-libs-6.0.0-13.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libvirt-libs-debuginfo-6.0.0-13.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:31", "description": "This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155).\n\nlibxl: Fixed lock manager lock ordering (bsc#1171701).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:3038-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15708", "CVE-2020-25637"], "modified": "2022-05-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-nss", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo"], "id": "SUSE_SU-2020-3038-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143827", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3038-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143827);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\"CVE-2020-15708\", \"CVE-2020-25637\");\n\n script_name(english:\"SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:3038-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for libvirt fixes the following issues :\n\nCVE-2020-15708: Added a note to libvirtd.conf about polkit auth in\nSUSE distros (bsc#1174955).\n\nCVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces()\n(bsc#1177155).\n\nlibxl: Fixed lock manager lock ordering (bsc#1171701).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15708/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25637/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203038-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cc39a027\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-3038=1\n\nSUSE OpenStack Cloud 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-9-2020-3038=1\n\nSUSE Linux Enterprise Server for SAP 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP4-2020-3038=1\n\nSUSE Linux Enterprise Server 12-SP4-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2020-3038=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-15708\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-admin-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-admin-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-client-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-client-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-config-network-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-config-nwfilter-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-interface-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-interface-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-lxc-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-lxc-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-network-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-network-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-nodedev-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-nwfilter-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-qemu-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-qemu-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-secret-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-secret-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-core-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-disk-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-iscsi-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-logical-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-mpath-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-scsi-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-hooks-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-lxc-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-qemu-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-debugsource-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-doc-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-libs-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-libs-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-lock-sanlock-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-lock-sanlock-debuginfo-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-nss-4.0.0-8.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-nss-debuginfo-4.0.0-8.23.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:07", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5111 advisory.\n\n - QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-18T00:00:00", "type": "nessus", "title": "RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2020:5111)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16092", "CVE-2020-25637"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:slof", "p-cpe:/a:redhat:enterprise_linux:hivex", "p-cpe:/a:redhat:enterprise_linux:libiscsi-devel", "p-cpe:/a:redhat:enterprise_linux:libiscsi-utils", "p-cpe:/a:redhat:enterprise_linux:libnbd", "p-cpe:/a:redhat:enterprise_linux:libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:libtpms", "p-cpe:/a:redhat:enterprise_linux:libtpms-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-admin", "p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:hivex-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs", "p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking", "p-cpe:/a:redhat:enterprise_linux:libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c", "p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport", "p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs", "p-cpe:/a:redhat:enterprise_linux:libiscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss", "p-cpe:/a:redhat:enterprise_linux:lua-guestfs", "p-cpe:/a:redhat:enterprise_linux:nbdfuse", "p-cpe:/a:redhat:enterprise_linux:nbdkit", "p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-devel", "p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-server", "p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter", "p-cpe:/a:redhat:enterprise_linux:netcf", "p-cpe:/a:redhat:enterprise_linux:netcf-devel", "p-cpe:/a:redhat:enterprise_linux:netcf-libs", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:perl-sys-guestfs", "p-cpe:/a:redhat:enterprise_linux:perl-sys-virt", "p-cpe:/a:redhat:enterprise_linux:perl-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-libguestfs", "p-cpe:/a:redhat:enterprise_linux:python3-libnbd", "p-cpe:/a:redhat:enterprise_linux:python3-libvirt", "p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi", "p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent", "p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-dbus", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests", "p-cpe:/a:redhat:enterprise_linux:ruby-hivex", "p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs", "p-cpe:/a:redhat:enterprise_linux:seabios", "p-cpe:/a:redhat:enterprise_linux:seabios-bin", "p-cpe:/a:redhat:enterprise_linux:seavgabios-bin", "p-cpe:/a:redhat:enterprise_linux:sgabios", "p-cpe:/a:redhat:enterprise_linux:sgabios-bin", "p-cpe:/a:redhat:enterprise_linux:supermin", "p-cpe:/a:redhat:enterprise_linux:supermin-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm", "p-cpe:/a:redhat:enterprise_linux:swtpm-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm-libs", "p-cpe:/a:redhat:enterprise_linux:swtpm-tools", "p-cpe:/a:redhat:enterprise_linux:virglrenderer", "p-cpe:/a:redhat:enterprise_linux:virglrenderer-devel", "p-cpe:/a:redhat:enterprise_linux:virglrenderer-test-server", "p-cpe:/a:redhat:enterprise_linux:virt-dib", "p-cpe:/a:redhat:enterprise_linux:virt-v2v"], "id": "REDHAT-RHSA-2020-5111.NASL", "href": "https://www.tenable.com/plugins/nessus/142982", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:5111. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142982);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2020-16092\", \"CVE-2020-25637\");\n script_xref(name:\"RHSA\", value:\"2020:5111\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n\n script_name(english:\"RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2020:5111)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:5111 advisory.\n\n - QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-16092\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25637\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:5111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860283\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1881037\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(415, 416, 617);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virglrenderer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virglrenderer-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virglrenderer-test-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'virt-devel:8.2': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.2.0+5590+82cd80df', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.7.0-1.20191018gitdc116933b7.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.7.0-1.20191018gitdc116933b7.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module+el8.2.0+5588+63a201c3', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.2.0+5488+267def79', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.2.0+5453+31b2b136', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'swtpm-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virglrenderer-0.8.2-1.module+el8.2.0+5777+d9c2af8c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virglrenderer-devel-0.8.2-1.module+el8.2.0+5777+d9c2af8c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virglrenderer-test-server-0.8.2-1.module+el8.2.0+5777+d9c2af8c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ],\n 'virt:8.2': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-24.module+el8.2.1+7154+47ffd890', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-24.module+el8.2.1+7154+47ffd890', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-pyvmomi-6.7.1-7.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-29.module+el8.2.1+8442+7a3eadf7.5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.2.1+7284+aa32a2c4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.2.1+7284+aa32a2c4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.2.1+7284+aa32a2c4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module+el8.2.0+5449+efc036dd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-24.module+el8.2.1+7154+47ffd890', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:8.2 / virt:8.2');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:56", "description": "According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.(CVE-2020-25637)\n\n - A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.(CVE-2020-14339)\n\n - An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unprivileged users with a read-only connection to cause a memory leak in the domstats command, resulting in a potential denial of service.(CVE-2020-12430)\n\n - An information disclosure vulnerability was found in libvirt. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain.\n This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.(CVE-2020-14301)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : libvirt (EulerOS-SA-2021-1631)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-12430", "CVE-2020-14301", "CVE-2020-14339", "CVE-2020-25637"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvirt", "p-cpe:/a:huawei:euleros:libvirt-admin", "p-cpe:/a:huawei:euleros:libvirt-client", "p-cpe:/a:huawei:euleros:libvirt-daemon", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-kvm", "p-cpe:/a:huawei:euleros:libvirt-devel", "p-cpe:/a:huawei:euleros:libvirt-docs", "p-cpe:/a:huawei:euleros:libvirt-libs", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2021-1631.NASL", "href": "https://www.tenable.com/plugins/nessus/147481", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147481);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-12430\",\n \"CVE-2020-14301\",\n \"CVE-2020-14339\",\n \"CVE-2020-25637\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : libvirt (EulerOS-SA-2021-1631)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libvirt packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A double free memory issue was found to occur in the\n libvirt API, in versions before 6.8.0, responsible for\n requesting information about network interfaces of a\n running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting\n to the read-write socket with limited ACL permissions\n could use this flaw to crash the libvirt daemon,\n resulting in a denial of service, or potentially\n escalate their privileges on the system. The highest\n threat from this vulnerability is to data\n confidentiality and integrity as well as system\n availability.(CVE-2020-25637)\n\n - A flaw was found in libvirt, where it leaked a file\n descriptor for `/dev/mapper/control` into the QEMU\n process. This file descriptor allows for privileged\n operations to happen against the device-mapper on the\n host. This flaw allows a malicious guest user or\n process to perform operations outside of their standard\n permissions, potentially causing serious damage to the\n host operating system. The highest threat from this\n vulnerability is to confidentiality, integrity, as well\n as system availability.(CVE-2020-14339)\n\n - An issue was discovered in qemuDomainGetStatsIOThread\n in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x\n before 6.1.0. A memory leak was found in the\n virDomainListGetStats libvirt API that is responsible\n for retrieving domain statistics when managing QEMU\n guests. This flaw allows unprivileged users with a\n read-only connection to cause a memory leak in the\n domstats command, resulting in a potential denial of\n service.(CVE-2020-12430)\n\n - An information disclosure vulnerability was found in\n libvirt. HTTP cookies used to access network-based\n disks were saved in the XML dump of the guest domain.\n This flaw allows an attacker to access potentially\n sensitive information in the domain configuration via\n the `dumpxml` command.(CVE-2020-14301)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1631\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0ec98516\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvirt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-14339\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libvirt-6.2.0-2.9.1.2.197\",\n \"libvirt-6.2.0-2.9.1.2.197.src\",\n \"libvirt-admin-6.2.0-2.9.1.2.197\",\n \"libvirt-client-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-config-network-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-config-nwfilter-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-interface-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-network-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-nodedev-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-nwfilter-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-qemu-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-secret-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-core-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-disk-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-iscsi-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-logical-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-mpath-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-scsi-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-kvm-6.2.0-2.9.1.2.197\",\n \"libvirt-devel-6.2.0-2.9.1.2.197\",\n \"libvirt-docs-6.2.0-2.9.1.2.197\",\n \"libvirt-libs-6.2.0-2.9.1.2.197\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:49", "description": "According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.(CVE-2020-25637)\n\n - A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.(CVE-2020-14339)\n\n - An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unprivileged users with a read-only connection to cause a memory leak in the domstats command, resulting in a potential denial of service.(CVE-2020-12430)\n\n - An information disclosure vulnerability was found in libvirt. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain.\n This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.(CVE-2020-14301)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-03-11T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : libvirt (EulerOS-SA-2021-1666)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-12430", "CVE-2020-14301", "CVE-2020-14339", "CVE-2020-25637"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvirt", "p-cpe:/a:huawei:euleros:libvirt-admin", "p-cpe:/a:huawei:euleros:libvirt-client", "p-cpe:/a:huawei:euleros:libvirt-daemon", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-kvm", "p-cpe:/a:huawei:euleros:libvirt-devel", "p-cpe:/a:huawei:euleros:libvirt-docs", "p-cpe:/a:huawei:euleros:libvirt-libs", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2021-1666.NASL", "href": "https://www.tenable.com/plugins/nessus/147678", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147678);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-12430\",\n \"CVE-2020-14301\",\n \"CVE-2020-14339\",\n \"CVE-2020-25637\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : libvirt (EulerOS-SA-2021-1666)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libvirt packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A double free memory issue was found to occur in the\n libvirt API, in versions before 6.8.0, responsible for\n requesting information about network interfaces of a\n running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting\n to the read-write socket with limited ACL permissions\n could use this flaw to crash the libvirt daemon,\n resulting in a denial of service, or potentially\n escalate their privileges on the system. The highest\n threat from this vulnerability is to data\n confidentiality and integrity as well as system\n availability.(CVE-2020-25637)\n\n - A flaw was found in libvirt, where it leaked a file\n descriptor for `/dev/mapper/control` into the QEMU\n process. This file descriptor allows for privileged\n operations to happen against the device-mapper on the\n host. This flaw allows a malicious guest user or\n process to perform operations outside of their standard\n permissions, potentially causing serious damage to the\n host operating system. The highest threat from this\n vulnerability is to confidentiality, integrity, as well\n as system availability.(CVE-2020-14339)\n\n - An issue was discovered in qemuDomainGetStatsIOThread\n in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x\n before 6.1.0. A memory leak was found in the\n virDomainListGetStats libvirt API that is responsible\n for retrieving domain statistics when managing QEMU\n guests. This flaw allows unprivileged users with a\n read-only connection to cause a memory leak in the\n domstats command, resulting in a potential denial of\n service.(CVE-2020-12430)\n\n - An information disclosure vulnerability was found in\n libvirt. HTTP cookies used to access network-based\n disks were saved in the XML dump of the guest domain.\n This flaw allows an attacker to access potentially\n sensitive information in the domain configuration via\n the `dumpxml` command.(CVE-2020-14301)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1666\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5bb1743c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvirt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-14339\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libvirt-6.2.0-2.9.1.2.197\",\n \"libvirt-admin-6.2.0-2.9.1.2.197\",\n \"libvirt-client-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-config-network-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-config-nwfilter-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-interface-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-network-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-nodedev-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-nwfilter-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-qemu-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-secret-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-core-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-disk-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-iscsi-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-logical-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-mpath-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-driver-storage-scsi-6.2.0-2.9.1.2.197\",\n \"libvirt-daemon-kvm-6.2.0-2.9.1.2.197\",\n \"libvirt-devel-6.2.0-2.9.1.2.197\",\n \"libvirt-docs-6.2.0-2.9.1.2.197\",\n \"libvirt-libs-6.2.0-2.9.1.2.197\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:35:40", "description": "The remote host is affected by the vulnerability described in GLSA-202210-06 (libvirt: Multiple Vulnerabilities)\n\n - A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-14339)\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.\n (CVE-2021-3631)\n\n - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. (CVE-2021-3667)\n\n - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd). (CVE-2022-0897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-16T00:00:00", "type": "nessus", "title": "GLSA-202210-06 : libvirt: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14339", "CVE-2020-25637", "CVE-2021-3631", "CVE-2021-3667", "CVE-2022-0897"], "modified": "2022-10-16T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libvirt", "p-cpe:/a:gentoo:linux:libvirt-python", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202210-06.NASL", "href": "https://www.tenable.com/plugins/nessus/166166", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202210-06.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166166);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/16\");\n\n script_cve_id(\n \"CVE-2020-14339\",\n \"CVE-2020-25637\",\n \"CVE-2021-3631\",\n \"CVE-2021-3667\",\n \"CVE-2022-0897\"\n );\n\n script_name(english:\"GLSA-202210-06 : libvirt: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202210-06 (libvirt: Multiple Vulnerabilities)\n\n - A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU\n process. This file descriptor allows for privileged operations to happen against the device-mapper on the\n host. This flaw allows a malicious guest user or process to perform operations outside of their standard\n permissions, potentially causing serious damage to the host operating system. The highest threat from this\n vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-14339)\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible\n for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or\n potentially escalate their privileges on the system. The highest threat from this vulnerability is to data\n confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This\n flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out\n of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.\n (CVE-2021-3631)\n\n - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in\n the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly\n released on ACL permission failure. Clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to acquire the lock and prevent other users from accessing storage\n pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability\n is to system availability. (CVE-2021-3667)\n\n - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to\n acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no\n protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw\n allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to\n crash the network filter management daemon (libvirtd/virtnwfilterd). (CVE-2022-0897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202210-06\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=746119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=799713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=812317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=836128\");\n script_set_attribute(attribute:\"solution\", value:\n\"All libvirt users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=app-emulation/libvirt-8.2.0\n \nAll libvirt-python users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=dev-python/libvirt-python-8.2.0\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-14339\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libvirt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : \"app-emulation/libvirt\",\n 'unaffected' : make_list(\"ge 8.2.0\", \"lt 8.0.0\"),\n 'vulnerable' : make_list(\"lt 8.2.0\")\n },\n {\n 'name' : \"dev-python/libvirt-python\",\n 'unaffected' : make_list(\"ge 8.2.0\", \"lt 8.0.0\"),\n 'vulnerable' : make_list(\"lt 8.2.0\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n# This plugin has a different number of unaffected and vulnerable versions for\n# one or more packages. To ensure proper detection, a separate line should be \n# used for each fixed/vulnerable version pair.\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-11T14:39:44", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5399-1 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.\n (CVE-2021-3631)\n\n - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. (CVE-2021-3667)\n\n - A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition. (CVE-2021-4147)\n\n - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the `driver->nwfilters` mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the `driver->nwfilters` object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd). (CVE-2022-0897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 21.10 : libvirt vulnerabilities (USN-5399-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25637", "CVE-2021-3631", "CVE-2021-3667", "CVE-2021-3975", "CVE-2021-4147", "CVE-2022-0897"], "modified": "2023-07-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.10", "p-cpe:/a:canonical:ubuntu_linux:libnss-libvirt", "p-cpe:/a:canonical:ubuntu_linux:libvirt-bin", "p-cpe:/a:canonical:ubuntu_linux:libvirt-clients", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-config-network", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-sheepdog", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-zfs", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-vbox", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-xen", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-system", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-system-systemd", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-system-sysv", "p-cpe:/a:canonical:ubuntu_linux:libvirt-dev", "p-cpe:/a:canonical:ubuntu_linux:libvirt-login-shell", "p-cpe:/a:canonical:ubuntu_linux:libvirt-sanlock", "p-cpe:/a:canonical:ubuntu_linux:libvirt-wireshark", "p-cpe:/a:canonical:ubuntu_linux:libvirt0"], "id": "UBUNTU_USN-5399-1.NASL", "href": "https://www.tenable.com/plugins/nessus/160444", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5399-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160444);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/10\");\n\n script_cve_id(\n \"CVE-2020-25637\",\n \"CVE-2021-3631\",\n \"CVE-2021-3667\",\n \"CVE-2021-3975\",\n \"CVE-2021-4147\",\n \"CVE-2022-0897\"\n );\n script_xref(name:\"USN\", value:\"5399-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 21.10 : libvirt vulnerabilities (USN-5399-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5399-1 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible\n for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or\n potentially escalate their privileges on the system. The highest threat from this vulnerability is to data\n confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This\n flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out\n of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.\n (CVE-2021-3631)\n\n - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in\n the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly\n released on ACL permission failure. Clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to acquire the lock and prevent other users from accessing storage\n pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability\n is to system availability. (CVE-2021-3667)\n\n - A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause\n libvirtd on the host to deadlock or crash, resulting in a denial of service condition. (CVE-2021-4147)\n\n - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to\n acquire the `driver->nwfilters` mutex before iterating over virNWFilterObj instances. There was no\n protection to stop another thread from concurrently modifying the `driver->nwfilters` object. This flaw\n allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to\n crash the network filter management daemon (libvirtd/virtnwfilterd). (CVE-2022-0897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5399-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-sheepdog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-storage-zfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-vbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-driver-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-system\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-system-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon-system-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release || '20.04' >< os_release || '21.10' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 21.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'libnss-libvirt', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-bin', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-clients', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-daemon', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-daemon-driver-storage-gluster', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-daemon-driver-storage-rbd', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-daemon-driver-storage-sheepdog', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-daemon-driver-storage-zfs', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-daemon-system', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-dev', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-sanlock', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt-wireshark', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '18.04', 'pkgname': 'libvirt0', 'pkgver': '4.0.0-1ubuntu8.21'},\n {'osver': '20.04', 'pkgname': 'libnss-libvirt', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-clients', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-driver-lxc', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-driver-qemu', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-driver-storage-gluster', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-driver-storage-rbd', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-driver-storage-zfs', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-driver-vbox', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-driver-xen', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-system', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-system-systemd', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-daemon-system-sysv', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-dev', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-sanlock', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt-wireshark', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '20.04', 'pkgname': 'libvirt0', 'pkgver': '6.0.0-0ubuntu8.16'},\n {'osver': '21.10', 'pkgname': 'libnss-libvirt', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-clients', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-config-network', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-config-nwfilter', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-driver-lxc', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-driver-qemu', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-driver-storage-gluster', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-driver-storage-iscsi-direct', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-driver-storage-rbd', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-driver-storage-zfs', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-driver-vbox', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-driver-xen', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-system', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-system-systemd', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-daemon-system-sysv', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-dev', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-login-shell', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-sanlock', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt-wireshark', 'pkgver': '7.6.0-0ubuntu1.2'},\n {'osver': '21.10', 'pkgname': 'libvirt0', 'pkgver': '7.6.0-0ubuntu1.2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libnss-libvirt / libvirt-bin / libvirt-clients / libvirt-daemon / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:21", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1762 advisory.\n\n - iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. (CVE-2020-11947)\n\n - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c. (CVE-2020-16092)\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916 (CVE-2020-25707)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service. (CVE-2020-25723)\n\n - A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.\n This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial of service. This flaw affects QEMU versions prior to 5.2.0. (CVE-2020-27821)\n\n - hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.\n (CVE-2020-28916)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. (CVE-2020-29443)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2021:1762)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11947", "CVE-2020-16092", "CVE-2020-25637", "CVE-2020-25707", "CVE-2020-25723", "CVE-2020-27821", "CVE-2020-28916", "CVE-2020-29129", "CVE-2020-29130", "CVE-2020-29443"], "modified": "2022-11-21T00:00:00", "cpe": ["p-cpe:/a:alma:linux:hivex", "p-cpe:/a:alma:linux:hivex-devel", "p-cpe:/a:alma:linux:libguestfs-winsupport", "p-cpe:/a:alma:linux:libiscsi", "p-cpe:/a:alma:linux:libiscsi-devel", "p-cpe:/a:alma:linux:libiscsi-utils", "p-cpe:/a:alma:linux:libnbd", "p-cpe:/a:alma:linux:libnbd-devel", "p-cpe:/a:alma:linux:libvirt-dbus", "p-cpe:/a:alma:linux:nbdfuse", "p-cpe:/a:alma:linux:netcf", "p-cpe:/a:alma:linux:netcf-devel", "p-cpe:/a:alma:linux:netcf-libs", "p-cpe:/a:alma:linux:ocaml-hivex", "p-cpe:/a:alma:linux:ocaml-hivex-devel", "p-cpe:/a:alma:linux:ocaml-libguestfs", "p-cpe:/a:alma:linux:ocaml-libguestfs-devel", "p-cpe:/a:alma:linux:ocaml-libnbd", "p-cpe:/a:alma:linux:ocaml-libnbd-devel", "p-cpe:/a:alma:linux:perl-sys-virt", "p-cpe:/a:alma:linux:perl-hivex", "p-cpe:/a:alma:linux:python3-hivex", "p-cpe:/a:alma:linux:python3-libnbd", "p-cpe:/a:alma:linux:python3-libvirt", "p-cpe:/a:alma:linux:ruby-hivex", "p-cpe:/a:alma:linux:sgabios", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2021-1762.NASL", "href": "https://www.tenable.com/plugins/nessus/157696", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2021:1762.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157696);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\n \"CVE-2020-11947\",\n \"CVE-2020-16092\",\n \"CVE-2020-25637\",\n \"CVE-2020-25707\",\n \"CVE-2020-25723\",\n \"CVE-2020-27821\",\n \"CVE-2020-28916\",\n \"CVE-2020-29129\",\n \"CVE-2020-29130\",\n \"CVE-2020-29443\"\n );\n script_xref(name:\"ALSA\", value:\"2021:1762\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2021:1762)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2021:1762 advisory.\n\n - iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose\n unrelated information from process memory to an attacker. (CVE-2020-11947)\n\n - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects\n the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the\n QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in\n hw/net/net_tx_pkt.c. (CVE-2020-16092)\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible\n for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or\n potentially escalate their privileges on the system. The highest threat from this vulnerability is to data\n confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916\n (CVE-2020-25707)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while\n processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user\n within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host,\n resulting in a denial of service. (CVE-2020-25723)\n\n - A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.\n This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO\n operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial\n of service. This flaw affects QEMU versions prior to 5.2.0. (CVE-2020-27821)\n\n - hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.\n (CVE-2020-28916)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer\n index is not validated. (CVE-2020-29443)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2021-1762.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar module_ver = get_kb_item('Host/AlmaLinux/appstream/virt-devel');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\nif ('rhel' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt-devel:' + module_ver);\n\nvar appstreams = {\n 'virt-devel:rhel': [\n {'reference':'hivex-1.3.18-20.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module_el8.3.0+2048+e7a0a3ea', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module_el8.3.0+2048+e7a0a3ea', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module_el8.4.0+2358+630e803b.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module_el8.4.0+2358+630e803b.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-20.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hivex / hivex-devel / libguestfs-winsupport / libiscsi / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:30", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1762 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. (CVE-2020-11947)\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. (CVE-2020-29443)\n\n - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c. (CVE-2020-16092)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.\n (CVE-2020-28916)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service. (CVE-2020-25723)\n\n - A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.\n This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial of service. This flaw affects QEMU versions prior to 5.2.0. (CVE-2020-27821)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916 (CVE-2020-25707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2021-1762)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11947", "CVE-2020-16092", "CVE-2020-25637", "CVE-2020-25707", "CVE-2020-25723", "CVE-2020-27821", "CVE-2020-28916", "CVE-2020-29129", "CVE-2020-29130", "CVE-2020-29443"], "modified": "2022-11-21T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:hivex", "p-cpe:/a:oracle:linux:libguestfs-devel", "p-cpe:/a:oracle:linux:libguestfs-gfs2", "p-cpe:/a:oracle:linux:hivex-devel", "p-cpe:/a:oracle:linux:libguestfs-gobject", "p-cpe:/a:oracle:linux:libguestfs", "p-cpe:/a:oracle:linux:libguestfs-gobject-devel", "p-cpe:/a:oracle:linux:libguestfs-inspect-icons", "p-cpe:/a:oracle:linux:libguestfs-bash-completion", "p-cpe:/a:oracle:linux:libguestfs-java", "p-cpe:/a:oracle:linux:libguestfs-java-devel", "p-cpe:/a:oracle:linux:libguestfs-benchmarking", "p-cpe:/a:oracle:linux:libguestfs-javadoc", "p-cpe:/a:oracle:linux:libguestfs-man-pages-ja", "p-cpe:/a:oracle:linux:libguestfs-man-pages-uk", "p-cpe:/a:oracle:linux:libguestfs-rescue", "p-cpe:/a:oracle:linux:libguestfs-rsync", "p-cpe:/a:oracle:linux:libguestfs-tools", "p-cpe:/a:oracle:linux:libguestfs-tools-c", "p-cpe:/a:oracle:linux:libguestfs-winsupport", "p-cpe:/a:oracle:linux:libguestfs-xfs", "p-cpe:/a:oracle:linux:libiscsi", "p-cpe:/a:oracle:linux:libiscsi-devel", "p-cpe:/a:oracle:linux:libiscsi-utils", "p-cpe:/a:oracle:linux:libnbd", "p-cpe:/a:oracle:linux:libnbd-devel", "p-cpe:/a:oracle:linux:libvirt-dbus", "p-cpe:/a:oracle:linux:libvirt", "p-cpe:/a:oracle:linux:libvirt-admin", "p-cpe:/a:oracle:linux:libvirt-devel", "p-cpe:/a:oracle:linux:libvirt-bash-completion", "p-cpe:/a:oracle:linux:libvirt-client", "p-cpe:/a:oracle:linux:libvirt-docs", "p-cpe:/a:oracle:linux:libvirt-daemon", "p-cpe:/a:oracle:linux:libvirt-libs", "p-cpe:/a:oracle:linux:libvirt-daemon-config-network", "p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-network", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:oracle:linux:libvirt-lock-sanlock", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu", "p-cpe:/a:oracle:linux:libvirt-nss", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret", "p-cpe:/a:oracle:linux:lua-guestfs", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:oracle:linux:nbdfuse", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:oracle:linux:nbdkit", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:oracle:linux:nbdkit-bash-completion", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:oracle:linux:nbdkit-basic-filters", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:oracle:linux:nbdkit-basic-plugins", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:oracle:linux:nbdkit-curl-plugin", "p-cpe:/a:oracle:linux:libvirt-daemon-kvm", "p-cpe:/a:oracle:linux:nbdkit-devel", "p-cpe:/a:oracle:linux:nbdkit-example-plugins", "p-cpe:/a:oracle:linux:nbdkit-gzip-plugin", "p-cpe:/a:oracle:linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:oracle:linux:nbdkit-python-plugin", "p-cpe:/a:oracle:linux:nbdkit-server", "p-cpe:/a:oracle:linux:nbdkit-ssh-plugin", "p-cpe:/a:oracle:linux:nbdkit-vddk-plugin", "p-cpe:/a:oracle:linux:nbdkit-xz-filter", "p-cpe:/a:oracle:linux:netcf", "p-cpe:/a:oracle:linux:netcf-devel", "p-cpe:/a:oracle:linux:netcf-libs", "p-cpe:/a:oracle:linux:ocaml-hivex", "p-cpe:/a:oracle:linux:ocaml-hivex-devel", "p-cpe:/a:oracle:linux:ocaml-libguestfs", "p-cpe:/a:oracle:linux:ocaml-libguestfs-devel", "p-cpe:/a:oracle:linux:ocaml-libnbd", "p-cpe:/a:oracle:linux:ocaml-libnbd-devel", "p-cpe:/a:oracle:linux:perl-sys-guestfs", "p-cpe:/a:oracle:linux:perl-sys-virt", "p-cpe:/a:oracle:linux:perl-hivex", "p-cpe:/a:oracle:linux:python3-hivex", "p-cpe:/a:oracle:linux:python3-libguestfs", "p-cpe:/a:oracle:linux:python3-libnbd", "p-cpe:/a:oracle:linux:python3-libvirt", "p-cpe:/a:oracle:linux:qemu-guest-agent", "p-cpe:/a:oracle:linux:qemu-img", "p-cpe:/a:oracle:linux:qemu-kvm", "p-cpe:/a:oracle:linux:qemu-kvm-block-curl", "p-cpe:/a:oracle:linux:qemu-kvm-block-gluster", "p-cpe:/a:oracle:linux:qemu-kvm-block-iscsi", "p-cpe:/a:oracle:linux:qemu-kvm-block-rbd", "p-cpe:/a:oracle:linux:qemu-kvm-block-ssh", "p-cpe:/a:oracle:linux:qemu-kvm-common", "p-cpe:/a:oracle:linux:qemu-kvm-core", "p-cpe:/a:oracle:linux:qemu-kvm-tests", "p-cpe:/a:oracle:linux:ruby-hivex", "p-cpe:/a:oracle:linux:ruby-libguestfs", "p-cpe:/a:oracle:linux:seabios", "p-cpe:/a:oracle:linux:seabios-bin", "p-cpe:/a:oracle:linux:seavgabios-bin", "p-cpe:/a:oracle:linux:sgabios", "p-cpe:/a:oracle:linux:sgabios-bin", "p-cpe:/a:oracle:linux:supermin", "p-cpe:/a:oracle:linux:supermin-devel", "p-cpe:/a:oracle:linux:virt-dib", "p-cpe:/a:oracle:linux:virt-v2v"], "id": "ORACLELINUX_ELSA-2021-1762.NASL", "href": "https://www.tenable.com/plugins/nessus/155325", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-1762.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155325);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\n \"CVE-2020-11947\",\n \"CVE-2020-16092\",\n \"CVE-2020-25637\",\n \"CVE-2020-25707\",\n \"CVE-2020-25723\",\n \"CVE-2020-27821\",\n \"CVE-2020-28916\",\n \"CVE-2020-29129\",\n \"CVE-2020-29130\",\n \"CVE-2020-29443\"\n );\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2021-1762)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-1762 advisory.\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible\n for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or\n potentially escalate their privileges on the system. The highest threat from this vulnerability is to data\n confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose\n unrelated information from process memory to an attacker. (CVE-2020-11947)\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer\n index is not validated. (CVE-2020-29443)\n\n - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects\n the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the\n QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in\n hw/net/net_tx_pkt.c. (CVE-2020-16092)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.\n (CVE-2020-28916)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while\n processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user\n within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host,\n resulting in a denial of service. (CVE-2020-25723)\n\n - A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.\n This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO\n operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial\n of service. This flaw affects QEMU versions prior to 5.2.0. (CVE-2020-27821)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916\n (CVE-2020-25707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-1762.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:virt-v2v\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/virt');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:ol');\nif ('ol' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt:' + module_ver);\n\nvar appstreams = {\n 'virt:ol': [\n {'reference':'hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libiscsi-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.0.1.module+el8.4.0+20171+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'lua-guestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+20158+f6690737', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-20.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ruby-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.3.0+7860+a7792d29', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.3.0+7860+a7792d29', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.3.0+7860+a7792d29', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-dib-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:ol');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hivex / hivex-devel / libguestfs / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:28:59", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1762 advisory.\n\n - QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure (CVE-2020-11947)\n\n - QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\n - QEMU: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c (CVE-2020-25707)\n\n - QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c (CVE-2020-25723)\n\n - QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c (CVE-2020-27821)\n\n - QEMU: e1000e: infinite loop scenario in case of null packet descriptor (CVE-2020-28916)\n\n - CVE-2020-29130 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29129)\n\n - CVE-2020-29129 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29130)\n\n - QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-19T00:00:00", "type": "nessus", "title": "RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:1762)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11947", "CVE-2020-16092", "CVE-2020-25637", "CVE-2020-25707", "CVE-2020-25723", "CVE-2020-27821", "CVE-2020-28916", "CVE-2020-29129", "CVE-2020-29130", "CVE-2020-29443"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:slof", "p-cpe:/a:redhat:enterprise_linux:hivex", "p-cpe:/a:redhat:enterprise_linux:hivex-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs", "p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking", "p-cpe:/a:redhat:enterprise_linux:libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c", "p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport", "p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs", "p-cpe:/a:redhat:enterprise_linux:libiscsi", "p-cpe:/a:redhat:enterprise_linux:libiscsi-devel", "p-cpe:/a:redhat:enterprise_linux:libiscsi-utils", "p-cpe:/a:redhat:enterprise_linux:libnbd", "p-cpe:/a:redhat:enterprise_linux:libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-admin", "p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-dbus", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss", "p-cpe:/a:redhat:enterprise_linux:lua-guestfs", "p-cpe:/a:redhat:enterprise_linux:nbdfuse", "p-cpe:/a:redhat:enterprise_linux:nbdkit", "p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-devel", "p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-server", "p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter", "p-cpe:/a:redhat:enterprise_linux:netcf", "p-cpe:/a:redhat:enterprise_linux:netcf-devel", "p-cpe:/a:redhat:enterprise_linux:netcf-libs", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:perl-sys-guestfs", "p-cpe:/a:redhat:enterprise_linux:perl-sys-virt", "p-cpe:/a:redhat:enterprise_linux:perl-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-libguestfs", "p-cpe:/a:redhat:enterprise_linux:python3-libnbd", "p-cpe:/a:redhat:enterprise_linux:python3-libvirt", "p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent", "p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests", "p-cpe:/a:redhat:enterprise_linux:ruby-hivex", "p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs", "p-cpe:/a:redhat:enterprise_linux:seabios", "p-cpe:/a:redhat:enterprise_linux:seabios-bin", "p-cpe:/a:redhat:enterprise_linux:seavgabios-bin", "p-cpe:/a:redhat:enterprise_linux:sgabios", "p-cpe:/a:redhat:enterprise_linux:sgabios-bin", "p-cpe:/a:redhat:enterprise_linux:supermin", "p-cpe:/a:redhat:enterprise_linux:supermin-devel", "p-cpe:/a:redhat:enterprise_linux:virt-dib", "p-cpe:/a:redhat:enterprise_linux:virt-v2v"], "id": "REDHAT-RHSA-2021-1762.NASL", "href": "https://www.tenable.com/plugins/nessus/149669", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1762. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149669);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-11947\",\n \"CVE-2020-16092\",\n \"CVE-2020-25637\",\n \"CVE-2020-25707\",\n \"CVE-2020-25723\",\n \"CVE-2020-27821\",\n \"CVE-2020-28916\",\n \"CVE-2020-29129\",\n \"CVE-2020-29130\",\n \"CVE-2020-29443\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1762\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:1762)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1762 advisory.\n\n - QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure\n (CVE-2020-11947)\n\n - QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\n - QEMU: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c (CVE-2020-25707)\n\n - QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c (CVE-2020-25723)\n\n - QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c (CVE-2020-27821)\n\n - QEMU: e1000e: infinite loop scenario in case of null packet descriptor (CVE-2020-28916)\n\n - CVE-2020-29130 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29129)\n\n - CVE-2020-29129 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29130)\n\n - QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-16092\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25637\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28916\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-29129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-29130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-29443\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860283\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1881037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1893895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1898579\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1902231\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1902651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1903064\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1912765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1917446\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(122, 125, 131, 415, 617, 787, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'virt-devel:rhel': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-20.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ],\n 'virt:rhel': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+10368+630e803b', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.module+el8.4.0+10230+7a9b21e4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-48.module+el8.4.0+10368+630e803b', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+10368+630e803b', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module+el8.3.0+6423+e4cb6418', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-27.module+el8.4.0+9282+0bdec052', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel / virt:rhel');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:28:13", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1762 advisory.\n\n - QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure (CVE-2020-11947)\n\n - QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\n - QEMU: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c (CVE-2020-25707)\n\n - QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c (CVE-2020-25723)\n\n - QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c (CVE-2020-27821)\n\n - QEMU: e1000e: infinite loop scenario in case of null packet descriptor (CVE-2020-28916)\n\n - CVE-2020-29130 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29129)\n\n - CVE-2020-29129 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29130)\n\n - QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-19T00:00:00", "type": "nessus", "title": "CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:1762)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11947", "CVE-2020-16092", "CVE-2020-25637", "CVE-2020-25707", "CVE-2020-25723", "CVE-2020-27821", "CVE-2020-28916", "CVE-2020-29129", "CVE-2020-29130", "CVE-2020-29443"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:slof", "p-cpe:/a:centos:centos:hivex", "p-cpe:/a:centos:centos:hivex-devel", "p-cpe:/a:centos:centos:libguestfs", "p-cpe:/a:centos:centos:libguestfs-bash-completion", "p-cpe:/a:centos:centos:libguestfs-benchmarking", "p-cpe:/a:centos:centos:libguestfs-devel", "p-cpe:/a:centos:centos:libguestfs-gfs2", "p-cpe:/a:centos:centos:libguestfs-gobject", "p-cpe:/a:centos:centos:libguestfs-gobject-devel", "p-cpe:/a:centos:centos:libguestfs-inspect-icons", "p-cpe:/a:centos:centos:libguestfs-java", "p-cpe:/a:centos:centos:libguestfs-java-devel", "p-cpe:/a:centos:centos:libguestfs-javadoc", "p-cpe:/a:centos:centos:libguestfs-man-pages-ja", "p-cpe:/a:centos:centos:libguestfs-man-pages-uk", "p-cpe:/a:centos:centos:libguestfs-rescue", "p-cpe:/a:centos:centos:libguestfs-rsync", "p-cpe:/a:centos:centos:libguestfs-tools", "p-cpe:/a:centos:centos:libguestfs-tools-c", "p-cpe:/a:centos:centos:libguestfs-winsupport", "p-cpe:/a:centos:centos:libguestfs-xfs", "p-cpe:/a:centos:centos:libiscsi", "p-cpe:/a:centos:centos:libiscsi-devel", "p-cpe:/a:centos:centos:libiscsi-utils", "p-cpe:/a:centos:centos:libnbd", "p-cpe:/a:centos:centos:libnbd-devel", "p-cpe:/a:centos:centos:libvirt", "p-cpe:/a:centos:centos:libvirt-admin", "p-cpe:/a:centos:centos:libvirt-bash-completion", "p-cpe:/a:centos:centos:libvirt-client", "p-cpe:/a:centos:centos:libvirt-daemon", "p-cpe:/a:centos:centos:libvirt-daemon-config-network", "p-cpe:/a:centos:centos:libvirt-daemon-config-nwfilter", "p-cpe:/a:centos:centos:libvirt-daemon-driver-interface", "p-cpe:/a:centos:centos:libvirt-daemon-driver-network", "p-cpe:/a:centos:centos:libvirt-daemon-driver-nodedev", "p-cpe:/a:centos:centos:libvirt-daemon-driver-nwfilter", "p-cpe:/a:centos:centos:libvirt-daemon-driver-qemu", "p-cpe:/a:centos:centos:libvirt-daemon-driver-secret", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-core", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-disk", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-logical", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:centos:centos:libvirt-daemon-kvm", "p-cpe:/a:centos:centos:libvirt-dbus", "p-cpe:/a:centos:centos:libvirt-devel", "p-cpe:/a:centos:centos:nbdkit", "p-cpe:/a:centos:centos:libvirt-docs", "p-cpe:/a:centos:centos:nbdkit-bash-completion", "p-cpe:/a:centos:centos:nbdkit-basic-filters", "p-cpe:/a:centos:centos:libvirt-libs", "p-cpe:/a:centos:centos:nbdkit-basic-plugins", "p-cpe:/a:centos:centos:libvirt-lock-sanlock", "p-cpe:/a:centos:centos:nbdkit-curl-plugin", "p-cpe:/a:centos:centos:nbdkit-devel", "p-cpe:/a:centos:centos:libvirt-nss", "p-cpe:/a:centos:centos:nbdkit-example-plugins", "p-cpe:/a:centos:centos:nbdkit-gzip-plugin", "p-cpe:/a:centos:centos:lua-guestfs", "p-cpe:/a:centos:centos:nbdkit-linuxdisk-plugin", "p-cpe:/a:centos:centos:nbdkit-python-plugin", "p-cpe:/a:centos:centos:nbdkit-server", "p-cpe:/a:centos:centos:nbdkit-ssh-plugin", "p-cpe:/a:centos:centos:nbdkit-vddk-plugin", "p-cpe:/a:centos:centos:nbdkit-xz-filter", "p-cpe:/a:centos:centos:nbdfuse", "p-cpe:/a:centos:centos:netcf", "p-cpe:/a:centos:centos:netcf-devel", "p-cpe:/a:centos:centos:netcf-libs", "p-cpe:/a:centos:centos:ocaml-hivex", "p-cpe:/a:centos:centos:ocaml-hivex-devel", "p-cpe:/a:centos:centos:ocaml-libguestfs", "p-cpe:/a:centos:centos:ocaml-libguestfs-devel", "p-cpe:/a:centos:centos:ocaml-libnbd", "p-cpe:/a:centos:centos:ocaml-libnbd-devel", "p-cpe:/a:centos:centos:perl-sys-guestfs", "p-cpe:/a:centos:centos:perl-sys-virt", "p-cpe:/a:centos:centos:perl-hivex", "p-cpe:/a:centos:centos:python3-hivex", "p-cpe:/a:centos:centos:python3-libguestfs", "p-cpe:/a:centos:centos:python3-libnbd", "p-cpe:/a:centos:centos:python3-libvirt", "p-cpe:/a:centos:centos:ruby-hivex", "p-cpe:/a:centos:centos:ruby-libguestfs", "p-cpe:/a:centos:centos:seabios", "p-cpe:/a:centos:centos:seabios-bin", "p-cpe:/a:centos:centos:seavgabios-bin", "p-cpe:/a:centos:centos:sgabios", "p-cpe:/a:centos:centos:sgabios-bin", "p-cpe:/a:centos:centos:supermin", "p-cpe:/a:centos:centos:supermin-devel", "p-cpe:/a:centos:centos:virt-dib", "p-cpe:/a:centos:centos:virt-v2v"], "id": "CENTOS8_RHSA-2021-1762.NASL", "href": "https://www.tenable.com/plugins/nessus/149772", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:1762. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149772);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2020-11947\",\n \"CVE-2020-16092\",\n \"CVE-2020-25637\",\n \"CVE-2020-25707\",\n \"CVE-2020-25723\",\n \"CVE-2020-27821\",\n \"CVE-2020-28916\",\n \"CVE-2020-29129\",\n \"CVE-2020-29130\",\n \"CVE-2020-29443\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1762\");\n\n script_name(english:\"CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:1762)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:1762 advisory.\n\n - QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure\n (CVE-2020-11947)\n\n - QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)\n\n - libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\n - QEMU: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c (CVE-2020-25707)\n\n - QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c (CVE-2020-25723)\n\n - QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c (CVE-2020-27821)\n\n - QEMU: e1000e: infinite loop scenario in case of null packet descriptor (CVE-2020-28916)\n\n - CVE-2020-29130 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29129)\n\n - CVE-2020-29129 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29130)\n\n - QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1762\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-v2v\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/virt-devel');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\nif ('rhel' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt-devel:' + module_ver);\n\nvar appstreams = {\n 'virt-devel:rhel': [\n {'reference':'hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-javadoc-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-javadoc-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-20.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'SLOF-20191022-3.git899d9883.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-10.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-10.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-24T16:02:30", "description": "The version of AHV installed on the remote host is prior to 20201105.1021. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20201105.1021 advisory.\n\n - libpng before 1.6.32 does not properly check the length of chunks against the user limit. (CVE-2017-12652)\n\n - In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). (CVE-2018-20843)\n\n - When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.\n (CVE-2019-11719)\n\n - A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68. (CVE-2019-11727)\n\n - Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71. (CVE-2019-11756)\n\n - file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. (CVE-2019-12450)\n\n - dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass. (CVE-2019-12749)\n\n - A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user. (CVE-2019-14822)\n\n - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives.\n When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system. (CVE-2019-14866)\n\n - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903)\n\n - The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. (CVE-2019-16935)\n\n - In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow. (CVE-2019-17006)\n\n - After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72. (CVE-2019-17023)\n\n - In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. (CVE-2019-17498)\n\n - On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. (CVE-2019-19126)\n\n - xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. (CVE-2019-19956)\n\n - An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur. (CVE-2019-20386)\n\n - xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.\n (CVE-2019-20388)\n\n - qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage). (CVE-2019-20485)\n\n - In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. (CVE-2019-20907)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2974)\n\n - An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. (CVE-2019-5094)\n\n - A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4.\n A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. (CVE-2019-5188)\n\n - Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. (CVE-2019-5482)\n\n - A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD.\n Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service. (CVE-2020-10703)\n\n - In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). (CVE-2020-12243)\n\n - When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80. (CVE-2020-12400)\n\n - During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80. (CVE-2020-12401)\n\n - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes.\n *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78. (CVE-2020-12402)\n\n - A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability. (CVE-2020-12403)\n\n - libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption. (CVE-2020-12825)\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2020-15999)\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client.\n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. (CVE-2020-2574)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client.\n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. (CVE-2020-2752)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-2780)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-2812)\n\n - When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80. (CVE-2020-6829)\n\n - xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. (CVE-2020-7595)\n\n - curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. (CVE-2020-8177)\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. (CVE-2020-8492)\n\n - In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.\n (CVE-2020-8622)\n\n - In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with\n --enable-native-pkcs11 * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker (CVE-2020-8623)\n\n - In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. (CVE-2020-8624)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-01T00:00:00", "type": "nessus", "title": "Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.1021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12652", "CVE-2018-20843", "CVE-2019-11719", "CVE-2019-11727", "CVE-2019-11756", "CVE-2019-12450", "CVE-2019-12749", "CVE-2019-14822", "CVE-2019-14866", "CVE-2019-15903", "CVE-2019-16935", "CVE-2019-17006", "CVE-2019-17023", "CVE-2019-17498", "CVE-2019-19126", "CVE-2019-19956", "CVE-2019-20386", "CVE-2019-20388", "CVE-2019-20485", "CVE-2019-20907", "CVE-2019-2974", "CVE-2019-5094", "CVE-2019-5188", "CVE-2019-5482", "CVE-2020-10703", "CVE-2020-12243", "CVE-2020-12400", "CVE-2020-12401", "CVE-2020-12402", "CVE-2020-12403", "CVE-2020-12825", "CVE-2020-14422", "CVE-2020-15999", "CVE-2020-25637", "CVE-2020-2574", "CVE-2020-2752", "CVE-2020-2780", "CVE-2020-2812", "CVE-2020-6829", "CVE-2020-7595", "CVE-2020-8177", "CVE-2020-8492", "CVE-2020-8622", "CVE-2020-8623", "CVE-2020-8624"], "modified": "2023-02-23T00:00:00", "cpe": ["cpe:/o:nutanix:ahv"], "id": "NUTANIX_NXSA-AHV-20201105_1021.NASL", "href": "https://www.tenable.com/plugins/nessus/164552", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164552);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/23\");\n\n script_cve_id(\n \"CVE-2017-12652\",\n \"CVE-2018-20843\",\n \"CVE-2019-2974\",\n \"CVE-2019-5094\",\n \"CVE-2019-5188\",\n \"CVE-2019-5482\",\n \"CVE-2019-11719\",\n \"CVE-2019-11727\",\n \"CVE-2019-11756\",\n \"CVE-2019-12450\",\n \"CVE-2019-12749\",\n \"CVE-2019-14822\",\n \"CVE-2019-14866\",\n \"CVE-2019-15903\",\n \"CVE-2019-16935\",\n \"CVE-2019-17006\",\n \"CVE-2019-17023\",\n \"CVE-2019-17498\",\n \"CVE-2019-19126\",\n \"CVE-2019-19956\",\n \"CVE-2019-20386\",\n \"CVE-2019-20388\",\n \"CVE-2019-20485\",\n \"CVE-2019-20907\",\n \"CVE-2020-2574\",\n \"CVE-2020-2752\",\n \"CVE-2020-2780\",\n \"CVE-2020-2812\",\n \"CVE-2020-6829\",\n \"CVE-2020-7595\",\n \"CVE-2020-8177\",\n \"CVE-2020-8492\",\n \"CVE-2020-8622\",\n \"CVE-2020-8623\",\n \"CVE-2020-8624\",\n \"CVE-2020-10703\",\n \"CVE-2020-12243\",\n \"CVE-2020-12400\",\n \"CVE-2020-12401\",\n \"CVE-2020-12402\",\n \"CVE-2020-12403\",\n \"CVE-2020-12825\",\n \"CVE-2020-14422\",\n \"CVE-2020-15999\",\n \"CVE-2020-25637\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.1021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Nutanix AHV host is affected by multiple vulnerabilities .\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of AHV installed on the remote host is prior to 20201105.1021. It is, therefore, affected by multiple\nvulnerabilities as referenced in the NXSA-AHV-20201105.1021 advisory.\n\n - libpng before 1.6.32 does not properly check the length of chunks against the user limit. (CVE-2017-12652)\n\n - In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons\n could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be\n usable for denial-of-service attacks). (CVE-2018-20843)\n\n - When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger\n an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information\n disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.\n (CVE-2019-11719)\n\n - A vulnerability exists where it possible to force Network Security Services (NSS) to sign\n CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in\n CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This\n vulnerability affects Firefox < 68. (CVE-2019-11727)\n\n - Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited\n to a denial of service). This vulnerability affects Firefox < 71. (CVE-2019-11756)\n\n - file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file\n permissions while a copy operation is in progress. Instead, default permissions are used. (CVE-2019-12450)\n\n - dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical\n Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of\n symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only\n affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own\n home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to\n read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a\n cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent\n client connection came from an attacker-chosen uid, allowing authentication bypass. (CVE-2019-12749)\n\n - A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and\n send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A\n local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical\n interface, change the input method engine, or modify other input related configurations of the victim\n user. (CVE-2019-14822)\n\n - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives.\n When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may\n contain files with permissions the attacker did not have or in paths he did not have access to. Extracting\n those archives from a high-privilege user without carefully reviewing them may lead to the compromise of\n the system. (CVE-2019-14866)\n\n - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to\n document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber)\n then resulted in a heap-based buffer over-read. (CVE-2019-15903)\n\n - The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has\n XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in\n Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary\n JavaScript can be delivered to clients that visit the http URL for this server. (CVE-2019-16935)\n\n - In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length\n checks. In cases where the application calling the library did not perform a sanity check on the inputs it\n could result in a crash due to a buffer overflow. (CVE-2019-17006)\n\n - After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting\n in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming\n Application Data records will be ignored. This vulnerability affects Firefox < 72. (CVE-2019-17023)\n\n - In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow\n in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent\n memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of\n service condition on the client system when a user connects to the server. (CVE-2019-17498)\n\n - On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the\n LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition,\n allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass\n ASLR for a setuid program. (CVE-2019-19126)\n\n - xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to\n newDoc->oldNs. (CVE-2019-19956)\n\n - An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the\n udevadm trigger command, a memory leak may occur. (CVE-2019-20386)\n\n - xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.\n (CVE-2019-20388)\n\n - qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a\n guest agent, which allows attackers to cause a denial of service (API blockage). (CVE-2019-20485)\n\n - In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an\n infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. (CVE-2019-20907)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2974)\n\n - An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A\n specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code\n execution. An attacker can corrupt a partition to trigger this vulnerability. (CVE-2019-5094)\n\n - A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4.\n A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code\n execution. An attacker can corrupt a partition to trigger this vulnerability. (CVE-2019-5188)\n\n - Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. (CVE-2019-5482)\n\n - A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0,\n and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this\n flaw affects storage pools created without a target path such as network-based pools like gluster and RBD.\n Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon,\n resulting in a potential denial of service. (CVE-2020-10703)\n\n - In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can\n result in denial of service (daemon crash). (CVE-2020-12243)\n\n - When converting coordinates from projective to affine, the modular inversion was not performed in constant\n time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80\n and Firefox for Android < 80. (CVE-2020-12400)\n\n - During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar\n multiplication was removed, resulting in variable-time execution dependent on secret data. This\n vulnerability affects Firefox < 80 and Firefox for Android < 80. (CVE-2020-12401)\n\n - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean\n Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform\n electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes.\n *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected,\n but products built on top of it might. This vulnerability affects Firefox < 78. (CVE-2020-12402)\n\n - A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using\n multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling\n multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest\n threat from this vulnerability is to confidentiality and system availability. (CVE-2020-12403)\n\n - libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to\n stack consumption. (CVE-2020-12825)\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and\n IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application\n is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this\n attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2020-15999)\n\n - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible\n for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit\n access control driver. Specifically, clients connecting to the read-write socket with limited ACL\n permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or\n potentially escalate their privileges on the system. The highest threat from this vulnerability is to data\n confidentiality and integrity as well as system availability. (CVE-2020-25637)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are\n affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability\n allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client.\n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of MySQL Client. (CVE-2020-2574)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are\n affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability\n allows low privileged attacker with network access via multiple protocols to compromise MySQL Client.\n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of MySQL Client. (CVE-2020-2752)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions\n that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-2780)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported\n versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-2812)\n\n - When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which\n leaked partial information about the nonce used during signature generation. Given an electro-magnetic\n trace of a few signature generations, the private key could have been computed. This vulnerability affects\n Firefox < 80 and Firefox for Android < 80. (CVE-2020-6829)\n\n - xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file\n situation. (CVE-2020-7595)\n\n - curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources\n that can lead too overwriting a local file when the -J flag is used. (CVE-2020-8177)\n\n - Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1\n allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client\n because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. (CVE-2020-8492)\n\n - In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the\n BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating\n the server receiving the TSIG-signed request, could send a truncated response to that request, triggering\n an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to\n correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and\n message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.\n (CVE-2020-8622)\n\n - In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the\n BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted\n query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with\n --enable-native-pkcs11 * be signing one or more zones with an RSA key * be able to receive queries from\n a possible attacker (CVE-2020-8623)\n\n - In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also\n affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An\n attacker who has been granted privileges to change a specific subset of the zone's content could abuse\n these unintended additional privileges to update other contents of the zone. (CVE-2020-8624)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://portal.nutanix.com/page/documents/security-advisories/release-advisories/details?id=NXSA-AHV-20201105.1021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?085dcec0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the Nutanix AHV software to recommended version.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17006\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-5482\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:nutanix:ahv\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nutanix_collect.nasl\");\n script_require_keys(\"Host/Nutanix/Data/Node/Version\", \"Host/Nutanix/Data/Node/Type\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app_info = vcf::nutanix::get_app_info(node:TRUE);\n\nvar constraints = [\n { 'fixed_version' : '20201105.1021', 'product' : 'AHV', 'fixed_display' : 'Upgrade the AHV install to 20201105.1021 or higher.' }\n];\n\nvcf::nutanix::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n flags:{'xss':TRUE}\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "githubexploit": [{"lastseen": "2022-03-23T17:44:22", "description": "****************************************************************...", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-04T11:01:29", "type": "githubexploit", "title": "Exploit for Double Free in Redhat Libvirt", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25637"], "modified": "2020-12-11T17:27:10", "id": "5E3AFF02-95F1-59CA-869C-4AEF305EFA7E", "href": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "privateArea": 1}], "osv": [{"lastseen": "2022-11-08T01:57:53", "description": "A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "cvss3": {}, "published": "2020-10-06T14:15:00", "type": "osv", "title": "CVE-2020-25637", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2020-25637"], "modified": "2022-11-08T01:57:52", "id": "OSV:CVE-2020-25637", "href": "https://osv.dev/vulnerability/CVE-2020-25637", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-07-21T08:16:22", "description": "\nA double free vulnerability was discovered in libvirt, a toolkit to\ninteract with the virtualization capabilities of recent versions of\nLinux (and other OSes).\n\n\nFor Debian 9 stretch, this problem has been fixed in version\n3.0.0-4+deb9u5.\n\n\nWe recommend that you upgrade your libvirt packages.\n\n\nFor the detailed security status of libvirt please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/libvirt>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-10-02T00:00:00", "type": "osv", "title": "libvirt - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25637"], "modified": "2022-07-21T05:53:24", "id": "OSV:DLA-2395-1", "href": "https://osv.dev/vulnerability/DLA-2395-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2023-06-06T14:56:25", "description": "A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-06T14:15:00", "type": "debiancve", "title": "CVE-2020-25637", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25637"], "modified": "2020-10-06T14:15:00", "id": "DEBIANCVE:CVE-2020-25637", "href": "https://security-tracker.debian.org/tracker/CVE-2020-25637", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "alpinelinux": [{"lastseen": "2023-06-23T11:05:51", "description": "A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-06T14:15:00", "type": "alpinelinux", "title": "CVE-2020-25637", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25637"], "modified": "2022-11-07T17:35:00", "id": "ALPINE:CVE-2020-25637", "href": "https://security.alpinelinux.org/vuln/CVE-2020-25637", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2023-06-06T15:10:14", "description": "Arch Linux Security Advisory ASA-202101-42\n==========================================\n\nSeverity: Critical\nDate : 2021-01-29\nCVE-ID : CVE-2020-25637\nPackage : libvirt\nType : arbitrary code execution\nRemote : No\nLink : https://security.archlinux.org/AVG-1240\n\nSummary\n=======\n\nThe package libvirt before version 1:7.0.0-1 is vulnerable to arbitrary\ncode execution.\n\nResolution\n==========\n\nUpgrade to 1:7.0.0-1.\n\n# pacman -Syu \"libvirt>=1:7.0.0-1\"\n\nThe problem has been fixed upstream in version 7.0.0.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA double free memory issue was found to occur in the libvirt API\nresponsible for requesting information about network interfaces of a\nrunning QEMU domain. This flaw affects the polkit access control\ndriver. Specifically, clients connecting to the read-write socket with\nlimited ACL permissions could use this flaw to crash the libvirt\ndaemon, resulting in a denial of service, or potentially escalate their\nprivileges on the system.\n\nImpact\n======\n\nA malicious user could query the API in a way that could result in a\ncode execution flaw.\n\nReferences\n==========\n\nhttps://www.openwall.com/lists/oss-security/2020/10/02/1\nhttps://libvirt.org/git/?p=libvirt.git;a=commit;h=955029bd0ad7ef96000f529ac38204a8f4a96401\nhttps://libvirt.org/git/?p=libvirt.git;a=commit;h=50864dcda191eb35732dbd80fb6ca251a6bba923\nhttps://libvirt.org/git/?p=libvirt.git;a=commit;h=e4116eaa44cb366b59f7fe98f4b88d04c04970ad\nhttps://libvirt.org/git/?p=libvirt.git;a=commit;h=a63b48c5ecef077bf0f909a85f453a605600cf05\nhttps://security.archlinux.org/CVE-2020-25637", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-29T00:00:00", "type": "archlinux", "title": "[ASA-202101-42] libvirt: arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25637"], "modified": "2021-01-29T00:00:00", "id": "ASA-202101-42", "href": "https://security.archlinux.org/ASA-202101-42", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2023-08-04T12:27:58", "description": "The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.\n\nSecurity Fix(es):\n\n* libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* libvirt destroying macvtap device of running VM after a failed incoming migration of another VM with same macvtap \"target device\" (BZ#1868549)", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T09:43:42", "type": "redhat", "title": "(RHSA-2020:5040) Moderate: libvirt security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25637"], "modified": "2020-11-10T11:55:20", "id": "RHSA-2020:5040", "href": "https://access.redhat.com/errata/RHSA-2020:5040", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-04T12:27:58", "description": "The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\n* QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* virtiofsd core dump in KATA Container (BZ#1883869)", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-16T08:48:32", "type": "redhat", "title": "(RHSA-2020:5111) Moderate: virt:8.2 and virt-devel:8.2 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16092", "CVE-2020-25637"], "modified": "2020-11-16T09:01:04", "id": "RHSA-2020:5111", "href": "https://access.redhat.com/errata/RHSA-2020:5111", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:29:43", "description": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)\n\n* QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c (CVE-2020-27821)\n\n* QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443)\n\n* QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure (CVE-2020-11947)\n\n* QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092)\n\n* QEMU: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c (CVE-2020-25707)\n\n* QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c (CVE-2020-25723)\n\n* QEMU: e1000e: infinite loop scenario in case of null packet descriptor (CVE-2020-28916)\n\n* QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets (CVE-2020-29129, CVE-2020-29130)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-18T06:02:26", "type": "redhat", "title": "(RHSA-2021:1762) Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11947", "CVE-2020-16092", "CVE-2020-25637", "CVE-2020-25707", "CVE-2020-25723", "CVE-2020-27821", "CVE-2020-28916", "CVE-2020-29129", "CVE-2020-29130", "CVE-2020-29443"], "modified": "2021-05-18T11:37:52", "id": "RHSA-2021:1762", "href": "https://access.redhat.com/errata/RHSA-2021:1762", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-04T12:27:58", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang: Data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.5.20. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2020:5119\n\nSpace precludes documenting all of the container images in this advisory.\nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nThis update fixes the following bug among others:\n\n* Previously, the Prometheus swagger definition contained a `$ref` property which could not be resolved. This caused a runtime error to occur when using the Prometheus operand creation form. This was fixed by adding a `definitions` property to schema returned by the `definitionFor` helper function so that the `$ref` property can resolve. There are no longer runtime errors when using the Prometheus operand creation form. (BZ#1885228)\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.5.20-x86_64\n\nThe image digest is sha256:78b878986d2d0af6037d637aa63e7b6f80fc8f17d0f0d5b077ac6aca83f792a0\n\n(For s390x architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.5.20-s390x\n\nThe image digest is sha256:372d9aea634d36704d8500a2f940edb3867bfde14c0e5aa19534ea5ac90083d4\n\n(For ppc64le architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.5.20-ppc64le\n\nThe image digest is sha256:030d8323cce90de6bc7ad4119ebb7f000bde06e742f6923faf76707ffe85634a\n\nAll OpenShift Container Platform 4.5 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-24T12:10:00", "type": "redhat", "title": "(RHSA-2020:5118) Moderate: OpenShift Container Platform 4.5.20 bug fix and golang security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20811", "CVE-2019-20907", "CVE-2020-14331", "CVE-2020-14363", "CVE-2020-14422", "CVE-2020-15586", "CVE-2020-15999", "CVE-2020-16845", "CVE-2020-25637", "CVE-2020-8177", "CVE-2020-8622", "CVE-2020-8623", "CVE-2020-8624"], "modified": "2020-11-24T12:33:33", "id": "RHSA-2020:5118", "href": "https://access.redhat.com/errata/RHSA-2020:5118", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "veracode": [{"lastseen": "2023-04-18T11:53:50", "description": "libvirt is vulnerable to arbitrary code execution. A double free memory issue affects the polkit access control driver and allows clients connecting to the read-write socket with limited ACL permissions to exploit the vulnerability to crash the libvirt daemon or potentially escalate their privileges on the system.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-08T14:02:24", "type": "veracode", "title": "Privilege Escalation", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25637"], "modified": "2022-11-07T20:41:13", "id": "VERACODE:27549", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-27549/summary", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhatcve": [{"lastseen"
CVE-2020-25637
