DATABASE RESOURCES PRICING ABOUT US

{"id": "ALMA_LINUX_ALSA-2022-1759.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2022:1759)", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1759 advisory.\n\n - A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability. (CVE-2021-3622)\n\n - A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability. (CVE-2021-3716)\n\n - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process. (CVE-2021-3748)\n\n - A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0.\n The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node. (CVE-2021-4145)\n\n - A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-20196)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2022-05-12T00:00:00", "modified": "2022-12-15T00:00:00", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 6.9}, "severity": "MEDIUM", "exploitabilityScore": 3.4, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://www.tenable.com/plugins/nessus/161144", "reporter": "This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33287", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33286", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39259", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39262", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39252", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4145", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39251", "https://errata.almalinux.org/8/ALSA-2022-1759.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39257", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33289", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39260", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20196", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35268", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35267", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33285", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35269", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39263", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35266", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3716", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39258", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39261", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3975", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39254", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4158", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3622", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0485", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39255", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39256", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39253"], "cvelist": ["CVE-2021-20196", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3622", "CVE-2021-3716", "CVE-2021-3748", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263", "CVE-2021-3975", "CVE-2021-4145", "CVE-2021-4158", "CVE-2022-0485"], "immutableFields": [], "lastseen": "2023-01-10T19:23:41", "viewCount": 7, "enchantments": {"score": {"value": 0.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:1759"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-33285", "ALPINE:CVE-2021-33286", "ALPINE:CVE-2021-33287", "ALPINE:CVE-2021-33289", "ALPINE:CVE-2021-35266", "ALPINE:CVE-2021-35267", "ALPINE:CVE-2021-35268", "ALPINE:CVE-2021-35269", "ALPINE:CVE-2021-3748", "ALPINE:CVE-2021-39251", "ALPINE:CVE-2021-39252", "ALPINE:CVE-2021-39253", "ALPINE:CVE-2021-39254", "ALPINE:CVE-2021-39255", "ALPINE:CVE-2021-39256", "ALPINE:CVE-2021-39257", "ALPINE:CVE-2021-39258", "ALPINE:CVE-2021-39259", "ALPINE:CVE-2021-39260", "ALPINE:CVE-2021-39261", "ALPINE:CVE-2021-39262", "ALPINE:CVE-2021-39263", "ALPINE:CVE-2021-4145", "ALPINE:CVE-2021-4158"]}, {"type": "altlinux", "idList": ["8CEC6870E2D532C9430F78F1882695F2"]}, {"type": "amazon", "idList": ["ALAS2-2021-1717"]}, {"type": "centos", "idList": ["CESA-2021:3338"]}, {"type": "cnvd", "idList": ["CNVD-2021-72261", "CNVD-2021-72262", "CNVD-2021-72263", "CNVD-2021-72264", "CNVD-2021-72265", "CNVD-2021-72266", "CNVD-2021-72267", "CNVD-2021-72268", "CNVD-2021-72269", "CNVD-2021-72270", "CNVD-2021-72271", "CNVD-2021-72272", "CNVD-2021-72273", "CNVD-2021-72274", "CNVD-2021-72275", "CNVD-2021-72276", "CNVD-2021-72277", "CNVD-2022-82653", "CNVD-2022-82654", "CNVD-2022-82655", "CNVD-2022-82656", "CNVD-2022-84162"]}, {"type": "cve", "idList": ["CVE-2021-20196", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3622", "CVE-2021-3716", "CVE-2021-3748", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263", "CVE-2021-3975", "CVE-2021-4145", "CVE-2021-4158", "CVE-2022-0485", "CVE-2022-26353"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2819-1:05AFF", "DEBIAN:DLA-2970-1:D0AE2", "DEBIAN:DLA-3099-1:490BC", "DEBIAN:DSA-4971-1:2BCA2", "DEBIAN:DSA-4971-1:5D732", "DEBIAN:DSA-4980-1:E965D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-20196", "DEBIANCVE:CVE-2021-33285", "DEBIANCVE:CVE-2021-33286", "DEBIANCVE:CVE-2021-33287", "DEBIANCVE:CVE-2021-33289", "DEBIANCVE:CVE-2021-35266", "DEBIANCVE:CVE-2021-35267", "DEBIANCVE:CVE-2021-35268", "DEBIANCVE:CVE-2021-35269", "DEBIANCVE:CVE-2021-3622", "DEBIANCVE:CVE-2021-3716", "DEBIANCVE:CVE-2021-3748", "DEBIANCVE:CVE-2021-39251", "DEBIANCVE:CVE-2021-39252", "DEBIANCVE:CVE-2021-39253", "DEBIANCVE:CVE-2021-39254", "DEBIANCVE:CVE-2021-39255", "DEBIANCVE:CVE-2021-39256", "DEBIANCVE:CVE-2021-39257", "DEBIANCVE:CVE-2021-39258", "DEBIANCVE:CVE-2021-39259", "DEBIANCVE:CVE-2021-39260", "DEBIANCVE:CVE-2021-39261", "DEBIANCVE:CVE-2021-39262", "DEBIANCVE:CVE-2021-39263", "DEBIANCVE:CVE-2021-3975", "DEBIANCVE:CVE-2021-4145", "DEBIANCVE:CVE-2021-4158", "DEBIANCVE:CVE-2022-0485", "DEBIANCVE:CVE-2022-26353"]}, {"type": "f5", "idList": ["F5:K63714476"]}, {"type": "fedora", "idList": ["FEDORA:14991311A4B2", "FEDORA:1A9063096E5A", "FEDORA:35355309CD84", "FEDORA:58156301E034", "FEDORA:5E160304C6D9", "FEDORA:A322E30A0718", "FEDORA:C7B0A30CC8E3"]}, {"type": "gentoo", "idList": ["GLSA-202208-27"]}, {"type": "mageia", "idList": ["MGASA-2021-0528", "MGASA-2022-0001"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1717.NASL", "ALMA_LINUX_ALSA-2022-5821.NASL", "ALMA_LINUX_ALSA-2022-7967.NASL", "CENTOS8_RHSA-2022-1759.NASL", "CENTOS_RHSA-2021-3338.NASL", "DEBIAN_DLA-2819.NASL", "DEBIAN_DLA-2970.NASL", "DEBIAN_DLA-3099.NASL", "DEBIAN_DSA-4971.NASL", "DEBIAN_DSA-4980.NASL", "DEBIAN_DSA-5133.NASL", "EULEROS_SA-2021-2585.NASL", "EULEROS_SA-2021-2635.NASL", "EULEROS_SA-2021-2662.NASL", "EULEROS_SA-2021-2807.NASL", "EULEROS_SA-2021-2822.NASL", "EULEROS_SA-2021-2899.NASL", "EULEROS_SA-2022-1014.NASL", "EULEROS_SA-2022-1034.NASL", "EULEROS_SA-2022-1068.NASL", "EULEROS_SA-2022-1123.NASL", "EULEROS_SA-2022-1392.NASL", "EULEROS_SA-2022-1418.NASL", "EULEROS_SA-2022-1595.NASL", "EULEROS_SA-2022-1598.NASL", "EULEROS_SA-2022-1601.NASL", "EULEROS_SA-2022-1618.NASL", "EULEROS_SA-2022-1621.NASL", "EULEROS_SA-2022-1624.NASL", "EULEROS_SA-2022-2043.NASL", "EULEROS_SA-2022-2071.NASL", "EULEROS_SA-2022-2374.NASL", "EULEROS_SA-2022-2410.NASL", "EULEROS_SA-2022-2533.NASL", "EULEROS_SA-2022-2880.NASL", "EULEROS_SA-2022-2881.NASL", "EULEROS_SA-2022-2898.NASL", "EULEROS_SA-2022-2899.NASL", "GENTOO_GLSA-202208-27.NASL", "OPENSUSE-2021-1244.NASL", "OPENSUSE-2021-1319.NASL", "OPENSUSE-2021-1461.NASL", "OPENSUSE-2021-2971.NASL", "OPENSUSE-2021-3201.NASL", "OPENSUSE-2021-3604.NASL", "OPENSUSE-2021-3605.NASL", "OPENSUSE-2022-0177-1.NASL", "OPENSUSE-2022-0210-1.NASL", "ORACLELINUX_ELSA-2021-3338.NASL", "ORACLELINUX_ELSA-2022-1759.NASL", "ORACLELINUX_ELSA-2022-5263.NASL", "ORACLELINUX_ELSA-2022-5821.NASL", "ORACLELINUX_ELSA-2022-7967.NASL", "ORACLELINUX_ELSA-2022-9123.NASL", "ORACLELINUX_ELSA-2022-9172.NASL", "ORACLELINUX_ELSA-2022-9344.NASL", "ORACLELINUX_ELSA-2022-9364.NASL", "ORACLELINUX_ELSA-2022-9432.NASL", "ORACLELINUX_ELSA-2022-9460.NASL", "ORACLELINUX_ELSA-2022-9491.NASL", "ORACLELINUX_ELSA-2022-9492.NASL", "ORACLELINUX_ELSA-2022-9493.NASL", "ORACLELINUX_ELSA-2022-9494.NASL", "ORACLELINUX_ELSA-2022-9668.NASL", "ORACLELINUX_ELSA-2022-9700.NASL", "ORACLELINUX_ELSA-2022-9862.NASL", "ORACLELINUX_ELSA-2022-9869.NASL", "REDHAT-RHSA-2021-3338.NASL", "REDHAT-RHSA-2021-3703.NASL", "REDHAT-RHSA-2021-3704.NASL", "REDHAT-RHSA-2021-4112.NASL", "REDHAT-RHSA-2021-5036.NASL", "REDHAT-RHSA-2022-0325.NASL", "REDHAT-RHSA-2022-0397.NASL", "REDHAT-RHSA-2022-0949.NASL", "REDHAT-RHSA-2022-0971.NASL", "REDHAT-RHSA-2022-1759.NASL", "REDHAT-RHSA-2022-2181.NASL", "REDHAT-RHSA-2022-7967.NASL", "SLACKWARE_SSA_2021-243-01.NASL", "SL_20210831_HIVEX_ON_SL7_X.NASL", "SUSE_SU-2021-2965-1.NASL", "SUSE_SU-2021-2971-1.NASL", "SUSE_SU-2021-3201-1.NASL", "SUSE_SU-2021-3210-1.NASL", "SUSE_SU-2021-3519-1.NASL", "SUSE_SU-2021-3604-1.NASL", "SUSE_SU-2021-3605-1.NASL", "SUSE_SU-2021-3613-1.NASL", "SUSE_SU-2021-3614-1.NASL", "SUSE_SU-2021-3635-1.NASL", "SUSE_SU-2021-3653-1.NASL", "SUSE_SU-2022-0031-1.NASL", "SUSE_SU-2022-0032-1.NASL", "SUSE_SU-2022-0041-1.NASL", "SUSE_SU-2022-0042-1.NASL", "SUSE_SU-2022-0045-1.NASL", "SUSE_SU-2022-0045-2.NASL", "SUSE_SU-2022-0128-1.NASL", "SUSE_SU-2022-0177-1.NASL", "SUSE_SU-2022-0210-2.NASL", "SUSE_SU-2022-1151-1.NASL", "SUSE_SU-2022-2260-1.NASL", "UBUNTU_USN-5307-1.NASL", "UBUNTU_USN-5340-1.NASL", "UBUNTU_USN-5399-1.NASL", "UBUNTU_USN-5489-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-3338", "ELSA-2022-1759", "ELSA-2022-7967", "ELSA-2022-9123", "ELSA-2022-9172", "ELSA-2022-9344", "ELSA-2022-9364", "ELSA-2022-9432", "ELSA-2022-9460", "ELSA-2022-9491", "ELSA-2022-9492", "ELSA-2022-9493", "ELSA-2022-9494", "ELSA-2022-9668", "ELSA-2022-9700"]}, {"type": "osv", "idList": ["OSV:DLA-2819-1", "OSV:DLA-2970-1", "OSV:DLA-3099-1", "OSV:DSA-4971-1", "OSV:DSA-4980-1"]}, {"type": "photon", "idList": ["PHSA-2022-0450"]}, {"type": "redhat", "idList": ["RHSA-2021:3338", "RHSA-2021:3703", "RHSA-2021:3704", "RHSA-2021:4112", "RHSA-2021:5036", "RHSA-2022:0325", "RHSA-2022:0397", "RHSA-2022:0949", "RHSA-2022:0971", "RHSA-2022:1759", "RHSA-2022:2181", "RHSA-2022:7967"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-20196", "RH:CVE-2021-33285", "RH:CVE-2021-33286", "RH:CVE-2021-33287", "RH:CVE-2021-33289", "RH:CVE-2021-35266", "RH:CVE-2021-35267", "RH:CVE-2021-35268", "RH:CVE-2021-35269", "RH:CVE-2021-3622", "RH:CVE-2021-3716", "RH:CVE-2021-3748", "RH:CVE-2021-39251", "RH:CVE-2021-39252", "RH:CVE-2021-39253", "RH:CVE-2021-39254", "RH:CVE-2021-39255", "RH:CVE-2021-39256", "RH:CVE-2021-39257", "RH:CVE-2021-39258", "RH:CVE-2021-39259", "RH:CVE-2021-39260", "RH:CVE-2021-39261", "RH:CVE-2021-39262", "RH:CVE-2021-39263", "RH:CVE-2021-3975", "RH:CVE-2021-4145", "RH:CVE-2021-4158", "RH:CVE-2022-0485", "RH:CVE-2022-26353"]}, {"type": "redos", "idList": ["ROS-20220125-17"]}, {"type": "rocky", "idList": ["RLSA-2022:1759"]}, {"type": "slackware", "idList": ["SSA-2021-243-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:1244-1", "OPENSUSE-SU-2021:1319-1", "OPENSUSE-SU-2021:1461-1", "OPENSUSE-SU-2021:2971-1", "OPENSUSE-SU-2021:3201-1", "OPENSUSE-SU-2021:3604-1", "OPENSUSE-SU-2021:3605-1", "OPENSUSE-SU-2021:3614-1", "OPENSUSE-SU-2022:0177-1", "OPENSUSE-SU-2022:0210-1", "OPENSUSE-SU-2022:0210-2", "SUSE-SU-2022:2347-1", "SUSE-SU-2022:2754-1"]}, {"type": "ubuntu", "idList": ["USN-5307-1", "USN-5399-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-20196", "UB:CVE-2021-33285", "UB:CVE-2021-33286", "UB:CVE-2021-33287", "UB:CVE-2021-33289", "UB:CVE-2021-35266", "UB:CVE-2021-35267", "UB:CVE-2021-35268", "UB:CVE-2021-35269", "UB:CVE-2021-3622", "UB:CVE-2021-3716", "UB:CVE-2021-3748", "UB:CVE-2021-39251", "UB:CVE-2021-39252", "UB:CVE-2021-39253", "UB:CVE-2021-39254", "UB:CVE-2021-39255", "UB:CVE-2021-39256", "UB:CVE-2021-39257", "UB:CVE-2021-39258", "UB:CVE-2021-39259", "UB:CVE-2021-39260", "UB:CVE-2021-39261", "UB:CVE-2021-39262", "UB:CVE-2021-39263", "UB:CVE-2021-3975", "UB:CVE-2021-4145", "UB:CVE-2021-4158", "UB:CVE-2022-0485", "UB:CVE-2022-26353"]}, {"type": "veracode", "idList": ["VERACODE:31778", "VERACODE:31898", "VERACODE:31976", "VERACODE:31978", "VERACODE:31979", "VERACODE:31981", "VERACODE:31982", "VERACODE:31984", "VERACODE:32006", "VERACODE:32007", "VERACODE:32008", "VERACODE:32009", "VERACODE:32010", "VERACODE:32011", "VERACODE:32012", "VERACODE:32013", "VERACODE:32014", "VERACODE:32015", "VERACODE:32016", "VERACODE:32017", "VERACODE:32018", "VERACODE:32336", "VERACODE:33491", "VERACODE:33704", "VERACODE:33817", "VERACODE:33820", "VERACODE:35034"]}]}, "vulnersScore": 0.1}, "_state": {"score": 1673379222, "dependencies": 1673378777}, "_internal": {"score_hash": "c9058f2e7006fe7490507282ce75c0c8"}, "pluginID": "161144", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:1759.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161144);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/15\");\n\n script_cve_id(\n \"CVE-2021-3622\",\n \"CVE-2021-3716\",\n \"CVE-2021-3748\",\n \"CVE-2021-3975\",\n \"CVE-2021-4145\",\n \"CVE-2021-4158\",\n \"CVE-2021-20196\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\",\n \"CVE-2022-0485\"\n );\n script_xref(name:\"ALSA\", value:\"2022:1759\");\n script_xref(name:\"IAVB\", value:\"2022-B-0051-S\");\n\n script_name(english:\"AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2022:1759)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:1759 advisory.\n\n - A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows\n Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to\n a stack overflow. The highest threat from this vulnerability is to system availability. (CVE-2021-3622)\n\n - A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption\n boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before\n proxying everything else a client sends to the server, potentially leading the client to terminate the NBD\n session. The highest threat from this vulnerability is to system availability. (CVE-2021-3716)\n\n - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the\n descriptor's address belongs to the non direct access region, due to num_buffers being set after the\n virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a\n denial of service condition, or potentially execute code on the host with the privileges of the QEMU\n process. (CVE-2021-3748)\n\n - A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0.\n The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A\n malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host\n when writing data reaches the threshold of mirroring node. (CVE-2021-4145)\n\n - A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while\n processing read/write ioport commands if the selected floppy drive is not initialized with a block device.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of\n service. The highest threat from this vulnerability is to system availability. (CVE-2021-20196)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function\n ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of\n service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a\n crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the\n bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the\n records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a\n heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap\n buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image\n a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code\n execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and\n MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in\n the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in\n ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <\n 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain\n (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in\n NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in\n ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G\n < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <\n 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-1759.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3748\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-appliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libnbd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libtpms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libtpms-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvirt-wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-gzip-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-nbd-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-tar-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-tar-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-tmpdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-hw-usbredir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-ui-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qemu-kvm-ui-spice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:swtpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:swtpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:swtpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:swtpm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:swtpm-tools-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:virt-v2v\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:virt-v2v-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:virt-v2v-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:virt-v2v-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar module_ver = get_kb_item('Host/AlmaLinux/appstream/virt');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:rhel');\nif ('rhel' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt:' + module_ver);\n\nvar appstreams = {\n 'virt:rhel': [\n {'reference':'hivex-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-appliance-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-appliance-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-winsupport-8.6-1.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.6-1.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libiscsi-1.18.0-8.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.6.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.6.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-bash-completion-1.6.0-5.module_el8.6.0+2880+7d9e3703', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.6.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.6.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-wireshark-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-wireshark-8.0.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'lua-guestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdfuse-1.6.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.6.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-4.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'perl-Sys-Guestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'perl-Sys-Virt-8.0.0-1.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-8.0.0-1.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libnbd-1.6.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.6.0-5.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-8.0.0-1.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-8.0.0-1.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-guest-agent-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-docs-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-docs-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-hw-usbredir-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-opengl-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-spice-6.2.0-11.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-23.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ruby-libguestfs-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.15.0-2.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.15.0-2.module_el8.6.0+2880+7d9e3703', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.15.0-2.module_el8.6.0+2880+7d9e3703', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module_el8.6.0+2880+7d9e3703', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'supermin-5.2.1-1.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.2.1-1.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-pkcs11-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-pkcs11-0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-dib-1.44.0-5.module_el8.6.0+2880+7d9e3703.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.42.0-18.module_el8.6.0+2880+7d9e3703', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-bash-completion-1.42.0-18.module_el8.6.0+2880+7d9e3703', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-ja-1.42.0-18.module_el8.6.0+2880+7d9e3703', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-uk-1.42.0-18.module_el8.6.0+2880+7d9e3703', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:rhel');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hivex / hivex-devel / libguestfs / libguestfs-appliance / etc');\n}\n", "naslFamily": "Alma Linux Local Security Checks", "cpe": ["p-cpe:/a:alma:linux:hivex", "p-cpe:/a:alma:linux:hivex-devel", "p-cpe:/a:alma:linux:libguestfs", "p-cpe:/a:alma:linux:libguestfs-appliance", "p-cpe:/a:alma:linux:libguestfs-bash-completion", "p-cpe:/a:alma:linux:libguestfs-devel", "p-cpe:/a:alma:linux:libguestfs-gfs2", "p-cpe:/a:alma:linux:libguestfs-gobject", "p-cpe:/a:alma:linux:libguestfs-gobject-devel", "p-cpe:/a:alma:linux:libguestfs-inspect-icons", "p-cpe:/a:alma:linux:libguestfs-java", "p-cpe:/a:alma:linux:libguestfs-java-devel", "p-cpe:/a:alma:linux:libguestfs-javadoc", "p-cpe:/a:alma:linux:libguestfs-man-pages-ja", "p-cpe:/a:alma:linux:libguestfs-man-pages-uk", "p-cpe:/a:alma:linux:libguestfs-rescue", "p-cpe:/a:alma:linux:libguestfs-rsync", "p-cpe:/a:alma:linux:libguestfs-tools", "p-cpe:/a:alma:linux:libguestfs-tools-c", "p-cpe:/a:alma:linux:libguestfs-winsupport", "p-cpe:/a:alma:linux:libguestfs-xfs", "p-cpe:/a:alma:linux:libiscsi", "p-cpe:/a:alma:linux:libiscsi-devel", "p-cpe:/a:alma:linux:libiscsi-utils", "p-cpe:/a:alma:linux:libnbd", "p-cpe:/a:alma:linux:libnbd-bash-completion", "p-cpe:/a:alma:linux:libnbd-devel", "p-cpe:/a:alma:linux:libtpms", "p-cpe:/a:alma:linux:libtpms-devel", "p-cpe:/a:alma:linux:libvirt", "p-cpe:/a:alma:linux:libvirt-client", "p-cpe:/a:alma:linux:libvirt-daemon", "p-cpe:/a:alma:linux:libvirt-daemon-config-network", "p-cpe:/a:alma:linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:alma:linux:libvirt-daemon-driver-interface", "p-cpe:/a:alma:linux:libvirt-daemon-driver-network", "p-cpe:/a:alma:linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:alma:linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:alma:linux:libvirt-daemon-driver-qemu", "p-cpe:/a:alma:linux:libvirt-daemon-driver-secret", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:alma:linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:alma:linux:libvirt-daemon-kvm", "p-cpe:/a:alma:linux:libvirt-dbus", "p-cpe:/a:alma:linux:libvirt-devel", "p-cpe:/a:alma:linux:libvirt-docs", "p-cpe:/a:alma:linux:libvirt-libs", "p-cpe:/a:alma:linux:libvirt-lock-sanlock", "p-cpe:/a:alma:linux:libvirt-nss", "p-cpe:/a:alma:linux:libvirt-wireshark", "p-cpe:/a:alma:linux:lua-guestfs", "p-cpe:/a:alma:linux:nbdfuse", "p-cpe:/a:alma:linux:nbdkit", "p-cpe:/a:alma:linux:nbdkit-bash-completion", "p-cpe:/a:alma:linux:nbdkit-basic-filters", "p-cpe:/a:alma:linux:nbdkit-basic-plugins", "p-cpe:/a:alma:linux:nbdkit-curl-plugin", "p-cpe:/a:alma:linux:nbdkit-devel", "p-cpe:/a:alma:linux:nbdkit-example-plugins", "p-cpe:/a:alma:linux:nbdkit-gzip-filter", "p-cpe:/a:alma:linux:nbdkit-gzip-plugin", "p-cpe:/a:alma:linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:alma:linux:nbdkit-nbd-plugin", "p-cpe:/a:alma:linux:nbdkit-python-plugin", "p-cpe:/a:alma:linux:nbdkit-server", "p-cpe:/a:alma:linux:nbdkit-ssh-plugin", "p-cpe:/a:alma:linux:nbdkit-tar-filter", "p-cpe:/a:alma:linux:nbdkit-tar-plugin", "p-cpe:/a:alma:linux:nbdkit-tmpdisk-plugin", "p-cpe:/a:alma:linux:nbdkit-vddk-plugin", "p-cpe:/a:alma:linux:nbdkit-xz-filter", "p-cpe:/a:alma:linux:netcf", "p-cpe:/a:alma:linux:netcf-devel", "p-cpe:/a:alma:linux:netcf-libs", "p-cpe:/a:alma:linux:perl-Sys-Guestfs", "p-cpe:/a:alma:linux:perl-Sys-Virt", "p-cpe:/a:alma:linux:perl-hivex", "p-cpe:/a:alma:linux:python3-hivex", "p-cpe:/a:alma:linux:python3-libguestfs", "p-cpe:/a:alma:linux:python3-libnbd", "p-cpe:/a:alma:linux:python3-libvirt", "p-cpe:/a:alma:linux:qemu-guest-agent", "p-cpe:/a:alma:linux:qemu-img", "p-cpe:/a:alma:linux:qemu-kvm", "p-cpe:/a:alma:linux:qemu-kvm-block-curl", "p-cpe:/a:alma:linux:qemu-kvm-block-gluster", "p-cpe:/a:alma:linux:qemu-kvm-block-iscsi", "p-cpe:/a:alma:linux:qemu-kvm-block-rbd", "p-cpe:/a:alma:linux:qemu-kvm-block-ssh", "p-cpe:/a:alma:linux:qemu-kvm-common", "p-cpe:/a:alma:linux:qemu-kvm-core", "p-cpe:/a:alma:linux:qemu-kvm-docs", "p-cpe:/a:alma:linux:qemu-kvm-hw-usbredir", "p-cpe:/a:alma:linux:qemu-kvm-ui-opengl", "p-cpe:/a:alma:linux:qemu-kvm-ui-spice", "p-cpe:/a:alma:linux:ruby-hivex", "p-cpe:/a:alma:linux:ruby-libguestfs", "p-cpe:/a:alma:linux:seabios", "p-cpe:/a:alma:linux:seabios-bin", "p-cpe:/a:alma:linux:seavgabios-bin", "p-cpe:/a:alma:linux:sgabios", "p-cpe:/a:alma:linux:sgabios-bin", "p-cpe:/a:alma:linux:supermin", "p-cpe:/a:alma:linux:supermin-devel", "p-cpe:/a:alma:linux:swtpm", "p-cpe:/a:alma:linux:swtpm-devel", "p-cpe:/a:alma:linux:swtpm-libs", "p-cpe:/a:alma:linux:swtpm-tools", "p-cpe:/a:alma:linux:swtpm-tools-pkcs11", "p-cpe:/a:alma:linux:virt-dib", "p-cpe:/a:alma:linux:virt-v2v", "p-cpe:/a:alma:linux:virt-v2v-bash-completion", "p-cpe:/a:alma:linux:virt-v2v-man-pages-ja", "p-cpe:/a:alma:linux:virt-v2v-man-pages-uk", "cpe:/o:alma:linux:8"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-3748", "vendor_cvss2": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "vpr": {"risk factor": "High", "score": "7.3"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2022-05-10T00:00:00", "vulnerabilityPublicationDate": "2021-05-26T00:00:00", "exploitableWith": []}

{"redhat": [{"lastseen": "2023-01-03T18:10:18", "description": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nThe following packages have been upgraded to a later upstream version: qemu-kvm (6.2.0), libvirt (8.0.0), libvirt-python (8.0.0), perl-Sys-Virt (8.0.0), seabios (1.15.0), libtpms (0.9.1). (BZ#1997410, BZ#2012802, BZ#2012806, BZ#2012813, BZ#2018392, BZ#2027716, BZ#2029355)\n\nSecurity Fix(es):\n\n* QEMU: virtio-net: heap use-after-free in virtio_net_receive_rcu (CVE-2021-3748)\n\n* ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records (CVE-2021-33285)\n\n* ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n* ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes (CVE-2021-33287)\n\n* ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n* ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n* ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections (CVE-2021-35267)\n\n* ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode (CVE-2021-35268)\n\n* ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT (CVE-2021-35269)\n\n* ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n* ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n* ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n* ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize() (CVE-2021-39254)\n\n* ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n* ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n* ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n* ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n* ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length (CVE-2021-39259)\n\n* ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n* ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n* ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n* ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute (CVE-2021-39263)\n\n* libnbd: nbdcopy: missing error handling may create corrupted destination image (CVE-2022-0485)\n\n* hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622)\n\n* nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)\n\n* libvirt: segmentation fault during VM shutdown can lead to vdsm hang (CVE-2021-3975)\n\n* QEMU: NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c (CVE-2021-4145)\n\n* QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)\n\n* QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-10T07:59:57", "type": "redhat", "title": "(RHSA-2022:1759) Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20196", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3622", "CVE-2021-3716", "CVE-2021-3748", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263", "CVE-2021-3975", "CVE-2021-4145", "CVE-2021-4158", "CVE-2022-0485"], "modified": "2022-05-10T10:03:46", "id": "RHSA-2022:1759", "href": "https://access.redhat.com/errata/RHSA-2022:1759", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-26T18:37:56", "description": "The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682)\n\n* ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records (CVE-2021-33285)\n\n* ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n* ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes (CVE-2021-33287)\n\n* ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n* ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n* ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections (CVE-2021-35267)\n\n* ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode (CVE-2021-35268)\n\n* ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT (CVE-2021-35269)\n\n* ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n* ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n* ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n* ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize() (CVE-2021-39254)\n\n* ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n* ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n* ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n* ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n* ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length (CVE-2021-39259)\n\n* ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n* ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n* ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n* ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute (CVE-2021-39263)\n\n* QEMU: net: Infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n* libvirt: Insecure sVirt label generation (CVE-2021-3631)\n\n* libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API (CVE-2021-3667)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* SAP/3TB VM migration slowness [idle db] (BZ#1984458)\n\n* Detecting TSC timer frequencies requires too many privileges (BZ#1996130)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-09-30T16:19:56", "type": "redhat", "title": "(RHSA-2021:3703) Moderate: virt:av and virt-devel:av security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-3416", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3631", "CVE-2021-3667", "CVE-2021-3682", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2021-09-30T16:44:12", "id": "RHSA-2021:3703", "href": "https://access.redhat.com/errata/RHSA-2021:3703", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-26T18:41:37", "description": "The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682)\n\n* ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records (CVE-2021-33285)\n\n* ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n* ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes (CVE-2021-33287)\n\n* ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n* ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n* ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections (CVE-2021-35267)\n\n* ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode (CVE-2021-35268)\n\n* ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT (CVE-2021-35269)\n\n* ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n* ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n* ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n* ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize() (CVE-2021-39254)\n\n* ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n* ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n* ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n* ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n* ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length (CVE-2021-39259)\n\n* ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n* ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n* ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n* ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute (CVE-2021-39263)\n\n* libvirt: Insecure sVirt label generation (CVE-2021-3631)\n\n* libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API (CVE-2021-3667)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-09-30T18:28:50", "type": "redhat", "title": "(RHSA-2021:3704) Moderate: virt:8.2 and virt-devel:8.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3631", "CVE-2021-3667", "CVE-2021-3682", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2021-09-30T18:52:32", "id": "RHSA-2021:3704", "href": "https://access.redhat.com/errata/RHSA-2021:3704", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-10T03:29:09", "description": "The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)\n\n* QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* There is nbdkit curl error info if convert a guest from VMware without vddk by administrator account [rhel-av-8.5.z] (BZ#2040778)\n\n* Fix data corruption in nbdkit-cow-filter and nbdkit-cache-filter [rhel-av-8.5z] (BZ#2040781)", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 4.0}, "published": "2022-02-02T08:22:47", "type": "redhat", "title": "(RHSA-2022:0397) Low: virt:av and virt-devel:av security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20196", "CVE-2021-3716"], "modified": "2022-02-02T08:35:13", "id": "RHSA-2022:0397", "href": "https://access.redhat.com/errata/RHSA-2022:0397", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2022-02-10T00:00:00", "description": "The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* <hint-dedicated> should not require <cpu mode='host-passthrough'> (BZ#2034942)", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 4.0}, "published": "2022-01-31T14:57:47", "type": "redhat", "title": "(RHSA-2022:0325) Low: virt:av and virt-devel:av security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20196"], "modified": "2022-01-31T15:02:01", "id": "RHSA-2022:0325", "href": "https://access.redhat.com/errata/RHSA-2022:0325", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2023-01-10T19:24:05", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1759 advisory.\n\n - A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability. (CVE-2021-3622)\n\n - QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)\n\n - libnbd: nbdcopy: missing error handling may create corrupted destination image (CVE-2022-0485)\n\n - A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-20196)\n\n - A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0.\n The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node. (CVE-2021-4145)\n\n - A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability. (CVE-2021-3716)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)\n\n - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process. (CVE-2021-3748)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\n - libvirt: segmentation fault during VM shutdown can lead to vdsm hang (CVE-2021-3975)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-18T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : virt:ol / and / virt-devel:ol (ELSA-2022-1759)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20196", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3622", "CVE-2021-3716", "CVE-2021-3748", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263", "CVE-2021-3975", "CVE-2021-4145", "CVE-2021-4158", "CVE-2022-0485"], "modified": "2022-12-15T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:hivex", "p-cpe:/a:oracle:linux:hivex-devel", "p-cpe:/a:oracle:linux:libguestfs", "p-cpe:/a:oracle:linux:libguestfs-appliance", "p-cpe:/a:oracle:linux:libguestfs-bash-completion", "p-cpe:/a:oracle:linux:libguestfs-devel", "p-cpe:/a:oracle:linux:libguestfs-gfs2", "p-cpe:/a:oracle:linux:libguestfs-gobject", "p-cpe:/a:oracle:linux:libguestfs-gobject-devel", "p-cpe:/a:oracle:linux:libguestfs-inspect-icons", "p-cpe:/a:oracle:linux:libguestfs-java", "p-cpe:/a:oracle:linux:libguestfs-java-devel", "p-cpe:/a:oracle:linux:libguestfs-javadoc", "p-cpe:/a:oracle:linux:libguestfs-man-pages-ja", "p-cpe:/a:oracle:linux:libguestfs-man-pages-uk", "p-cpe:/a:oracle:linux:libguestfs-rescue", "p-cpe:/a:oracle:linux:libguestfs-rsync", "p-cpe:/a:oracle:linux:libguestfs-tools", "p-cpe:/a:oracle:linux:libguestfs-tools-c", "p-cpe:/a:oracle:linux:libguestfs-winsupport", "p-cpe:/a:oracle:linux:libguestfs-xfs", "p-cpe:/a:oracle:linux:libiscsi", "p-cpe:/a:oracle:linux:libiscsi-devel", "p-cpe:/a:oracle:linux:libiscsi-utils", "p-cpe:/a:oracle:linux:libnbd", "p-cpe:/a:oracle:linux:libnbd-bash-completion", "p-cpe:/a:oracle:linux:libnbd-devel", "p-cpe:/a:oracle:linux:libtpms", "p-cpe:/a:oracle:linux:libtpms-devel", "p-cpe:/a:oracle:linux:libvirt", "p-cpe:/a:oracle:linux:libvirt-client", "p-cpe:/a:oracle:linux:libvirt-daemon", "p-cpe:/a:oracle:linux:libvirt-daemon-config-network", "p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-network", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:oracle:linux:libvirt-daemon-kvm", "p-cpe:/a:oracle:linux:libvirt-dbus", "p-cpe:/a:oracle:linux:libvirt-devel", "p-cpe:/a:oracle:linux:libvirt-docs", "p-cpe:/a:oracle:linux:libvirt-libs", "p-cpe:/a:oracle:linux:libvirt-lock-sanlock", "p-cpe:/a:oracle:linux:libvirt-nss", "p-cpe:/a:oracle:linux:libvirt-wireshark", "p-cpe:/a:oracle:linux:lua-guestfs", "p-cpe:/a:oracle:linux:nbdfuse", "p-cpe:/a:oracle:linux:nbdkit", "p-cpe:/a:oracle:linux:nbdkit-bash-completion", "p-cpe:/a:oracle:linux:nbdkit-basic-filters", "p-cpe:/a:oracle:linux:nbdkit-basic-plugins", "p-cpe:/a:oracle:linux:nbdkit-curl-plugin", "p-cpe:/a:oracle:linux:nbdkit-devel", "p-cpe:/a:oracle:linux:nbdkit-example-plugins", "p-cpe:/a:oracle:linux:nbdkit-gzip-filter", "p-cpe:/a:oracle:linux:nbdkit-gzip-plugin", "p-cpe:/a:oracle:linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:oracle:linux:nbdkit-nbd-plugin", "p-cpe:/a:oracle:linux:nbdkit-python-plugin", "p-cpe:/a:oracle:linux:nbdkit-server", "p-cpe:/a:oracle:linux:nbdkit-ssh-plugin", "p-cpe:/a:oracle:linux:nbdkit-tar-filter", "p-cpe:/a:oracle:linux:nbdkit-tar-plugin", "p-cpe:/a:oracle:linux:nbdkit-tmpdisk-plugin", "p-cpe:/a:oracle:linux:nbdkit-vddk-plugin", "p-cpe:/a:oracle:linux:nbdkit-xz-filter", "p-cpe:/a:oracle:linux:netcf", "p-cpe:/a:oracle:linux:netcf-devel", "p-cpe:/a:oracle:linux:netcf-libs", "p-cpe:/a:oracle:linux:ocaml-hivex", "p-cpe:/a:oracle:linux:ocaml-hivex-devel", "p-cpe:/a:oracle:linux:ocaml-libguestfs", "p-cpe:/a:oracle:linux:ocaml-libguestfs-devel", "p-cpe:/a:oracle:linux:ocaml-libnbd", "p-cpe:/a:oracle:linux:ocaml-libnbd-devel", "p-cpe:/a:oracle:linux:perl-Sys-Guestfs", "p-cpe:/a:oracle:linux:perl-Sys-Virt", "p-cpe:/a:oracle:linux:perl-hivex", "p-cpe:/a:oracle:linux:python3-hivex", "p-cpe:/a:oracle:linux:python3-libguestfs", "p-cpe:/a:oracle:linux:python3-libnbd", "p-cpe:/a:oracle:linux:python3-libvirt", "p-cpe:/a:oracle:linux:qemu-guest-agent", "p-cpe:/a:oracle:linux:qemu-img", "p-cpe:/a:oracle:linux:qemu-kvm", "p-cpe:/a:oracle:linux:qemu-kvm-block-curl", "p-cpe:/a:oracle:linux:qemu-kvm-block-gluster", "p-cpe:/a:oracle:linux:qemu-kvm-block-iscsi", "p-cpe:/a:oracle:linux:qemu-kvm-block-rbd", "p-cpe:/a:oracle:linux:qemu-kvm-block-ssh", "p-cpe:/a:oracle:linux:qemu-kvm-common", "p-cpe:/a:oracle:linux:qemu-kvm-core", "p-cpe:/a:oracle:linux:qemu-kvm-docs", "p-cpe:/a:oracle:linux:qemu-kvm-hw-usbredir", "p-cpe:/a:oracle:linux:qemu-kvm-tests", "p-cpe:/a:oracle:linux:qemu-kvm-ui-opengl", "p-cpe:/a:oracle:linux:qemu-kvm-ui-spice", "p-cpe:/a:oracle:linux:ruby-hivex", "p-cpe:/a:oracle:linux:ruby-libguestfs", "p-cpe:/a:oracle:linux:seabios", "p-cpe:/a:oracle:linux:seabios-bin", "p-cpe:/a:oracle:linux:seavgabios-bin", "p-cpe:/a:oracle:linux:sgabios", "p-cpe:/a:oracle:linux:sgabios-bin", "p-cpe:/a:oracle:linux:supermin", "p-cpe:/a:oracle:linux:supermin-devel", "p-cpe:/a:oracle:linux:swtpm", "p-cpe:/a:oracle:linux:swtpm-devel", "p-cpe:/a:oracle:linux:swtpm-libs", "p-cpe:/a:oracle:linux:swtpm-tools", "p-cpe:/a:oracle:linux:swtpm-tools-pkcs11", "p-cpe:/a:oracle:linux:virt-dib", "p-cpe:/a:oracle:linux:virt-v2v", "p-cpe:/a:oracle:linux:virt-v2v-bash-completion", "p-cpe:/a:oracle:linux:virt-v2v-man-pages-ja", "p-cpe:/a:oracle:linux:virt-v2v-man-pages-uk"], "id": "ORACLELINUX_ELSA-2022-1759.NASL", "href": "https://www.tenable.com/plugins/nessus/161302", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-1759.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161302);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/15\");\n\n script_cve_id(\n \"CVE-2021-3622\",\n \"CVE-2021-3716\",\n \"CVE-2021-3748\",\n \"CVE-2021-3975\",\n \"CVE-2021-4145\",\n \"CVE-2021-4158\",\n \"CVE-2021-20196\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\",\n \"CVE-2022-0485\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0051-S\");\n\n script_name(english:\"Oracle Linux 8 : virt:ol / and / virt-devel:ol (ELSA-2022-1759)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-1759 advisory.\n\n - A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows\n Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to\n a stack overflow. The highest threat from this vulnerability is to system availability. (CVE-2021-3622)\n\n - QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)\n\n - libnbd: nbdcopy: missing error handling may create corrupted destination image (CVE-2022-0485)\n\n - A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while\n processing read/write ioport commands if the selected floppy drive is not initialized with a block device.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of\n service. The highest threat from this vulnerability is to system availability. (CVE-2021-20196)\n\n - A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0.\n The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A\n malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host\n when writing data reaches the threshold of mirroring node. (CVE-2021-4145)\n\n - A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption\n boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before\n proxying everything else a client sends to the server, potentially leading the client to terminate the NBD\n session. The highest threat from this vulnerability is to system availability. (CVE-2021-3716)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <\n 2021.8.22. (CVE-2021-39256)\n\n - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the\n descriptor's address belongs to the non direct access region, due to num_buffers being set after the\n virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a\n denial of service condition, or potentially execute code on the host with the privileges of the QEMU\n process. (CVE-2021-3748)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function\n ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of\n service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a\n crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the\n bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the\n records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image\n a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code\n execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and\n MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain\n (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in\n NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in\n ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\n - libvirt: segmentation fault during VM shutdown can lead to vdsm hang (CVE-2021-3975)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap\n buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G\n < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a\n heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in\n the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in\n ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <\n 2021.8.22. (CVE-2021-39261)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-1759.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3748\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-appliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libnbd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libtpms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libtpms-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-gzip-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-nbd-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-tar-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-tar-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-tmpdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-hw-usbredir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-ui-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-ui-spice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:swtpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:swtpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:swtpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:swtpm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:swtpm-tools-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:virt-v2v\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:virt-v2v-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:virt-v2v-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:virt-v2v-man-pages-uk\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/virt');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:ol');\nif ('ol' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt:' + module_ver);\n\nvar appstreams = {\n 'virt:ol': [\n {'reference':'hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-appliance-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-appliance-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-winsupport-8.6-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.6-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.6-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libiscsi-1.18.0-8.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-bash-completion-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-wireshark-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-wireshark-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-wireshark-8.0.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'lua-guestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdfuse-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-4.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'perl-Sys-Guestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'perl-Sys-Virt-8.0.0-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-8.0.0-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-8.0.0-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libnbd-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.6.0-5.module+el8.6.0+20664+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-8.0.0-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-8.0.0-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-8.0.0-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-guest-agent-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-docs-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-docs-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-hw-usbredir-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-tests-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-tests-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-opengl-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-spice-6.2.0-11.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-23.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ruby-libguestfs-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.15.0-2.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.15.0-2.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.15.0-2.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.6.0+20659+3dcf7c70', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'supermin-5.2.1-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.2.1-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-pkcs11-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-pkcs11-0.7.0-1.20211109gitb79fd91.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-dib-1.44.0-5.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.42.0-18.0.1.module+el8.6.0+20659+3dcf7c70', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-bash-completion-1.42.0-18.0.1.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-ja-1.42.0-18.0.1.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-uk-1.42.0-18.0.1.module+el8.6.0+20659+3dcf7c70', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:ol');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hivex / hivex-devel / libguestfs / etc');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-24T00:28:13", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1759 advisory.\n\n - QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)\n\n - ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records (CVE-2021-33285)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes (CVE-2021-33287)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n - ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections (CVE-2021-35267)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode (CVE-2021-35268)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT (CVE-2021-35269)\n\n - hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622)\n\n - nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)\n\n - QEMU: virtio-net: heap use-after-free in virtio_net_receive_rcu (CVE-2021-3748)\n\n - ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n - ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n - ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n - ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize() (CVE-2021-39254)\n\n - ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n - ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n - ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length (CVE-2021-39259)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n - ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n - ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n - ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute (CVE-2021-39263)\n\n - libvirt: segmentation fault during VM shutdown can lead to vdsm hang (CVE-2021-3975)\n\n - QEMU: NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c (CVE-2021-4145)\n\n - QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)\n\n - libnbd: nbdcopy: missing error handling may create corrupted destination image (CVE-2022-0485)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-11T00:00:00", "type": "nessus", "title": "RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2022:1759)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20196", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3622", "CVE-2021-3716", "CVE-2021-3748", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263", "CVE-2021-3975", "CVE-2021-4145", "CVE-2021-4158", "CVE-2022-0485"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:SLOF", "p-cpe:/a:redhat:enterprise_linux:hivex", "p-cpe:/a:redhat:enterprise_linux:hivex-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs", "p-cpe:/a:redhat:enterprise_linux:libguestfs-appliance", "p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c", "p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport", "p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs", "p-cpe:/a:redhat:enterprise_linux:libiscsi", "p-cpe:/a:redhat:enterprise_linux:libiscsi-devel", "p-cpe:/a:redhat:enterprise_linux:libiscsi-utils", "p-cpe:/a:redhat:enterprise_linux:libnbd", "p-cpe:/a:redhat:enterprise_linux:libnbd-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:libtpms", "p-cpe:/a:redhat:enterprise_linux:libtpms-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-dbus", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss", "p-cpe:/a:redhat:enterprise_linux:libvirt-wireshark", "p-cpe:/a:redhat:enterprise_linux:lua-guestfs", "p-cpe:/a:redhat:enterprise_linux:nbdfuse", "p-cpe:/a:redhat:enterprise_linux:nbdkit", "p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-devel", "p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-filter", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-nbd-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-server", "p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-filter", "p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-tmpdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter", "p-cpe:/a:redhat:enterprise_linux:netcf", "p-cpe:/a:redhat:enterprise_linux:netcf-devel", "p-cpe:/a:redhat:enterprise_linux:netcf-libs", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt", "p-cpe:/a:redhat:enterprise_linux:perl-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-libguestfs", "p-cpe:/a:redhat:enterprise_linux:python3-libnbd", "p-cpe:/a:redhat:enterprise_linux:python3-libvirt", "p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent", "p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-docs", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-hw-usbredir", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-opengl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-spice", "p-cpe:/a:redhat:enterprise_linux:ruby-hivex", "p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs", "p-cpe:/a:redhat:enterprise_linux:seabios", "p-cpe:/a:redhat:enterprise_linux:seabios-bin", "p-cpe:/a:redhat:enterprise_linux:seavgabios-bin", "p-cpe:/a:redhat:enterprise_linux:sgabios", "p-cpe:/a:redhat:enterprise_linux:sgabios-bin", "p-cpe:/a:redhat:enterprise_linux:supermin", "p-cpe:/a:redhat:enterprise_linux:supermin-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm", "p-cpe:/a:redhat:enterprise_linux:swtpm-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm-libs", "p-cpe:/a:redhat:enterprise_linux:swtpm-tools", "p-cpe:/a:redhat:enterprise_linux:swtpm-tools-pkcs11", "p-cpe:/a:redhat:enterprise_linux:virt-dib", "p-cpe:/a:redhat:enterprise_linux:virt-v2v", "p-cpe:/a:redhat:enterprise_linux:virt-v2v-bash-completion", "p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-uk"], "id": "REDHAT-RHSA-2022-1759.NASL", "href": "https://www.tenable.com/plugins/nessus/161052", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:1759. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161052);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-3622\",\n \"CVE-2021-3716\",\n \"CVE-2021-3748\",\n \"CVE-2021-3975\",\n \"CVE-2021-4145\",\n \"CVE-2021-4158\",\n \"CVE-2021-20196\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\",\n \"CVE-2022-0485\"\n );\n script_xref(name:\"RHSA\", value:\"2022:1759\");\n script_xref(name:\"IAVB\", value:\"2022-B-0051-S\");\n\n script_name(english:\"RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2022:1759)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:1759 advisory.\n\n - QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)\n\n - ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of\n bytes_in_use value in MFT records (CVE-2021-33285)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes\n (CVE-2021-33287)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n - ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections\n (CVE-2021-35267)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode\n (CVE-2021-35268)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute\n from MFT (CVE-2021-35269)\n\n - hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622)\n\n - nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)\n\n - QEMU: virtio-net: heap use-after-free in virtio_net_receive_rcu (CVE-2021-3748)\n\n - ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n - ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n - ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n - ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize()\n (CVE-2021-39254)\n\n - ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n - ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n - ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length\n (CVE-2021-39259)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n - ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n - ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n - ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute\n (CVE-2021-39263)\n\n - libvirt: segmentation fault during VM shutdown can lead to vdsm hang (CVE-2021-3975)\n\n - QEMU: NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c (CVE-2021-4145)\n\n - QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)\n\n - libnbd: nbdcopy: missing error handling may create corrupted destination image (CVE-2022-0485)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3622\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3716\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4145\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39255\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39259\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0485\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1759\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1919210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1975489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1994695\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1998514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001609\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001621\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001652\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001659\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2024326\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2034602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2035002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2050324\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3748\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 252, 400, 416, 476, 924);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-appliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-nbd-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-tmpdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-hw-usbredir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-spice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-tools-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-uk\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'virt-devel:rhel': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.6-1.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-wireshark-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-8.0.0-1.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-8.0.0-1.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.6-1.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-wireshark-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-8.0.0-1.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-8.0.0-1.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-23.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.6.0+14480+c0a3aa0f', 'cpu':'i686', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ],\n 'virt:rhel': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-appliance-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libnbd-bash-completion-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qemu-guest-agent-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-docs-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-hw-usbredir-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-opengl-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-spice-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.15.0-2.module+el8.6.0+14757+c25ee005', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.15.0-2.module+el8.6.0+14757+c25ee005', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.15.0-2.module+el8.6.0+14757+c25ee005', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20210217-1.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.2.1-1.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-pkcs11-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.42.0-18.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-bash-completion-1.42.0-18.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-ja-1.42.0-18.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-uk-1.42.0-18.module+el8.6.0+14480+c0a3aa0f', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-appliance-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libnbd-bash-completion-1.6.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-8.0.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-4.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qemu-guest-agent-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-docs-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-hw-usbredir-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-opengl-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-spice-6.2.0-11.module+el8.6.0+14707+5aa4b42d', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.15.0-2.module+el8.6.0+14757+c25ee005', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.15.0-2.module+el8.6.0+14757+c25ee005', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.15.0-2.module+el8.6.0+14757+c25ee005', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20210217-1.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.2.1-1.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-pkcs11-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.44.0-5.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.42.0-18.module+el8.6.0+14480+c0a3aa0f', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-bash-completion-1.42.0-18.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-ja-1.42.0-18.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-uk-1.42.0-18.module+el8.6.0+14480+c0a3aa0f', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel / virt:rhel');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-appliance / etc');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-09T08:39:27", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1759 advisory.\n\n - QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)\n\n - ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records (CVE-2021-33285)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes (CVE-2021-33287)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n - ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections (CVE-2021-35267)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode (CVE-2021-35268)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT (CVE-2021-35269)\n\n - hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622)\n\n - nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)\n\n - QEMU: virtio-net: heap use-after-free in virtio_net_receive_rcu (CVE-2021-3748)\n\n - ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n - ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n - ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n - ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize() (CVE-2021-39254)\n\n - ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n - ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n - ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length (CVE-2021-39259)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n - ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n - ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n - ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute (CVE-2021-39263)\n\n - libvirt: segmentation fault during VM shutdown can lead to vdsm hang (CVE-2021-3975)\n\n - QEMU: NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c (CVE-2021-4145)\n\n - QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)\n\n - libnbd: nbdcopy: missing error handling may create corrupted destination image (CVE-2022-0485)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-10T00:00:00", "type": "nessus", "title": "CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2022:1759)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20196", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3622", "CVE-2021-3716", "CVE-2021-3748", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263", "CVE-2021-3975", "CVE-2021-4145", "CVE-2021-4158", "CVE-2022-0485"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:SLOF", "p-cpe:/a:centos:centos:hivex", "p-cpe:/a:centos:centos:hivex-devel", "p-cpe:/a:centos:centos:libguestfs", "p-cpe:/a:centos:centos:libguestfs-appliance", "p-cpe:/a:centos:centos:libguestfs-bash-completion", "p-cpe:/a:centos:centos:libguestfs-devel", "p-cpe:/a:centos:centos:libguestfs-gfs2", "p-cpe:/a:centos:centos:libguestfs-gobject", "p-cpe:/a:centos:centos:libguestfs-gobject-devel", "p-cpe:/a:centos:centos:libguestfs-inspect-icons", "p-cpe:/a:centos:centos:libguestfs-java", "p-cpe:/a:centos:centos:libguestfs-java-devel", "p-cpe:/a:centos:centos:libguestfs-javadoc", "p-cpe:/a:centos:centos:libguestfs-man-pages-ja", "p-cpe:/a:centos:centos:libguestfs-man-pages-uk", "p-cpe:/a:centos:centos:libguestfs-rescue", "p-cpe:/a:centos:centos:libguestfs-rsync", "p-cpe:/a:centos:centos:libguestfs-tools", "p-cpe:/a:centos:centos:libguestfs-tools-c", "p-cpe:/a:centos:centos:libguestfs-winsupport", "p-cpe:/a:centos:centos:libguestfs-xfs", "p-cpe:/a:centos:centos:libiscsi", "p-cpe:/a:centos:centos:libiscsi-devel", "p-cpe:/a:centos:centos:libiscsi-utils", "p-cpe:/a:centos:centos:libtpms", "p-cpe:/a:centos:centos:libtpms-devel", "p-cpe:/a:centos:centos:libvirt-dbus", "p-cpe:/a:centos:centos:lua-guestfs", "p-cpe:/a:centos:centos:nbdkit", "p-cpe:/a:centos:centos:nbdkit-bash-completion", "p-cpe:/a:centos:centos:nbdkit-basic-filters", "p-cpe:/a:centos:centos:nbdkit-basic-plugins", "p-cpe:/a:centos:centos:nbdkit-curl-plugin", "p-cpe:/a:centos:centos:nbdkit-devel", "p-cpe:/a:centos:centos:nbdkit-example-plugins", "p-cpe:/a:centos:centos:nbdkit-gzip-filter", "p-cpe:/a:centos:centos:nbdkit-gzip-plugin", "p-cpe:/a:centos:centos:nbdkit-linuxdisk-plugin", "p-cpe:/a:centos:centos:nbdkit-nbd-plugin", "p-cpe:/a:centos:centos:nbdkit-python-plugin", "p-cpe:/a:centos:centos:nbdkit-server", "p-cpe:/a:centos:centos:nbdkit-ssh-plugin", "p-cpe:/a:centos:centos:nbdkit-tar-filter", "p-cpe:/a:centos:centos:nbdkit-tar-plugin", "p-cpe:/a:centos:centos:nbdkit-tmpdisk-plugin", "p-cpe:/a:centos:centos:nbdkit-vddk-plugin", "p-cpe:/a:centos:centos:nbdkit-xz-filter", "p-cpe:/a:centos:centos:netcf", "p-cpe:/a:centos:centos:netcf-devel", "p-cpe:/a:centos:centos:netcf-libs", "p-cpe:/a:centos:centos:ocaml-hivex", "p-cpe:/a:centos:centos:ocaml-hivex-devel", "p-cpe:/a:centos:centos:ocaml-libguestfs", "p-cpe:/a:centos:centos:ocaml-libguestfs-devel", "p-cpe:/a:centos:centos:perl-Sys-Guestfs", "p-cpe:/a:centos:centos:perl-Sys-Virt", "p-cpe:/a:centos:centos:perl-hivex", "p-cpe:/a:centos:centos:python3-hivex", "p-cpe:/a:centos:centos:python3-libguestfs", "p-cpe:/a:centos:centos:python3-libvirt", "p-cpe:/a:centos:centos:ruby-hivex", "p-cpe:/a:centos:centos:ruby-libguestfs", "p-cpe:/a:centos:centos:sgabios", "p-cpe:/a:centos:centos:sgabios-bin", "p-cpe:/a:centos:centos:supermin", "p-cpe:/a:centos:centos:supermin-devel", "p-cpe:/a:centos:centos:swtpm", "p-cpe:/a:centos:centos:swtpm-devel", "p-cpe:/a:centos:centos:swtpm-libs", "p-cpe:/a:centos:centos:swtpm-tools", "p-cpe:/a:centos:centos:swtpm-tools-pkcs11", "p-cpe:/a:centos:centos:virt-dib", "p-cpe:/a:centos:centos:virt-v2v", "p-cpe:/a:centos:centos:virt-v2v-bash-completion", "p-cpe:/a:centos:centos:virt-v2v-man-pages-ja", "p-cpe:/a:centos:centos:virt-v2v-man-pages-uk"], "id": "CENTOS8_RHSA-2022-1759.NASL", "href": "https://www.tenable.com/plugins/nessus/160913", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:1759. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160913);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2021-3622\",\n \"CVE-2021-3716\",\n \"CVE-2021-3748\",\n \"CVE-2021-3975\",\n \"CVE-2021-4145\",\n \"CVE-2021-4158\",\n \"CVE-2021-20196\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\",\n \"CVE-2022-0485\"\n );\n script_xref(name:\"RHSA\", value:\"2022:1759\");\n script_xref(name:\"IAVB\", value:\"2022-B-0051-S\");\n\n script_name(english:\"CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2022:1759)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2022:1759 advisory.\n\n - QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)\n\n - ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of\n bytes_in_use value in MFT records (CVE-2021-33285)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes\n (CVE-2021-33287)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n - ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections\n (CVE-2021-35267)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode\n (CVE-2021-35268)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute\n from MFT (CVE-2021-35269)\n\n - hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622)\n\n - nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)\n\n - QEMU: virtio-net: heap use-after-free in virtio_net_receive_rcu (CVE-2021-3748)\n\n - ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n - ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n - ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n - ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize()\n (CVE-2021-39254)\n\n - ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n - ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n - ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length\n (CVE-2021-39259)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n - ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n - ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n - ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute\n (CVE-2021-39263)\n\n - libvirt: segmentation fault during VM shutdown can lead to vdsm hang (CVE-2021-3975)\n\n - QEMU: NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c (CVE-2021-4145)\n\n - QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)\n\n - libnbd: nbdcopy: missing error handling may create corrupted destination image (CVE-2022-0485)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1759\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3748\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-appliance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libtpms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libtpms-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-gzip-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-nbd-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-tar-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-tar-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-tmpdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:swtpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:swtpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:swtpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:swtpm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:swtpm-tools-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-v2v\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-v2v-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-v2v-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-v2v-man-pages-uk\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/virt-devel');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\nif ('rhel' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt-devel:' + module_ver);\n\nvar appstreams = {\n 'virt-devel:rhel': [\n {'reference':'hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-appliance-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-appliance-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-bash-completion-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-bash-completion-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-inspect-icons-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-inspect-icons-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-javadoc-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-javadoc-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-ja-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-ja-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-uk-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-uk-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.6-1.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.6-1.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-4.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-8.0.0-1.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-8.0.0-1.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-8.0.0-1.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-8.0.0-1.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-23.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20210217-1.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'SLOF-20210217-1.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.2.1-1.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.2.1-1.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module_el8.6.0+983+a7505f3f', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module_el8.6.0+983+a7505f3f', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-pkcs11-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-pkcs11-0.7.0-1.20211109gitb79fd91.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.44.0-5.module_el8.6.0+1087+b42c8331', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-1.42.0-18.module_el8.6.0+1046+bd8eec5e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-1.42.0-18.module_el8.6.0+1046+bd8eec5e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-bash-completion-1.42.0-18.module_el8.6.0+1046+bd8eec5e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-bash-completion-1.42.0-18.module_el8.6.0+1046+bd8eec5e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-man-pages-ja-1.42.0-18.module_el8.6.0+1046+bd8eec5e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-man-pages-ja-1.42.0-18.module_el8.6.0+1046+bd8eec5e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-man-pages-uk-1.42.0-18.module_el8.6.0+1046+bd8eec5e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-man-pages-uk-1.42.0-18.module_el8.6.0+1046+bd8eec5e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-appliance / etc');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:55:38", "description": "The version of ntfs-3g installed on the remote host is prior to 2021.8.22. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2021-243-01 advisory.\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-02T00:00:00", "type": "nessus", "title": "Slackware Linux 14.2 / current ntfs-3g Multiple Vulnerabilities (SSA:2021-243-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:ntfs-3g", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2021-243-01.NASL", "href": "https://www.tenable.com/plugins/nessus/152969", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2021-243-01. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152969);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\"\n );\n\n script_name(english:\"Slackware Linux 14.2 / current ntfs-3g Multiple Vulnerabilities (SSA:2021-243-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to ntfs-3g.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of ntfs-3g installed on the remote host is prior to 2021.8.22. It is, therefore, affected by multiple\nvulnerabilities as referenced in the SSA:2021-243-01 advisory.\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a\n heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap\n buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image\n a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code\n execution. (CVE-2021-35266)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected ntfs-3g package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39263\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '2021.8.22', 'product' : 'ntfs-3g', 'os_name' : 'Slackware Linux', 'os_version' : '14.2', 'service_pack' : '1_slack14.2', 'arch' : 'i586' },\n { 'fixed_version' : '2021.8.22', 'product' : 'ntfs-3g', 'os_name' : 'Slackware Linux', 'os_version' : '14.2', 'service_pack' : '1_slack14.2', 'arch' : 'x86_64' },\n { 'fixed_version' : '2021.8.22', 'product' : 'ntfs-3g', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '2021.8.22', 'product' : 'ntfs-3g', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:58:14", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2819 advisory.\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-17T00:00:00", "type": "nessus", "title": "Debian DLA-2819-1 : ntfs-3g - LTS security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2021-11-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libntfs-3g871", "p-cpe:/a:debian:debian_linux:ntfs-3g", "p-cpe:/a:debian:debian_linux:ntfs-3g-dbg", "p-cpe:/a:debian:debian_linux:ntfs-3g-dev", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2819.NASL", "href": "https://www.tenable.com/plugins/nessus/155439", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2819. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155439);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/17\");\n\n script_cve_id(\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\"\n );\n\n script_name(english:\"Debian DLA-2819-1 : ntfs-3g - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2819 advisory.\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function\n ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of\n service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a\n crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the\n bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the\n records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a\n heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap\n buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image\n a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code\n execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and\n MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in\n the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in\n ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <\n 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain\n (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in\n NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in\n ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G\n < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <\n 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/ntfs-3g\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-33285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-33286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-33287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-33289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-35266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-35267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-35268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-35269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39255\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39259\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/ntfs-3g\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the ntfs-3g packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39263\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libntfs-3g871\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'libntfs-3g871', 'reference': '1:2016.2.22AR.1+dfsg-1+deb9u2'},\n {'release': '9.0', 'prefix': 'ntfs-3g', 'reference': '1:2016.2.22AR.1+dfsg-1+deb9u2'},\n {'release': '9.0', 'prefix': 'ntfs-3g-dbg', 'reference': '1:2016.2.22AR.1+dfsg-1+deb9u2'},\n {'release': '9.0', 'prefix': 'ntfs-3g-dev', 'reference': '1:2016.2.22AR.1+dfsg-1+deb9u2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libntfs-3g871 / ntfs-3g / ntfs-3g-dbg / ntfs-3g-dev');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:55:12", "description": "The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4971 advisory.\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-09T00:00:00", "type": "nessus", "title": "Debian DSA-4971-1 : ntfs-3g - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libntfs-3g883", "p-cpe:/a:debian:debian_linux:ntfs-3g", "p-cpe:/a:debian:debian_linux:ntfs-3g-dev", "p-cpe:/a:debian:debian_linux:ntfs-3g-udeb", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-4971.NASL", "href": "https://www.tenable.com/plugins/nessus/153182", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-4971. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153182);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\"\n );\n\n script_name(english:\"Debian DSA-4971-1 : ntfs-3g - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-4971 advisory.\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function\n ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of\n service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a\n crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the\n bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the\n records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a\n heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap\n buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image\n a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code\n execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and\n MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in\n the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in\n ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <\n 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain\n (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in\n NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in\n ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G\n < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <\n 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/ntfs-3g\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2021/dsa-4971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-33285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-33286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-33287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-33289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-35266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-35267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-35268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-35269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39255\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39259\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-39263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/ntfs-3g\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/ntfs-3g\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the ntfs-3g packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39263\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libntfs-3g883\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+|^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'libntfs-3g883', 'reference': '1:2017.3.23AR.3-3+deb10u1'},\n {'release': '10.0', 'prefix': 'ntfs-3g', 'reference': '1:2017.3.23AR.3-3+deb10u1'},\n {'release': '10.0', 'prefix': 'ntfs-3g-dev', 'reference': '1:2017.3.23AR.3-3+deb10u1'},\n {'release': '10.0', 'prefix': 'ntfs-3g-udeb', 'reference': '1:2017.3.23AR.3-3+deb10u1'},\n {'release': '11.0', 'prefix': 'libntfs-3g883', 'reference': '1:2017.3.23AR.3-4+deb11u1'},\n {'release': '11.0', 'prefix': 'ntfs-3g', 'reference': '1:2017.3.23AR.3-4+deb11u1'},\n {'release': '11.0', 'prefix': 'ntfs-3g-dev', 'reference': '1:2017.3.23AR.3-4+deb11u1'},\n {'release': '11.0', 'prefix': 'ntfs-3g-udeb', 'reference': '1:2017.3.23AR.3-4+deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libntfs-3g883 / ntfs-3g / ntfs-3g-dev / ntfs-3g-udeb');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:55:44", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2971-1 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - In Tuxera ntfs-3g versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.\n (CVE-2021-35267)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-08T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2021:2971-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9755", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libntfs-3g-devel", "p-cpe:/a:novell:suse_linux:libntfs-3g87", "p-cpe:/a:novell:suse_linux:ntfs-3g", "p-cpe:/a:novell:suse_linux:ntfsprogs", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-2971-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153122", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:2971-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153122);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\n \"CVE-2019-9755\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:2971-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2021:2971-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:2971-1 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by\n running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap\n buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where\n /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - In Tuxera ntfs-3g versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the\n function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or\n denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by\n mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT\n record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the\n parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS\n image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image\n a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an\n NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even\n code execution. (CVE-2021-35266)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in\n the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.\n (CVE-2021-35267)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in\n ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <\n 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain\n (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in\n NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in\n ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G\n < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <\n 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189720\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-September/009416.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?04b5fc79\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39255\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39259\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39263\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libntfs-3g-devel, libntfs-3g87, ntfs-3g and / or ntfsprogs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39263\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libntfs-3g-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libntfs-3g87\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfsprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libntfs-3g-devel-2021.8.22-3.8.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'libntfs-3g-devel-2021.8.22-3.8.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'libntfs-3g87-2021.8.22-3.8.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'libntfs-3g87-2021.8.22-3.8.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'ntfs-3g-2021.8.22-3.8.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'ntfs-3g-2021.8.22-3.8.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'ntfsprogs-2021.8.22-3.8.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'ntfsprogs-2021.8.22-3.8.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'libntfs-3g-devel-2021.8.22-3.8.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'},\n {'reference':'libntfs-3g-devel-2021.8.22-3.8.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'},\n {'reference':'libntfs-3g87-2021.8.22-3.8.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'},\n {'reference':'libntfs-3g87-2021.8.22-3.8.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'},\n {'reference':'ntfs-3g-2021.8.22-3.8.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'},\n {'reference':'ntfs-3g-2021.8.22-3.8.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'},\n {'reference':'ntfsprogs-2021.8.22-3.8.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'},\n {'reference':'ntfsprogs-2021.8.22-3.8.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libntfs-3g-devel / libntfs-3g87 / ntfs-3g / ntfsprogs');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:55:40", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2971-1 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - In Tuxera ntfs-3g versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.\n (CVE-2021-35267)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-08T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : ntfs-3g_ntfsprogs (openSUSE-SU-2021:2971-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9755", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libntfs-3g-devel", "p-cpe:/a:novell:opensuse:libntfs-3g87", "p-cpe:/a:novell:opensuse:ntfs-3g", "p-cpe:/a:novell:opensuse:ntfsprogs", "p-cpe:/a:novell:opensuse:ntfsprogs-extra", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-2971.NASL", "href": "https://www.tenable.com/plugins/nessus/153117", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:2971-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153117);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\n \"CVE-2019-9755\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : ntfs-3g_ntfsprogs (openSUSE-SU-2021:2971-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:2971-1 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by\n running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap\n buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where\n /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - In Tuxera ntfs-3g versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the\n function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or\n denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by\n mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT\n record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the\n parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS\n image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image\n a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an\n NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even\n code execution. (CVE-2021-35266)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in\n the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.\n (CVE-2021-35267)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in\n ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <\n 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain\n (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in\n NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in\n ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G\n < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <\n 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189720\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/APJMFOEFTZSFEAKDMRWUM25JNERJUHUT/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dcd7f8db\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39255\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39259\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39263\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39263\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g87\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'libntfs-3g-devel-2021.8.22-3.8.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libntfs-3g87-2021.8.22-3.8.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ntfs-3g-2021.8.22-3.8.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ntfsprogs-2021.8.22-3.8.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ntfsprogs-extra-2021.8.22-3.8.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libntfs-3g-devel / libntfs-3g87 / ntfs-3g / ntfsprogs / etc');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:55:24", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1244-1 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-10T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : ntfs-3g_ntfsprogs (openSUSE-SU-2021:1244-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9755", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libntfs-3g-devel", "p-cpe:/a:novell:opensuse:libntfs-3g87", "p-cpe:/a:novell:opensuse:ntfs-3g", "p-cpe:/a:novell:opensuse:ntfsprogs", "p-cpe:/a:novell:opensuse:ntfsprogs-extra", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1244.NASL", "href": "https://www.tenable.com/plugins/nessus/153195", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1244-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153195);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\n \"CVE-2019-9755\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : ntfs-3g_ntfsprogs (openSUSE-SU-2021:1244-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1244-1 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by\n running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap\n buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where\n /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function\n ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of\n service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a\n crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the\n bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the\n records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a\n heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap\n buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image\n a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code\n execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and\n MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in\n ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <\n 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain\n (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in\n NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in\n ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G\n < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <\n 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189720\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6I22R7EMWP6WBQIXDCKB4KJMMB67TMZK/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a94ab1a5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39255\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39259\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39263\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39263\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g87\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'libntfs-3g-devel-2021.8.22-lp152.5.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libntfs-3g87-2021.8.22-lp152.5.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ntfs-3g-2021.8.22-lp152.5.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ntfsprogs-2021.8.22-lp152.5.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ntfsprogs-extra-2021.8.22-lp152.5.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libntfs-3g-devel / libntfs-3g87 / ntfs-3g / ntfsprogs / etc');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:55:59", "description": "The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2965-1 advisory.\n\n - Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation. (CVE-2017-0358)\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - In Tuxera ntfs-3g versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.\n (CVE-2021-35267)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-08T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2021:2965-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0358", "CVE-2019-9755", "CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2021-09-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libntfs-3g-devel", "p-cpe:/a:novell:suse_linux:libntfs-3g84", "p-cpe:/a:novell:suse_linux:ntfs-3g", "p-cpe:/a:novell:suse_linux:ntfsprogs", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-2965-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153124", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:2965-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153124);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2017-0358\",\n \"CVE-2019-9755\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:2965-1\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2021:2965-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:2965-1 advisory.\n\n - Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not\n scrub the environment before executing modprobe with elevated privileges. A local user can take advantage\n of this flaw for local root privilege escalation. (CVE-2017-0358)\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by\n running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap\n buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where\n /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - In Tuxera ntfs-3g versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the\n function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or\n denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by\n mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT\n record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the\n parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS\n image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image\n a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an\n NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even\n code execution. (CVE-2021-35266)\n\n - In Tuxera NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in\n the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.\n (CVE-2021-35267)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in\n ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <\n 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain\n (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in\n NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in\n ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G\n < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <\n 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189720\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-September/009419.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ba396595\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-0358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-33289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-35269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39255\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39259\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39263\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libntfs-3g-devel, libntfs-3g84, ntfs-3g and / or ntfsprogs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-0358\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libntfs-3g-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libntfs-3g84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfsprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'libntfs-3g-devel-2021.8.22-5.9.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libntfs-3g-devel-2021.8.22-5.9.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libntfs-3g84-2021.8.22-5.9.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libntfs-3g84-2021.8.22-5.9.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-sdk-release-12.5'},\n {'reference':'libntfs-3g84-2021.8.22-5.9.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-12.5'},\n {'reference':'libntfs-3g84-2021.8.22-5.9.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-12.5'},\n {'reference':'ntfs-3g-2021.8.22-5.9.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-12.5'},\n {'reference':'ntfs-3g-2021.8.22-5.9.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-12.5'},\n {'reference':'ntfsprogs-2021.8.22-5.9.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-12.5'},\n {'reference':'ntfsprogs-2021.8.22-5.9.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-12.5'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libntfs-3g-devel / libntfs-3g84 / ntfs-3g / ntfsprogs');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-24T14:52:15", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3703 advisory.\n\n - ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records (CVE-2021-33285)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes (CVE-2021-33287)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n - QEMU: net: Infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n - ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections (CVE-2021-35267)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode (CVE-2021-35268)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT (CVE-2021-35269)\n\n - libvirt: Insecure sVirt label generation (CVE-2021-3631)\n\n - libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API (CVE-2021-3667)\n\n - QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682)\n\n - ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n - ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n - ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n - ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize() (CVE-2021-39254)\n\n - ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n - ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n - ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length (CVE-2021-39259)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n - ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n - ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n - ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute (CVE-2021-39263)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-10-01T00:00:00", "type": "nessus", "title": "RHEL 8 : virt:av and virt-devel:av (RHSA-2021:3703)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-3416", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3631", "CVE-2021-3667", "CVE-2021-3682", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:SLOF", "p-cpe:/a:redhat:enterprise_linux:hivex", "p-cpe:/a:redhat:enterprise_linux:hivex-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs", "p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c", "p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport", "p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs", "p-cpe:/a:redhat:enterprise_linux:libiscsi", "p-cpe:/a:redhat:enterprise_linux:libiscsi-devel", "p-cpe:/a:redhat:enterprise_linux:libiscsi-utils", "p-cpe:/a:redhat:enterprise_linux:libnbd", "p-cpe:/a:redhat:enterprise_linux:libnbd-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:libtpms", "p-cpe:/a:redhat:enterprise_linux:libtpms-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-admin", "p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-dbus", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss", "p-cpe:/a:redhat:enterprise_linux:libvirt-wireshark", "p-cpe:/a:redhat:enterprise_linux:lua-guestfs", "p-cpe:/a:redhat:enterprise_linux:nbdfuse", "p-cpe:/a:redhat:enterprise_linux:nbdkit", "p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-devel", "p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-filter", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-nbd-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-server", "p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-filter", "p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-tmpdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter", "p-cpe:/a:redhat:enterprise_linux:netcf", "p-cpe:/a:redhat:enterprise_linux:netcf-devel", "p-cpe:/a:redhat:enterprise_linux:netcf-libs", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt", "p-cpe:/a:redhat:enterprise_linux:perl-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-libguestfs", "p-cpe:/a:redhat:enterprise_linux:python3-libnbd", "p-cpe:/a:redhat:enterprise_linux:python3-libvirt", "p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi", "p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent", "p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kiwi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-docs", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-opengl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-spice", "p-cpe:/a:redhat:enterprise_linux:ruby-hivex", "p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs", "p-cpe:/a:redhat:enterprise_linux:seabios", "p-cpe:/a:redhat:enterprise_linux:seabios-bin", "p-cpe:/a:redhat:enterprise_linux:seavgabios-bin", "p-cpe:/a:redhat:enterprise_linux:sgabios", "p-cpe:/a:redhat:enterprise_linux:sgabios-bin", "p-cpe:/a:redhat:enterprise_linux:supermin", "p-cpe:/a:redhat:enterprise_linux:supermin-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm", "p-cpe:/a:redhat:enterprise_linux:swtpm-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm-libs", "p-cpe:/a:redhat:enterprise_linux:swtpm-tools", "p-cpe:/a:redhat:enterprise_linux:virt-dib", "p-cpe:/a:redhat:enterprise_linux:virt-v2v", "p-cpe:/a:redhat:enterprise_linux:virt-v2v-bash-completion", "p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-uk"], "id": "REDHAT-RHSA-2021-3703.NASL", "href": "https://www.tenable.com/plugins/nessus/153803", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3703. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153803);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-3416\",\n \"CVE-2021-3631\",\n \"CVE-2021-3667\",\n \"CVE-2021-3682\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\"\n );\n script_xref(name:\"RHSA\", value:\"2021:3703\");\n\n script_name(english:\"RHEL 8 : virt:av and virt-devel:av (RHSA-2021:3703)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:3703 advisory.\n\n - ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of\n bytes_in_use value in MFT records (CVE-2021-33285)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes\n (CVE-2021-33287)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n - QEMU: net: Infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n - ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections\n (CVE-2021-35267)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode\n (CVE-2021-35268)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute\n from MFT (CVE-2021-35269)\n\n - libvirt: Insecure sVirt label generation (CVE-2021-3631)\n\n - libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API (CVE-2021-3667)\n\n - QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682)\n\n - ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n - ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n - ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n - ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize()\n (CVE-2021-39254)\n\n - ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n - ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n - ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length\n (CVE-2021-39259)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n - ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n - ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n - ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute\n (CVE-2021-39263)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3416\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39255\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39259\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3703\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1932827\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1977726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986094\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1989651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001609\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001621\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001652\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001659\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001667\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39263\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3682\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 667, 732, 763, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-nbd-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-tmpdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kiwi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-spice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-uk\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'virt-devel:av': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-21.module+el8.4.0+11609+2eba841a', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+11609+2eba841a', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-2.module+el8.4.0+12717+0b0da9ad', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.6.0-3.module+el8.4.0+9856+bbc47853', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.6.0-3.module+el8.4.0+9856+bbc47853', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-wireshark-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.6.0-3.module+el8.4.0+9856+bbc47853', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+11609+2eba841a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+11609+2eba841a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.6.0-3.module+el8.4.0+9856+bbc47853', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.6.0-3.module+el8.4.0+9856+bbc47853', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+11609+2eba841a', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-7.0.0-1.module+el8.4.0+9469+2eaf72bc', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+11609+2eba841a', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.6.0-3.module+el8.4.0+9856+bbc47853', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-7.0.0-1.module+el8.4.0+9469+2eaf72bc', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+11609+2eba841a', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ],\n 'virt:av': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libnbd-bash-completion-1.6.0-3.module+el8.4.0+9856+bbc47853', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.7.4-4.20201106git2452a24dab.module+el8.4.0+10596+32ba7df3', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.7.4-4.20201106git2452a24dab.module+el8.4.0+10596+32ba7df3', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-7.0.0-14.4.module+el8.4.0+12413+d23780e6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.24.0-1.module+el8.4.0+9341+96cf2672', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-1.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-pyvmomi-6.7.1-7.module+el8.4.0+8855+a9e237a9', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kiwi-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-docs-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-opengl-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-spice-5.2.0-16.module+el8.4.0+12596+209e4022.10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.14.0-1.module+el8.4.0+8855+a9e237a9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.14.0-1.module+el8.4.0+8855+a9e237a9', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.14.0-1.module+el8.4.0+8855+a9e237a9', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.4.0+8855+a9e237a9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20200717-1.gite18ddad8.module+el8.4.0+8855+a9e237a9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.2.1-1.module+el8.4.0+9751+d56db353', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module+el8.4.0+9751+d56db353', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.4.2-1.20201201git2df14e3.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.4.2-1.20201201git2df14e3.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.4.2-1.20201201git2df14e3.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.4.2-1.20201201git2df14e3.module+el8.4.0+9341+96cf2672', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.44.0-2.module+el8.4.0+10146+75917d2f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.42.0-9.module+el8.4.0+9561+069bb9c1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-bash-completion-1.42.0-9.module+el8.4.0+9561+069bb9c1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-ja-1.42.0-9.module+el8.4.0+9561+069bb9c1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-uk-1.42.0-9.module+el8.4.0+9561+069bb9c1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:av / virt:av');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-24T14:52:05", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3704 advisory.\n\n - ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records (CVE-2021-33285)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes (CVE-2021-33287)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n - ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections (CVE-2021-35267)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode (CVE-2021-35268)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT (CVE-2021-35269)\n\n - libvirt: Insecure sVirt label generation (CVE-2021-3631)\n\n - libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API (CVE-2021-3667)\n\n - QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682)\n\n - ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n - ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n - ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n - ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize() (CVE-2021-39254)\n\n - ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n - ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n - ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length (CVE-2021-39259)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n - ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n - ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n - ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute (CVE-2021-39263)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-10-01T00:00:00", "type": "nessus", "title": "RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:3704)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-3631", "CVE-2021-3667", "CVE-2021-3682", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:SLOF", "p-cpe:/a:redhat:enterprise_linux:hivex", "p-cpe:/a:redhat:enterprise_linux:hivex-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs", "p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking", "p-cpe:/a:redhat:enterprise_linux:libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c", "p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport", "p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs", "p-cpe:/a:redhat:enterprise_linux:libiscsi", "p-cpe:/a:redhat:enterprise_linux:libiscsi-devel", "p-cpe:/a:redhat:enterprise_linux:libiscsi-utils", "p-cpe:/a:redhat:enterprise_linux:libnbd", "p-cpe:/a:redhat:enterprise_linux:libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:libtpms", "p-cpe:/a:redhat:enterprise_linux:libtpms-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-admin", "p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-dbus", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss", "p-cpe:/a:redhat:enterprise_linux:lua-guestfs", "p-cpe:/a:redhat:enterprise_linux:nbdfuse", "p-cpe:/a:redhat:enterprise_linux:nbdkit", "p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-devel", "p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-server", "p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter", "p-cpe:/a:redhat:enterprise_linux:netcf", "p-cpe:/a:redhat:enterprise_linux:netcf-devel", "p-cpe:/a:redhat:enterprise_linux:netcf-libs", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt", "p-cpe:/a:redhat:enterprise_linux:perl-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-libguestfs", "p-cpe:/a:redhat:enterprise_linux:python3-libnbd", "p-cpe:/a:redhat:enterprise_linux:python3-libvirt", "p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi", "p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent", "p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests", "p-cpe:/a:redhat:enterprise_linux:ruby-hivex", "p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs", "p-cpe:/a:redhat:enterprise_linux:seabios", "p-cpe:/a:redhat:enterprise_linux:seabios-bin", "p-cpe:/a:redhat:enterprise_linux:seavgabios-bin", "p-cpe:/a:redhat:enterprise_linux:sgabios", "p-cpe:/a:redhat:enterprise_linux:sgabios-bin", "p-cpe:/a:redhat:enterprise_linux:supermin", "p-cpe:/a:redhat:enterprise_linux:supermin-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm", "p-cpe:/a:redhat:enterprise_linux:swtpm-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm-libs", "p-cpe:/a:redhat:enterprise_linux:swtpm-tools", "p-cpe:/a:redhat:enterprise_linux:virglrenderer", "p-cpe:/a:redhat:enterprise_linux:virglrenderer-devel", "p-cpe:/a:redhat:enterprise_linux:virglrenderer-test-server", "p-cpe:/a:redhat:enterprise_linux:virt-dib", "p-cpe:/a:redhat:enterprise_linux:virt-v2v"], "id": "REDHAT-RHSA-2021-3704.NASL", "href": "https://www.tenable.com/plugins/nessus/153804", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3704. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153804);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2021-3631\",\n \"CVE-2021-3667\",\n \"CVE-2021-3682\",\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\"\n );\n script_xref(name:\"RHSA\", value:\"2021:3704\");\n\n script_name(english:\"RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:3704)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:3704 advisory.\n\n - ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of\n bytes_in_use value in MFT records (CVE-2021-33285)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes\n (CVE-2021-33287)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)\n\n - ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)\n\n - ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections\n (CVE-2021-35267)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode\n (CVE-2021-35268)\n\n - ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute\n from MFT (CVE-2021-35269)\n\n - libvirt: Insecure sVirt label generation (CVE-2021-3631)\n\n - libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API (CVE-2021-3667)\n\n - QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682)\n\n - ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)\n\n - ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)\n\n - ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)\n\n - ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize()\n (CVE-2021-39254)\n\n - ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)\n\n - ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)\n\n - ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)\n\n - ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length\n (CVE-2021-39259)\n\n - ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)\n\n - ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)\n\n - ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)\n\n - ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute\n (CVE-2021-39263)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39255\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39259\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-39263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3704\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1977726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986094\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1989651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001609\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001621\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001652\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001659\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2001667\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39263\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3682\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 667, 732, 763);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virglrenderer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virglrenderer-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virglrenderer-test-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'virt-devel:8.2': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-2.module+el8.2.1+12663+d52ebc0d', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.7.0-1.20191018gitdc116933b7.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.7.0-1.20191018gitdc116933b7.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module+el8.2.0+5588+63a201c3', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.2.0+5488+267def79', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.2.0+5453+31b2b136', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'swtpm-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virglrenderer-0.8.2-1.module+el8.2.0+5777+d9c2af8c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virglrenderer-devel-0.8.2-1.module+el8.2.0+5777+d9c2af8c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virglrenderer-test-server-0.8.2-1.module+el8.2.0+5777+d9c2af8c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ],\n 'virt:8.2': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-24.module+el8.2.1+7154+47ffd890', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-24.module+el8.2.1+7154+47ffd890', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-25.6.module+el8.2.1+12457+868e9540', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-pyvmomi-6.7.1-7.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-29.module+el8.2.1+12598+39ddf37a.9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.2.1+7284+aa32a2c4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.2.1+7284+aa32a2c4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.2.1+7284+aa32a2c4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module+el8.2.0+5449+efc036dd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-24.module+el8.2.1+7154+47ffd890', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:8.2 / virt:8.2');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:59:09", "description": "According to the versions of the ntfs-3g packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the 'bytes_in_use' field should be less than the 'bytes_allocated' field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : ntfs-3g (EulerOS-SA-2021-2807)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33285", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254"], "modified": "2021-12-25T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ntfs-3g", "p-cpe:/a:huawei:euleros:ntfsprogs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2807.NASL", "href": "https://www.tenable.com/plugins/nessus/156304", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156304);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/25\");\n\n script_cve_id(\n \"CVE-2021-33285\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : ntfs-3g (EulerOS-SA-2021-2807)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ntfs-3g packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function\n ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of\n service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a\n crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the\n 'bytes_in_use' field should be less than the 'bytes_allocated' field. When it is not, the parsing of the\n records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap\n buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image\n a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code\n execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and\n MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in\n the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2807\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f80da2b7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ntfs-3g packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39254\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntfsprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ntfs-3g-2017.3.23-8.h3.eulerosv2r8\",\n \"ntfsprogs-2017.3.23-8.h3.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntfs-3g\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-15T03:15:17", "description": "The remote host is affected by the vulnerability described in GLSA-202301-01 (NTFS-3G: Multiple Vulnerabilities)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\n - An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. (CVE-2022-30783)\n\n - A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.\n (CVE-2022-30784)\n\n - A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. (CVE-2022-30785)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22. (CVE-2022-30786)\n\n - An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. (CVE-2022-30787)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22. (CVE-2022-30788)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22. (CVE-2022-30789)\n\n - A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device. (CVE-2022-40284)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-11T00:00:00", "type": "nessus", "title": "GLSA-202301-01 : NTFS-3G: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33285", "CVE-2021-33286", "CVE-2021-33287", "CVE-2021-33289", "CVE-2021-35266", "CVE-2021-35267", "CVE-2021-35268", "CVE-2021-35269", "CVE-2021-39251", "CVE-2021-39252", "CVE-2021-39253", "CVE-2021-39254", "CVE-2021-39255", "CVE-2021-39256", "CVE-2021-39257", "CVE-2021-39258", "CVE-2021-39259", "CVE-2021-39260", "CVE-2021-39261", "CVE-2021-39262", "CVE-2021-39263", "CVE-2022-30783", "CVE-2022-30784", "CVE-2022-30785", "CVE-2022-30786", "CVE-2022-30787", "CVE-2022-30788", "CVE-2022-30789", "CVE-2022-40284"], "modified": "2023-01-11T00:00:00", "cpe": ["cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "p-cpe:2.3:a:gentoo:linux:ntfs3g:*:*:*:*:*:*:*"], "id": "GENTOO_GLSA-202301-01.NASL", "href": "https://www.tenable.com/plugins/nessus/169841", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202301-01.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169841);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/11\");\n\n script_cve_id(\n \"CVE-2021-33285\",\n \"CVE-2021-33286\",\n \"CVE-2021-33287\",\n \"CVE-2021-33289\",\n \"CVE-2021-35266\",\n \"CVE-2021-35267\",\n \"CVE-2021-35268\",\n \"CVE-2021-35269\",\n \"CVE-2021-39251\",\n \"CVE-2021-39252\",\n \"CVE-2021-39253\",\n \"CVE-2021-39254\",\n \"CVE-2021-39255\",\n \"CVE-2021-39256\",\n \"CVE-2021-39257\",\n \"CVE-2021-39258\",\n \"CVE-2021-39259\",\n \"CVE-2021-39260\",\n \"CVE-2021-39261\",\n \"CVE-2021-39262\",\n \"CVE-2021-39263\",\n \"CVE-2022-30783\",\n \"CVE-2022-30784\",\n \"CVE-2022-30785\",\n \"CVE-2022-30786\",\n \"CVE-2022-30787\",\n \"CVE-2022-30788\",\n \"CVE-2022-30789\",\n \"CVE-2022-40284\"\n );\n\n script_name(english:\"GLSA-202301-01 : NTFS-3G: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202301-01 (NTFS-3G: Multiple Vulnerabilities)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function\n ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of\n service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a\n crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the\n bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the\n records proceeds into the wild. (CVE-2021-33285)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a\n heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)\n\n - In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function\n ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of\n service of the application. (CVE-2021-33287)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap\n buffer overflow can occur and allow for code execution. (CVE-2021-33289)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image\n a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code\n execution. (CVE-2021-35266)\n\n - NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and\n MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)\n\n - In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function\n ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of\n privileges. (CVE-2021-35268)\n\n - NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the\n function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation\n of privileges. (CVE-2021-35269)\n\n - A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <\n 2021.8.22. (CVE-2021-39251)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.\n (CVE-2021-39252)\n\n - A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.\n (CVE-2021-39253)\n\n - A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in\n the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)\n\n - A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in\n ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G <\n 2021.8.22. (CVE-2021-39256)\n\n - A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain\n (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)\n\n - A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in\n NTFS-3G < 2021.8.22. (CVE-2021-39258)\n\n - A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in\n ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G\n < 2021.8.22. (CVE-2021-39260)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G <\n 2021.8.22. (CVE-2021-39261)\n\n - A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.\n (CVE-2021-39262)\n\n - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in\n ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)\n\n - An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between\n NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. (CVE-2022-30783)\n\n - A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.\n (CVE-2022-30784)\n\n - A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory\n read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. (CVE-2022-30785)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through\n 2021.8.22. (CVE-2022-30786)\n\n - An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through\n 2021.8.22 when using libfuse-lite. (CVE-2022-30787)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through\n 2021.8.22. (CVE-2022-30788)\n\n - A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G\n through 2021.8.22. (CVE-2022-30789)\n\n - A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause\n code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically\n proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an\n external storage device. (CVE-2022-40284)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202301-01\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=811156\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=847598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=878885\");\n script_set_attribute(attribute:\"solution\", value:\n\"All NTFS-3G users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=sys-fs/ntfs3g-2022.10.3\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-30785\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-40284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ntfs3g\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude('qpkg.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/Gentoo/release')) audit(AUDIT_OS_NOT, 'Gentoo');\nif (!get_kb_item('Host/Gentoo/qpkg-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : 'sys-fs/ntfs3g',\n 'unaffected' : make_list(\"ge 2022.10.3\"),\n 'vulnerable' : make_list(\"lt 2022.10.3\")\n }\n];\n\nforeach var package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'NTFS-3G');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T04:40:21", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0397 advisory.\n\n - QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)\n\n - nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "RHEL 8 : virt:av and virt-devel:av (RHSA-2022:0397)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20196", "CVE-2021-3716"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:SLOF", "p-cpe:/a:redhat:enterprise_linux:hivex", "p-cpe:/a:redhat:enterprise_linux:hivex-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs", "p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c", "p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport", "p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs", "p-cpe:/a:redhat:enterprise_linux:libiscsi", "p-cpe:/a:redhat:enterprise_linux:libiscsi-devel", "p-cpe:/a:redhat:enterprise_linux:libiscsi-utils", "p-cpe:/a:redhat:enterprise_linux:libnbd", "p-cpe:/a:redhat:enterprise_linux:libnbd-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:libtpms", "p-cpe:/a:redhat:enterprise_linux:libtpms-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-dbus", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss", "p-cpe:/a:redhat:enterprise_linux:libvirt-wireshark", "p-cpe:/a:redhat:enterprise_linux:lua-guestfs", "p-cpe:/a:redhat:enterprise_linux:nbdfuse", "p-cpe:/a:redhat:enterprise_linux:nbdkit", "p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-devel", "p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-filter", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-nbd-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-server", "p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-filter", "p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-tmpdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter", "p-cpe:/a:redhat:enterprise_linux:netcf", "p-cpe:/a:redhat:enterprise_linux:netcf-devel", "p-cpe:/a:redhat:enterprise_linux:netcf-libs", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt", "p-cpe:/a:redhat:enterprise_linux:perl-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-libguestfs", "p-cpe:/a:redhat:enterprise_linux:python3-libnbd", "p-cpe:/a:redhat:enterprise_linux:python3-libvirt", "p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi", "p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent", "p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kiwi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-docs", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-hw-usbredir", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-opengl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-spice", "p-cpe:/a:redhat:enterprise_linux:ruby-hivex", "p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs", "p-cpe:/a:redhat:enterprise_linux:seabios", "p-cpe:/a:redhat:enterprise_linux:seabios-bin", "p-cpe:/a:redhat:enterprise_linux:seavgabios-bin", "p-cpe:/a:redhat:enterprise_linux:sgabios", "p-cpe:/a:redhat:enterprise_linux:sgabios-bin", "p-cpe:/a:redhat:enterprise_linux:supermin", "p-cpe:/a:redhat:enterprise_linux:supermin-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm", "p-cpe:/a:redhat:enterprise_linux:swtpm-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm-libs", "p-cpe:/a:redhat:enterprise_linux:swtpm-tools", "p-cpe:/a:redhat:enterprise_linux:swtpm-tools-pkcs11", "p-cpe:/a:redhat:enterprise_linux:virt-dib", "p-cpe:/a:redhat:enterprise_linux:virt-v2v", "p-cpe:/a:redhat:enterprise_linux:virt-v2v-bash-completion", "p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-uk"], "id": "REDHAT-RHSA-2022-0397.NASL", "href": "https://www.tenable.com/plugins/nessus/157331", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0397. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157331);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2021-3716\", \"CVE-2021-20196\");\n script_xref(name:\"RHSA\", value:\"2022:0397\");\n\n script_name(english:\"RHEL 8 : virt:av and virt-devel:av (RHSA-2022:0397)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0397 advisory.\n\n - QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)\n\n - nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3716\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0397\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1919210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1994695\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3716\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-20196\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(476, 924);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-nbd-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-tmpdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kiwi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-hw-usbredir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-spice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-tools-pkcs11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-uk\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'virt-devel:av': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-22.module+el8.5.0+12087+2208d04c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-22.module+el8.5.0+12087+2208d04c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-2.module+el8.5.0+12739+164806c8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.6.0-4.module+el8.5.0+11638+3d8f9850', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.6.0-4.module+el8.5.0+11638+3d8f9850', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-wireshark-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.6.0-4.module+el8.5.0+11638+3d8f9850', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-22.module+el8.5.0+12087+2208d04c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-22.module+el8.5.0+12087+2208d04c', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.6.0-4.module+el8.5.0+11638+3d8f9850', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.6.0-4.module+el8.5.0+11638+3d8f9850', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-22.module+el8.5.0+12087+2208d04c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-7.4.0-1.module+el8.5.0+11289+b29e262f', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-22.module+el8.5.0+12087+2208d04c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.6.0-4.module+el8.5.0+11638+3d8f9850', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-7.6.0-1.module+el8.5.0+12098+85b3670b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-22.module+el8.5.0+12087+2208d04c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.4.0+8855+a9e237a9', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ],\n 'virt:av': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libnbd-bash-completion-1.6.0-4.module+el8.5.0+11638+3d8f9850', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.7.4-6.20201106git2452a24dab.module+el8.5.0+12487+f2fa92b4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.7.4-6.20201106git2452a24dab.module+el8.5.0+12487+f2fa92b4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-7.6.0-6.module+el8.5.0+13051+7ddbe958', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-filter-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-nbd-plugin-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-filter-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tar-plugin-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-tmpdisk-plugin-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.24.0-3.module+el8.5.0+13900+a08c0464', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.24.0-3.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-pyvmomi-6.7.1-7.module+el8.4.0+8855+a9e237a9', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kiwi-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-docs-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-hw-usbredir-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-opengl-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-ui-spice-6.0.0-33.module+el8.5.0+13740+349232b6.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.14.0-1.module+el8.4.0+8855+a9e237a9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.14.0-1.module+el8.4.0+8855+a9e237a9', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.14.0-1.module+el8.4.0+8855+a9e237a9', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.4.0+8855+a9e237a9', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20210217-1.module+el8.5.0+10946+35bb3930', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.2.1-1.module+el8.4.0+9751+d56db353', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.2.1-1.module+el8.4.0+9751+d56db353', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-0.6.0-2.20210607gitea627b3.module+el8.5.0+12696+4ce1c6bc', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.6.0-2.20210607gitea627b3.module+el8.5.0+12696+4ce1c6bc', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.6.0-2.20210607gitea627b3.module+el8.5.0+12696+4ce1c6bc', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.6.0-2.20210607gitea627b3.module+el8.5.0+12696+4ce1c6bc', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-pkcs11-0.6.0-2.20210607gitea627b3.module+el8.5.0+12696+4ce1c6bc', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.44.0-3.module+el8.5.0+10681+17a9b157', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.42.0-16.module+el8.5.0+13900+a08c0464', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-bash-completion-1.42.0-16.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-ja-1.42.0-16.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-man-pages-uk-1.42.0-16.module+el8.5.0+13900+a08c0464', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:av / virt:av');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-01-13T02:52:31", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2970 advisory.\n\n - A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-20196)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0. (CVE-2021-3593)\n\n - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process. (CVE-2021-3748)\n\n - An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.\n (CVE-2021-3930)\n\n - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results.\n Affected QEMU versions <= 6.2.0. (CVE-2022-26354)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-04-05T00:00:00", "type": "nessus", "title": "Debian DLA-2970-1 : qemu - LTS security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20196", "CVE-2021-3593", "CVE-2021-3748", "CVE-2021-3930", "CVE-2022-26354"], "modified": "2023-01-09T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-kvm:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-system:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-user:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-user-static:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-utils:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-guest-agent:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-system-arm:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-system-common:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-system-mips:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-system-misc:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-system-ppc:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-system-sparc:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-system-x86:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-user-binfmt:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:qemu-block-extra:*:*:*:*:*:*:*"], "id": "DEBIAN_DLA-2970.NASL", "href": "https://www.tenable.com/plugins/nessus/159511", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2970. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159511);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/09\");\n\n script_cve_id(\n \"CVE-2021-3593\",\n \"CVE-2021-3748\",\n \"CVE-2021-3930\",\n \"CVE-2021-20196\",\n \"CVE-2022-26354\"\n );\n\n script_name(english:\"Debian DLA-2970-1 : qemu - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2970 advisory.\n\n - A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while\n processing read/write ioport commands if the selected floppy drive is not initialized with a block device.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of\n service. The highest threat from this vulnerability is to system availability. (CVE-2021-20196)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw\n exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the\n size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory\n disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw\n affects libslirp versions prior to 4.6.0. (CVE-2021-3593)\n\n - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the\n descriptor's address belongs to the non direct access region, due to num_buffers being set after the\n virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a\n denial of service condition, or potentially execute code on the host with the privileges of the QEMU\n process. (CVE-2021-3748)\n\n - An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE\n SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious\n guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.\n (CVE-2021-3930)\n\n - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached\n from the virtqueue before freeing its memory, leading to memory leakage and other unexpected