Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2014-0914.NASL
HistoryJul 30, 2014 - 12:00 a.m.

RHEL 7 : libvirt (RHSA-2014:0914)

2014-07-3000:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 7.

The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.

It was found that libvirt passes the XML_PARSE_NOENT flag when parsing XML documents using the libxml2 library, in which case all XML entities in the parsed documents are expanded. A user able to force libvirtd to parse an XML document with an entity pointing to a file could use this flaw to read the contents of that file; parsing an XML document with an entity pointing to a special file that blocks on read access could cause libvirtd to hang indefinitely, resulting in a denial of service on the system. (CVE-2014-0179)

Red Hat would like to thank the upstream Libvirt project for reporting this issue. Upstream acknowledges Daniel P. Berrange and Richard Jones as the original reporters.

This update also fixes the following bugs :

  • A previous update of the libvirt package introduced an error; a SIG_SETMASK argument was incorrectly replaced by a SIG_BLOCK argument after the poll() system call. Consequently, the SIGCHLD signal could be permanently blocked, which caused signal masks to not return to their original values and defunct processes to be generated. With this update, the original signal masks are restored and defunct processes are no longer generated. (BZ#1112689)

  • An attempt to start a domain that did not exist caused network filters to be locked for read-only access. As a consequence, when trying to gain read-write access, a deadlock occurred. This update applies a patch to fix this bug and an attempt to start a non-existent domain no longer causes a deadlock in the described scenario.
    (BZ#1112690)

  • Previously, the libvirtd daemon was binding only to addresses that were configured on certain network interfaces. When libvirtd started before the IPv4 addresses had been configured, libvirtd listened only on the IPv6 addresses. The daemon has been modified to not require an address to be configured when binding to a wildcard address, such as ‘0.0.0.0’ or ‘::’. As a result, libvirtd binds to both IPv4 and IPv6 addresses as expected. (BZ#1112692)

Users of libvirt are advised to upgrade to these updated packages, which fix these bugs. After installing the updated packages, libvirtd will be restarted automatically.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2014:0914. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(76904);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2014-0179", "CVE-2014-5177");
  script_xref(name:"RHSA", value:"2014:0914");

  script_name(english:"RHEL 7 : libvirt (RHSA-2014:0914)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated libvirt packages that fix one security issue and three bugs
are now available for Red Hat Enterprise Linux 7.

The Red Hat Security Response Team has rated this update as having
Moderate security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.

The libvirt library is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
systems.

It was found that libvirt passes the XML_PARSE_NOENT flag when parsing
XML documents using the libxml2 library, in which case all XML
entities in the parsed documents are expanded. A user able to force
libvirtd to parse an XML document with an entity pointing to a file
could use this flaw to read the contents of that file; parsing an XML
document with an entity pointing to a special file that blocks on read
access could cause libvirtd to hang indefinitely, resulting in a
denial of service on the system. (CVE-2014-0179)

Red Hat would like to thank the upstream Libvirt project for reporting
this issue. Upstream acknowledges Daniel P. Berrange and Richard Jones
as the original reporters.

This update also fixes the following bugs :

* A previous update of the libvirt package introduced an error; a
SIG_SETMASK argument was incorrectly replaced by a SIG_BLOCK argument
after the poll() system call. Consequently, the SIGCHLD signal could
be permanently blocked, which caused signal masks to not return to
their original values and defunct processes to be generated. With this
update, the original signal masks are restored and defunct processes
are no longer generated. (BZ#1112689)

* An attempt to start a domain that did not exist caused network
filters to be locked for read-only access. As a consequence, when
trying to gain read-write access, a deadlock occurred. This update
applies a patch to fix this bug and an attempt to start a non-existent
domain no longer causes a deadlock in the described scenario.
(BZ#1112690)

* Previously, the libvirtd daemon was binding only to addresses that
were configured on certain network interfaces. When libvirtd started
before the IPv4 addresses had been configured, libvirtd listened only
on the IPv6 addresses. The daemon has been modified to not require an
address to be configured when binding to a wildcard address, such as
'0.0.0.0' or '::'. As a result, libvirtd binds to both IPv4 and IPv6
addresses as expected. (BZ#1112692)

Users of libvirt are advised to upgrade to these updated packages,
which fix these bugs. After installing the updated packages, libvirtd
will be restarted automatically."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2014:0914"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2014-0179"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2014-5177"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-login-shell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-python");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/08/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/07/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/07/30");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2014:0914";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", reference:"libvirt-client-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-config-network-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-config-network-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-interface-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-interface-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-lxc-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-lxc-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-network-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-network-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-qemu-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-secret-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-secret-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-storage-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-kvm-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-lxc-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-lxc-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", reference:"libvirt-debuginfo-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", reference:"libvirt-devel-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-docs-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-docs-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-lock-sanlock-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-login-shell-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-login-shell-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-python-1.1.1-29.el7_0.1")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-python-1.1.1-29.el7_0.1")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt / libvirt-client / libvirt-daemon / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxlibvirtp-cpe:/a:redhat:enterprise_linux:libvirt
redhatenterprise_linuxlibvirt-clientp-cpe:/a:redhat:enterprise_linux:libvirt-client
redhatenterprise_linuxlibvirt-daemonp-cpe:/a:redhat:enterprise_linux:libvirt-daemon
redhatenterprise_linuxlibvirt-daemon-config-networkp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network
redhatenterprise_linuxlibvirt-daemon-config-nwfilterp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter
redhatenterprise_linuxlibvirt-daemon-driver-interfacep-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface
redhatenterprise_linuxlibvirt-daemon-driver-lxcp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-lxc
redhatenterprise_linuxlibvirt-daemon-driver-networkp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network
redhatenterprise_linuxlibvirt-daemon-driver-nodedevp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev
redhatenterprise_linuxlibvirt-daemon-driver-nwfilterp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter
Rows per page:
1-10 of 271

Related

prion 2
centos 2
nessus 16
redhat 3
cve 2
ubuntucve 2
debiancve 2
securityvulns 4
ubuntu 1
openvas 14
oraclelinux 2
veracode 1
debian 2
mageia 1
osv 16
f5 2
fedora 3
gentoo 1
prion
prion
Xxe
2014-08-03 18:55:00
Xxe
2014-08-03 18:55:00
centos
centos
libvirt security update
2014-07-23 02:24:10
libvirt security update
2014-05-28 12:52:42
nessus
nessus
RHEL 6 : libvirt (RHSA-2014:0560)
2014-05-28 00:00:00
CentOS 7 : libvirt (CESA-2014:0914)
2014-07-23 00:00:00
Oracle Linux 7 : libvirt (ELSA-2014-0914)
2014-07-24 00:00:00
redhat
redhat
(RHSA-2014:0914) Moderate: libvirt security and bug fix update
2014-07-22 00:00:00
(RHSA-2014:0560) Moderate: libvirt security and bug fix update
2014-05-27 00:00:00
(RHSA-2014:0629) Important: rhev-hypervisor6 security update
2014-06-05 00:00:00
cve
cve
CVE-2014-5177
2014-08-03 18:55:00
CVE-2014-0179
2014-08-03 18:55:00
ubuntucve
ubuntucve
CVE-2014-0179
2014-08-03 00:00:00
CVE-2014-5177
2014-08-03 00:00:00
debiancve
debiancve
CVE-2014-5177
2014-08-03 18:55:00
CVE-2014-0179
2014-08-03 18:55:00
securityvulns
securityvulns
[USN-2366-1] libvirt vulnerabilities
2014-10-05 00:00:00
[ MDVSA-2014:097 ] libvirt
2014-06-02 00:00:00
libvirt XXE vulnerability
2014-06-02 00:00:00
ubuntu
ubuntu
libvirt vulnerabilities
2014-09-30 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2366-1)
2014-10-01 00:00:00
Oracle: Security Advisory (ELSA-2014-0914)
2015-10-06 00:00:00
RedHat Update for libvirt RHSA-2014:0560-01
2014-06-02 00:00:00
oraclelinux
oraclelinux
libvirt security and bug fix update
2014-05-27 00:00:00
libvirt security and bug fix update
2014-07-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:51:56
debian
debian
[SECURITY] [DSA 3038-1] libvirt security update
2014-09-27 15:52:33
[SECURITY] [DSA 3038-1] libvirt security update
2014-09-27 15:52:33
mageia
mageia
Updated libvirt packages fix multiple vulnerabilities
2014-05-29 11:01:13
osv
osv
libvirt - security update
2014-09-27 00:00:00
CVE-2021-3667
2022-03-02 23:15:08
CVE-2021-3559
2021-05-24 12:15:07
f5
f5
K16117 : Multiple libvirt vulnerabilities
2015-02-12 00:00:00
SOL16117 - Multiple libvirt vulnerabilities
2015-02-12 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: libvirt-1.1.3.5-2.fc20
2014-05-24 23:24:18
[SECURITY] Fedora 20 Update: libvirt-1.1.3.8-1.fc20
2014-11-22 12:37:22
[SECURITY] Fedora 20 Update: libvirt-1.1.3.9-1.fc20
2015-02-17 08:10:35
gentoo
gentoo
libvirt: Multiple vulnerabilities
2014-12-08 00:00:00
JSON
Related for REDHAT-RHSA-2014-0914.NASL
prion2centos2nessus16redhat3cve2ubuntucve2debiancve2securityvulns4ubuntu1openvas14oraclelinux2veracode1debian2mageia1osv16f52fedora3gentoo1