Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2018-1997.NASL
HistoryJun 27, 2018 - 12:00 a.m.

RHEL 7 : libvirt (RHSA-2018:1997) (Spectre)

2018-06-2700:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
124
JSON

An update for libvirt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.
In addition, libvirt provides tools for remote management of virtualized systems.

Security Fix(es) :

  • An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor’s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639)

Note: This is the libvirt side of the CVE-2018-3639 mitigation that includes support for guests running on hosts with AMD processors.

Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting this issue.

Bug Fix(es) :

  • Previously, the virtlogd service logged redundant AVC denial errors when a guest virtual machine was started. With this update, the virtlogd service no longer attempts to send shutdown inhibition calls to systemd, which prevents the described errors from occurring.
    (BZ#1573268)

  • Prior to this update, guest virtual machine actions that use a python library in some cases failed and ‘Hash operation not allowed during iteration’ error messages were logged. Several redundant thread access checks have been removed, and the problem no longer occurs.
    (BZ#1581364)

  • The ‘virsh capabilities’ command previously displayed an inaccurate number of 4 KiB memory pages on systems with very large amounts of memory. This update optimizes the memory diagnostic mechanism to ensure memory page numbers are displayed correctly on such systems.
    (BZ#1582418)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2018:1997. The text 
# itself is copyright (C) Red Hat, Inc.
#

include("compat.inc");

if (description)
{
  script_id(110711);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/04/15");

  script_cve_id("CVE-2018-3639");
  script_xref(name:"RHSA", value:"2018:1997");

  script_name(english:"RHEL 7 : libvirt (RHSA-2018:1997) (Spectre)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description",
    value:
"An update for libvirt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

The libvirt library contains a C API for managing and interacting with
the virtualization capabilities of Linux and other operating systems.
In addition, libvirt provides tools for remote management of
virtualized systems.

Security Fix(es) :

* An industry-wide issue was found in the way many modern
microprocessor designs have implemented speculative execution of Load
& Store instructions (a commonly used performance optimization). It
relies on the presence of a precisely-defined instruction sequence in
the privileged code as well as the fact that memory read from address
to which a recent memory write has occurred may see an older value and
subsequently cause an update into the microprocessor's data cache even
for speculatively executed instructions that never actually commit
(retire). As a result, an unprivileged attacker could use this flaw to
read privileged memory by conducting targeted cache side-channel
attacks. (CVE-2018-3639)

Note: This is the libvirt side of the CVE-2018-3639 mitigation that
includes support for guests running on hosts with AMD processors.

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.

Bug Fix(es) :

* Previously, the virtlogd service logged redundant AVC denial errors
when a guest virtual machine was started. With this update, the
virtlogd service no longer attempts to send shutdown inhibition calls
to systemd, which prevents the described errors from occurring.
(BZ#1573268)

* Prior to this update, guest virtual machine actions that use a
python library in some cases failed and 'Hash operation not allowed
during iteration' error messages were logged. Several redundant thread
access checks have been removed, and the problem no longer occurs.
(BZ#1581364)

* The 'virsh capabilities' command previously displayed an inaccurate
number of 4 KiB memory pages on systems with very large amounts of
memory. This update optimizes the memory diagnostic mechanism to
ensure memory page numbers are displayed correctly on such systems.
(BZ#1582418)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2018:1997"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2018-3639"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-admin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-login-shell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-nss");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/05/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/06/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/06/27");
  script_set_attribute(attribute:"in_the_news", value:"true");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2018:1997";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-admin-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-admin-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"libvirt-client-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-config-network-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-config-network-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-interface-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-interface-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-network-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-network-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-secret-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-secret-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-storage-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-kvm-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-kvm-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-daemon-lxc-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-daemon-lxc-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"libvirt-debuginfo-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"libvirt-devel-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-docs-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-docs-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"libvirt-libs-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-lock-sanlock-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-lock-sanlock-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libvirt-login-shell-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libvirt-login-shell-3.9.0-14.el7_5.6")) flag++;

  if (rpm_check(release:"RHEL7", reference:"libvirt-nss-3.9.0-14.el7_5.6")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt / libvirt-admin / libvirt-client / libvirt-daemon / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxlibvirtp-cpe:/a:redhat:enterprise_linux:libvirt
redhatenterprise_linuxlibvirt-adminp-cpe:/a:redhat:enterprise_linux:libvirt-admin
redhatenterprise_linuxlibvirt-clientp-cpe:/a:redhat:enterprise_linux:libvirt-client
redhatenterprise_linuxlibvirt-daemonp-cpe:/a:redhat:enterprise_linux:libvirt-daemon
redhatenterprise_linuxlibvirt-daemon-config-networkp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network
redhatenterprise_linuxlibvirt-daemon-config-nwfilterp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter
redhatenterprise_linuxlibvirt-daemon-driver-interfacep-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface
redhatenterprise_linuxlibvirt-daemon-driver-lxcp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-lxc
redhatenterprise_linuxlibvirt-daemon-driver-networkp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network
redhatenterprise_linuxlibvirt-daemon-driver-nodedevp-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev
Rows per page:
1-10 of 351

Related

nessus 88
suse 4
ibm 6
almalinux 1
openvas 20
fedora 4
oraclelinux 8
threatpost 1
redhat 42
slackware 1
alpinelinux 1
centos 6
ubuntucve 1
ubuntu 2
virtuozzo 2
citrix 1
f5 1
mageia 1
debiancve 1
debian 1
osv 1
zdt 1
photon 1
amazon 3
kaspersky 1
nessus
nessus
RHEL 6 : qemu-kvm (RHSA-2018:3397) (Spectre)
2018-10-31 00:00:00
RHEL 6 : libvirt (RHSA-2018:1664) (Spectre)
2018-05-23 00:00:00
RHEL 6 : qemu-kvm (RHSA-2018:3425) (Spectre)
2018-10-31 00:00:00
suse
suse
Security update for qemu (important)
2018-05-23 15:07:21
Security update for qemu (important)
2018-06-09 15:11:25
Security update for libvirt (moderate)
2018-08-13 12:07:25
ibm
ibm
Security Bulletin: a CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis known as Variant 4 or SpectreNG vulnerability affects IBM
2018-12-19 20:55:02
Security Bulletin: IBM Resilient recommends the underlying operating system on Resilient servers be upgraded in response to the vulnerabilities known as SpectreNG (CVE-2018-3639)
2021-04-19 21:33:34
Security Bulletin: Speculative Store Bypass (SSB) vulnerability also known as SpectreNG or Variant 4 affects IBM Spectrum Protect Plus (CVE-2018-3639)
2019-06-27 18:55:02
almalinux
almalinux
java-1.8.0-openjdk bug fix and enhancement update
2021-01-21 10:00:00
openvas
openvas
Ubuntu Update for qemu USN-3679-1
2018-06-13 00:00:00
openSUSE: Security Advisory for qemu (openSUSE-SU-2018:1380-1)
2018-05-24 00:00:00
CentOS Update for java CESA-2018:1649 centos7
2018-05-23 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: libvirt-4.1.0-3.fc28
2018-06-21 15:02:29
[SECURITY] Fedora 29 Update: java-1.8.0-openjdk-1.8.0.201.b09-2.fc29
2019-02-11 01:57:50
[SECURITY] Fedora 28 Update: java-1.8.0-openjdk-1.8.0.201.b09-2.fc28
2019-02-25 01:34:09
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2018-05-22 00:00:00
qemu-kvm security update
2018-05-22 00:00:00
libvirt security update
2018-05-22 00:00:00
threatpost
threatpost
Intel’s ‘Virtual Fences’ Spectre Fix Won’t Protect Against Variant 4
2018-05-24 15:18:03
redhat
redhat
(RHSA-2018:3407) Important: libvirt security update
2018-10-30 14:56:41
(RHSA-2018:2228) Important: qemu-kvm-rhev security update
2018-07-19 13:42:12
(RHSA-2018:1637) Important: kernel security update
2018-05-29 16:01:56
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2018-07-27 21:57:40
alpinelinux
alpinelinux
CVE-2018-3639
2018-05-22 12:29:00
centos
centos
libvirt security update
2018-07-03 18:53:48
qemu security update
2018-07-03 18:54:02
java security update
2018-05-22 15:30:51
ubuntucve
ubuntucve
CVE-2018-3639
2018-05-21 00:00:00
ubuntu
ubuntu
Linux kernel vulnerability
2018-05-22 00:00:00
QEMU update
2018-05-21 00:00:00
virtuozzo
virtuozzo
Important kernel security update: CVE-2018-3639; new kernel 2.6.32-042stab130.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2018-05-23 00:00:00
Important kernel security update: CVE-2018-3639; new kernel 2.6.32-042stab130.1; Virtuozzo 6.0 Update 12 Hotfix 25 (6.0.12-3705)
2018-05-23 00:00:00
citrix
citrix
CVE-2018-3639 - Citrix XenServer Security Update
2018-05-22 04:00:00
f5
f5
K29146534 : SSB Variant 4 vulnerability CVE-2018-3639
2018-07-10 00:00:00
mageia
mageia
Updated libvirt packages fix security vulnerability
2018-05-31 23:34:08
debiancve
debiancve
CVE-2018-3639
2018-05-22 12:29:00
debian
debian
[SECURITY] [DSA 4210-1] xen security update
2018-05-25 05:00:47
osv
osv
xen - security update
2018-05-25 00:00:00
zdt
zdt
AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass Exploit
2018-05-23 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0151
2018-06-22 00:00:00
amazon
amazon
Important: java-1.8.0-openjdk
2018-06-08 18:10:00
Important: java-1.7.0-openjdk
2018-06-08 18:32:00
Important: java-1.7.0-openjdk
2018-06-08 18:05:00
kaspersky
kaspersky
KLA11893 Microsoft Advisory for Microsoft Products (ESU)
2018-05-21 00:00:00
JSON
Related for REDHAT-RHSA-2018-1997.NASL
nessus88suse4ibm6almalinux1openvas20fedora4oraclelinux8threatpost1redhat42slackware1alpinelinux1centos6ubuntucve1ubuntu2virtuozzo2citrix1f51mageia1debiancve1debian1osv1zdt1photon1amazon3kaspersky1