Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20201001_LIBVIRT_ON_SL7_X.NASL
HistoryOct 21, 2020 - 12:00 a.m.

Scientific Linux Security Update : libvirt on SL7.x x86_64 (20201001)

2020-10-2100:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8

6.1 Medium

AI Score

Confidence

High

JSON

Security Fix(es) :

  • libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent (CVE-2019-20485)

  • libvirt: Potential denial of service via active pool without target path (CVE-2020-10703)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('compat.inc');

if (description)
{
  script_id(141679);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/14");

  script_cve_id("CVE-2019-20485", "CVE-2020-10703");

  script_name(english:"Scientific Linux Security Update : libvirt on SL7.x x86_64 (20201001)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Scientific Linux host is missing one or more security
updates.");
  script_set_attribute(attribute:"description", value:
"Security Fix(es) :

  - libvirt: Potential DoS by holding a monitor job while
    querying QEMU guest-agent (CVE-2019-20485)

  - libvirt: Potential denial of service via active pool
    without target path (CVE-2020-10703)");
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2010&L=SCIENTIFIC-LINUX-ERRATA&P=4997
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?05f1e659");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-10703");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/10/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/10/21");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-admin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-bash-completion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-config-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-config-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-interface");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-nodedev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-secret");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-disk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-gluster");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-iscsi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-logical");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-mpath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-rbd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-storage-scsi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-daemon-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-lock-sanlock");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-login-shell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libvirt-nss");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Scientific Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);


flag = 0;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-admin-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-bash-completion-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-client-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-config-network-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-config-nwfilter-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-interface-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-lxc-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-network-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-nodedev-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-nwfilter-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-qemu-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-secret-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-core-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-disk-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-gluster-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-logical-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-mpath-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-rbd-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-scsi-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-kvm-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-daemon-lxc-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-debuginfo-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-devel-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-docs-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-libs-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-lock-sanlock-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-login-shell-4.5.0-36.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"libvirt-nss-4.5.0-36.el7")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt / libvirt-admin / libvirt-bash-completion / libvirt-client / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxlibvirtp-cpe:/a:fermilab:scientific_linux:libvirt
fermilabscientific_linuxlibvirt-adminp-cpe:/a:fermilab:scientific_linux:libvirt-admin
fermilabscientific_linuxlibvirt-bash-completionp-cpe:/a:fermilab:scientific_linux:libvirt-bash-completion
fermilabscientific_linuxlibvirt-clientp-cpe:/a:fermilab:scientific_linux:libvirt-client
fermilabscientific_linuxlibvirt-daemonp-cpe:/a:fermilab:scientific_linux:libvirt-daemon
fermilabscientific_linuxlibvirt-daemon-config-networkp-cpe:/a:fermilab:scientific_linux:libvirt-daemon-config-network
fermilabscientific_linuxlibvirt-daemon-config-nwfilterp-cpe:/a:fermilab:scientific_linux:libvirt-daemon-config-nwfilter
fermilabscientific_linuxlibvirt-daemon-driver-interfacep-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-interface
fermilabscientific_linuxlibvirt-daemon-driver-lxcp-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-lxc
fermilabscientific_linuxlibvirt-daemon-driver-networkp-cpe:/a:fermilab:scientific_linux:libvirt-daemon-driver-network
Rows per page:
1-10 of 331

Related

oraclelinux 4
nessus 26
amazon 1
centos 1
redhat 2
fedora 1
openvas 5
prion 2
cve 2
ubuntucve 2
redhatcve 2
alpinelinux 2
veracode 2
mageia 2
debiancve 2
osv 5
almalinux 1
rocky 1
ubuntu 1
photon 8
debian 1
oraclelinux
oraclelinux
libvirt security and bug fix update
2020-10-06 00:00:00
libvirt security update
2020-05-07 00:00:00
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
2020-11-10 00:00:00
nessus
nessus
Amazon Linux 2 : libvirt (ALAS-2020-1557)
2020-11-11 00:00:00
RHEL 7 : libvirt (RHSA-2020:4000)
2020-09-29 00:00:00
CentOS 7 : libvirt (CESA-2020:4000)
2020-10-20 00:00:00
amazon
amazon
Medium: libvirt
2020-11-09 17:10:00
centos
centos
libvirt security update
2020-10-20 18:26:40
redhat
redhat
(RHSA-2020:4000) Moderate: libvirt security and bug fix update
2020-09-29 07:50:17
(RHSA-2020:4676) Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2020-11-03 12:26:07
fedora
fedora
[SECURITY] Fedora 31 Update: libvirt-5.6.0-7.fc31
2020-06-16 01:19:11
openvas
openvas
Fedora: Security Advisory for libvirt (FEDORA-2020-5cd83efda7)
2020-06-23 00:00:00
Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2020-1789)
2020-07-03 00:00:00
Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2020-1572)
2020-04-30 00:00:00
prion
prion
Design/Logic Flaw
2020-03-19 02:15:00
Null pointer dereference
2020-06-02 13:15:00
cve
cve
CVE-2020-10703
2020-06-02 13:15:00
CVE-2019-20485
2020-03-19 02:15:00
ubuntucve
ubuntucve
CVE-2020-10703
2020-04-13 00:00:00
CVE-2019-20485
2020-03-19 00:00:00
redhatcve
redhatcve
CVE-2019-20485
2020-03-03 19:41:22
CVE-2020-10703
2020-04-03 18:01:25
alpinelinux
alpinelinux
CVE-2019-20485
2020-03-19 02:15:00
CVE-2020-10703
2020-06-02 13:15:00
veracode
veracode
Denial Of Service (DoS)
2020-10-01 03:50:22
Denial Of Service (DoS)
2020-08-18 08:22:08
mageia
mageia
Updated libvirt packages fix security vulnerability
2020-07-06 23:42:41
Updated libvirt packages fix security vulnerability
2020-06-11 01:26:12
debiancve
debiancve
CVE-2019-20485
2020-03-19 02:15:00
CVE-2020-10703
2020-06-02 13:15:00
osv
osv
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2020-11-03 12:26:07
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2020-11-03 12:26:07
libvirt - security update
2024-04-01 00:00:00
almalinux
almalinux
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2020-11-03 12:26:07
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2020-11-03 12:26:07
ubuntu
ubuntu
libvirt vulnerabilities
2020-05-21 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2020-0104
2020-06-23 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0104
2020-06-23 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0228
2020-04-10 00:00:00
debian
debian
[SECURITY] [DLA 3778-1] libvirt security update
2024-04-01 12:19:02

6.1 Medium

AI Score

Confidence

High

JSON
Related for SL_20201001_LIBVIRT_ON_SL7_X.NASL
oraclelinux4nessus26amazon1centos1redhat2fedora1openvas5prion2cve2ubuntucve2redhatcve2alpinelinux2veracode2mageia2debiancve2osv5almalinux1rocky1ubuntu1photon8debian1