5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
7.3 High
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
60.5%
Check the version of libvirt
# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.882917");
script_version("2023-07-10T08:07:43+0000");
script_tag(name:"last_modification", value:"2023-07-10 08:07:43 +0000 (Mon, 10 Jul 2023)");
script_tag(name:"creation_date", value:"2018-07-04 05:56:25 +0200 (Wed, 04 Jul 2018)");
script_cve_id("CVE-2018-3639");
script_tag(name:"cvss_base", value:"2.1");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2021-04-14 14:51:00 +0000 (Wed, 14 Apr 2021)");
script_tag(name:"qod_type", value:"package");
script_name("CentOS Update for libvirt CESA-2018:1997 centos7");
script_tag(name:"summary", value:"Check the version of libvirt");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The libvirt library contains a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
systems.
Security Fix(es):
* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639)
Note: This is the libvirt side of the CVE-2018-3639 mitigation that
includes support for guests running on hosts with AMD processors.
Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting this issue.
Bug Fix(es):
* Previously, the virtlogd service logged redundant AVC denial errors when
a guest virtual machine was started. With this update, the virtlogd service
no longer attempts to send shutdown inhibition calls to systemd, which
prevents the described errors from occurring. (BZ#1573268)
* Prior to this update, guest virtual machine actions that use a python
library in some cases failed and 'Hash operation not allowed during
iteration' error messages were logged. Several redundant thread access
checks have been removed, and the problem no longer occurs. (BZ#1581364)
* The 'virsh capabilities' command previously displayed an inaccurate
number of 4 KiB memory pages on systems with very large amounts of memory.
This update optimizes the memory diagnostic mechanism to ensure memory page
numbers are displayed correctly on such systems. (BZ#1582418)");
script_tag(name:"affected", value:"libvirt on CentOS 7");
script_tag(name:"solution", value:"Please install the updated packages.");
script_xref(name:"CESA", value:"2018:1997");
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2018-July/022946.html");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone AG");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS7");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS7")
{
if ((res = isrpmvuln(pkg:"libvirt", rpm:"libvirt~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-admin", rpm:"libvirt-admin~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-client", rpm:"libvirt-client~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon", rpm:"libvirt-daemon~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-config-network", rpm:"libvirt-daemon-config-network~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-config-nwfilter", rpm:"libvirt-daemon-config-nwfilter~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-interface", rpm:"libvirt-daemon-driver-interface~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-lxc", rpm:"libvirt-daemon-driver-lxc~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-network", rpm:"libvirt-daemon-driver-network~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-nodedev", rpm:"libvirt-daemon-driver-nodedev~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-nwfilter", rpm:"libvirt-daemon-driver-nwfilter~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-qemu", rpm:"libvirt-daemon-driver-qemu~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-secret", rpm:"libvirt-daemon-driver-secret~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-storage", rpm:"libvirt-daemon-driver-storage~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-core", rpm:"libvirt-daemon-driver-storage-core~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-disk", rpm:"libvirt-daemon-driver-storage-disk~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-gluster", rpm:"libvirt-daemon-driver-storage-gluster~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-iscsi", rpm:"libvirt-daemon-driver-storage-iscsi~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-logical", rpm:"libvirt-daemon-driver-storage-logical~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-mpath", rpm:"libvirt-daemon-driver-storage-mpath~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-rbd", rpm:"libvirt-daemon-driver-storage-rbd~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-scsi", rpm:"libvirt-daemon-driver-storage-scsi~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-kvm", rpm:"libvirt-daemon-kvm~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-daemon-lxc", rpm:"libvirt-daemon-lxc~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-devel", rpm:"libvirt-devel~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-docs", rpm:"libvirt-docs~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-libs", rpm:"libvirt-libs~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-lock-sanlock", rpm:"libvirt-lock-sanlock~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-login-shell", rpm:"libvirt-login-shell~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libvirt-nss", rpm:"libvirt-nss~3.9.0~14.el7_5.6", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
7.3 High
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
60.5%