Lucene search
Copyright (C) 2020 Greenbone AGOPENVAS:1361412562311220191957HistoryJan 23, 2020 - 12:00 a.m.
Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1957)
2020-01-2300:00:00
Copyright (C) 2020 Greenbone AG
plugins.openvas.org
9
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
13.4%
The remote host is missing an update for the Huawei EulerOS
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.2.2019.1957");
script_cve_id("CVE-2019-10161", "CVE-2019-10167", "CVE-2019-10168");
script_tag(name:"creation_date", value:"2020-01-23 12:28:30 +0000 (Thu, 23 Jan 2020)");
script_version("2024-02-05T14:36:56+0000");
script_tag(name:"last_modification", value:"2024-02-05 14:36:56 +0000 (Mon, 05 Feb 2024)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2019-08-12 12:50:55 +0000 (Mon, 12 Aug 2019)");
script_name("Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1957)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone AG");
script_family("Huawei EulerOS Local Security Checks");
script_dependencies("gb_huawei_euleros_consolidation.nasl");
script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROSVIRTARM64\-3\.0\.2\.0");
script_xref(name:"Advisory-ID", value:"EulerOS-SA-2019-1957");
script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2019-1957");
script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'libvirt' package(s) announced via the EulerOS-SA-2019-1957 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"It was discovered that libvirtd would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. (CVE-2019-10161)
The virConnectGetDomainCapabilities() libvirt API accepts an 'emulatorbin' argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. (CVE-2019-10167)
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs accept an 'emulator' argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. (CVE-2019-10168)");
script_tag(name:"affected", value:"'libvirt' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "EULEROSVIRTARM64-3.0.2.0") {
if(!isnull(res = isrpmvuln(pkg:"libvirt", rpm:"libvirt~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-admin", rpm:"libvirt-admin~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-client", rpm:"libvirt-client~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon", rpm:"libvirt-daemon~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-config-network", rpm:"libvirt-daemon-config-network~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-config-nwfilter", rpm:"libvirt-daemon-config-nwfilter~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-interface", rpm:"libvirt-daemon-driver-interface~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-network", rpm:"libvirt-daemon-driver-network~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-nodedev", rpm:"libvirt-daemon-driver-nodedev~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-nwfilter", rpm:"libvirt-daemon-driver-nwfilter~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-qemu", rpm:"libvirt-daemon-driver-qemu~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-secret", rpm:"libvirt-daemon-driver-secret~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-storage", rpm:"libvirt-daemon-driver-storage~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-core", rpm:"libvirt-daemon-driver-storage-core~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-disk", rpm:"libvirt-daemon-driver-storage-disk~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-iscsi", rpm:"libvirt-daemon-driver-storage-iscsi~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-logical", rpm:"libvirt-daemon-driver-storage-logical~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-mpath", rpm:"libvirt-daemon-driver-storage-mpath~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-driver-storage-scsi", rpm:"libvirt-daemon-driver-storage-scsi~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-daemon-kvm", rpm:"libvirt-daemon-kvm~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-devel", rpm:"libvirt-devel~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-docs", rpm:"libvirt-docs~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvirt-libs", rpm:"libvirt-libs~3.2.0~269", rls:"EULEROSVIRTARM64-3.0.2.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
nessus
nessus
EulerOS Virtualization for ARM 64 3.0.2.0 : libvirt (EulerOS-SA-2019-1957)
2019-09-17 00:00:00
Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20190620)
2019-06-21 00:00:00
Oracle Linux 8 : virt:rhel (ELSA-2019-1580)
2023-09-07 00:00:00
oraclelinux
oraclelinux
libvirt security and bug fix update
2019-06-21 00:00:00
libvirt security update
2019-07-10 00:00:00
virt:rhel security update
2019-07-30 00:00:00
openvas
openvas
openSUSE: Security Advisory for libvirt (openSUSE-SU-2019:1753-1)
2020-01-09 00:00:00
Ubuntu: Security Advisory (USN-4047-1)
2019-07-09 00:00:00
CentOS Update for libvirt CESA-2019:1579 centos7
2019-06-21 00:00:00
ubuntu
ubuntu
libvirt vulnerabilities
2019-07-08 00:00:00
libvirt update vulnerability
2020-01-13 00:00:00
gentoo
gentoo
libvirt: Multiple vulnerabilities
2020-03-15 00:00:00
redhat
redhat
(RHSA-2019:1580) Important: virt:rhel security update
2019-06-20 12:44:28
(RHSA-2019:1762) Important: virt:8.0.0 security update
2019-07-11 15:06:35
(RHSA-2019:1579) Important: libvirt security and bug fix update
2019-06-20 12:44:11
suse
suse
Security update for libvirt (important)
2019-07-20 00:00:00
Security update for libvirt (important)
2019-06-30 00:00:00
centos
centos
libvirt security update
2019-06-20 20:39:11
libvirt security update
2019-06-20 20:33:49
osv
osv
libvirt - security update
2019-06-24 00:00:00
libvirt - security update
2019-06-22 00:00:00
CVE-2019-10168
2019-08-02 13:15:12
debian
debian
[SECURITY] [DLA 1832-1] libvirt security update
2019-06-24 19:27:04
[SECURITY] [DSA 4469-1] libvirt security update
2019-06-22 16:55:45
[SECURITY] [DSA 4469-1] libvirt security update
2019-06-22 16:56:03
mageia
mageia
Updated libvirt packages fix security vulnerabilities
2019-12-15 21:03:05
amazon
amazon
Important: libvirt
2019-08-23 03:34:00
debiancve
debiancve
alpinelinux
alpinelinux
ubuntucve
ubuntucve
redhatcve
redhatcve
veracode
veracode
Arbitrary Command Execution
2019-07-09 02:58:30
Arbitrary Code Execution
2019-06-24 00:21:50
Arbitrary File Read And Execute
2019-06-24 00:21:27
cve
cve
ibm
ibm
photon
photon
Important Photon OS Security Update - PHSA-2021-0261
2021-06-28 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0214
2020-03-03 00:00:00
Important Photon OS Security Update - PHSA-2020-0214
2020-02-12 00:00:00
prion
prion
Design/Logic Flaw
2019-08-02 13:15:00
Path traversal
2019-07-30 23:15:00
Code injection
2019-08-02 13:15:00
fedora
fedora
[SECURITY] Fedora 30 Update: libvirt-5.1.0-9.fc30
2019-07-09 00:56:34
[SECURITY] Fedora 29 Update: libvirt-4.7.0-5.fc29
2019-07-09 02:25:07
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
13.4%
Related for OPENVAS:1361412562311220191957