{"id": "OPENSUSE-SU-2019:1294-1", "bulletinFamily": "unix", "title": "Security update for libvirt (moderate)", "description": "This update for libvirt fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-3840: Fixed a null pointer dereference vulnerability in\n virJSONValueObjectHasKey function which could have resulted in a remote\n denial of service via the guest agent (bsc#1127458).\n - CVE-2019-3886: Fixed an information leak which allowed to retrieve the\n guest hostname under readonly mode (bsc#1131595).\n\n Other issue addressed:\n\n - cpu: add Skylake-Server and Skylake-Server-IBRS CPU models (FATE#327261,\n bsc#1131955)\n - libxl: save current memory value after successful balloon (bsc#1120813).\n - libxl: support Xen's max_grant_frames setting with maxGrantFrames\n attribute on the xenbus controller (bsc#1126325).\n - conf: add new 'xenbus' controller type\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n", "published": "2019-04-29T15:12:00", "modified": "2019-04-29T15:12:00", "cvss": {"score": 4.8, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html", "reporter": "Suse", "references": ["https://bugzilla.suse.com/1126325", "https://bugzilla.suse.com/1131955", "https://bugzilla.suse.com/1120813", "https://bugzilla.suse.com/1131595", "https://bugzilla.suse.com/1127458"], "cvelist": ["CVE-2019-3840", "CVE-2019-3886"], "type": "suse", "lastseen": "2019-04-29T16:20:32", "edition": 1, "viewCount": 15, "enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2019-04-29T16:20:32", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-3886", "CVE-2019-3840"]}, {"type": "nessus", "idList": ["SUSE_SU-2019-0948-1.NASL", "SUSE_SU-2019-1042-1.NASL", "OPENSUSE-2019-1288.NASL", "EULEROS_SA-2019-1634.NASL", "REDHAT-RHSA-2019-2294.NASL", "SUSE_SU-2019-1285-1.NASL", "EULEROS_SA-2019-1610.NASL", "EULEROS_SA-2019-1367.NASL", "SUSE_SU-2019-0553-1.NASL", "OPENSUSE-2019-1294.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220191653", "OPENVAS:1361412562311220191634", "OPENVAS:1361412562310844057", "OPENVAS:1361412562310852463", "OPENVAS:1361412562311220191684", "OPENVAS:1361412562310876316", "OPENVAS:1361412562310843933", "OPENVAS:1361412562311220191610", "OPENVAS:1361412562311220191367", "OPENVAS:1361412562310852459"]}, {"type": "amazon", "idList": ["ALAS2-2019-1361"]}, {"type": "redhat", "idList": ["RHSA-2019:2294"]}, {"type": "ubuntu", "idList": ["USN-3909-1", "USN-4021-1"]}, {"type": "fedora", "idList": ["FEDORA:B550461845B3", "FEDORA:761BC607A42A", "FEDORA:69C3B608C005", "FEDORA:DD32C6076D0E"]}, {"type": "centos", "idList": ["CESA-2019:2294"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1288-1"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2294"]}], "modified": "2019-04-29T16:20:32", "rev": 2}, "vulnersScore": 5.7}, "affectedPackage": [{"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-client-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-client-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-lock-sanlock-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-lock-sanlock", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-secret-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-secret-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-xen-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-xen", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-client-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-client", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-mpath-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-mpath", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-core-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-core", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-secret-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-secret", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-interface-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-interface", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-disk-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-disk", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-uml-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-uml", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-lock-sanlock-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-lock-sanlock-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-logical-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-logical", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-devel-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-devel", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-uml-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-uml", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-client-debuginfo-32bit-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-client-debuginfo-32bit", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-debugsource-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-debugsource", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-iscsi-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-iscsi", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-scsi-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-scsi", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-doc-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-doc", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-config-network-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-config-network", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-doc-3.3.0-24.1.i586.rpm", "packageName": "libvirt-doc", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-nodedev-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-nodedev-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-debugsource-3.3.0-24.1.i586.rpm", "packageName": "libvirt-debugsource", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-rbd-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-nwfilter-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-nwfilter", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-secret-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-secret", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-uml-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-uml", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-nss-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-nss-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-mpath-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-nodedev-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-nodedev", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-interface-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-interface", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-iscsi-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-core-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-core-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-lxc-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-lxc", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-iscsi-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-lock-sanlock-3.3.0-24.1.i586.rpm", "packageName": "libvirt-lock-sanlock", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-libxl-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-libxl", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-uml-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-uml-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-hooks-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-hooks", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-nss-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-nss-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-iscsi-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-iscsi", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-nss-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-nss", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-logical-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-logical", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-config-nwfilter-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-config-nwfilter", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-nodedev-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-nodedev-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-mpath-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-rbd-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-rbd", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-qemu-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-qemu-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-config-nwfilter-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-config-nwfilter", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-qemu-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-qemu", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-uml-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-uml", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-mpath-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-mpath", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-network-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-network-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-admin-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-admin-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-libs-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-libs-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-network-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-network-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-scsi-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-client-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-client-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-vbox-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-vbox-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-3.3.0-24.1.i586.rpm", "packageName": "libvirt", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-logical-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-client-3.3.0-24.1.i586.rpm", "packageName": "libvirt-client", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-disk-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-nwfilter-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-vbox-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-vbox-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-lxc-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-lxc-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-vbox-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-vbox", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-lock-sanlock-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-lock-sanlock-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-network-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-network", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-scsi-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-scsi", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-config-network-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-config-network", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-nwfilter-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-nwfilter", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-vbox-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-vbox", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-interface-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-interface-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-libs-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-libs", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-lxc-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-lxc", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-logical-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-qemu-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-qemu-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-network-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-network", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-qemu-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-qemu", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-disk-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-nwfilter-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-devel-32bit-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-devel-32bit", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-libxl-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-libxl-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-nss-3.3.0-24.1.i586.rpm", "packageName": "libvirt-nss", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-hooks-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-hooks", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-admin-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-admin-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-lxc-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-lxc-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-lxc-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-lxc", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-devel-3.3.0-24.1.i586.rpm", "packageName": "libvirt-devel", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-secret-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-secret-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-qemu-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-qemu", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-vbox-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-vbox", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-vbox-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-vbox", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-qemu-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-qemu", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-libs-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-libs-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-libs-3.3.0-24.1.i586.rpm", "packageName": "libvirt-libs", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-interface-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-interface-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-disk-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-disk", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-admin-3.3.0-24.1.i586.rpm", "packageName": "libvirt-admin", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-core-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-core", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-storage-scsi-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-storage-core-debuginfo-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-storage-core-debuginfo", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-daemon-driver-lxc-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-daemon-driver-lxc", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-nodedev-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-nodedev", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "libvirt-admin-3.3.0-24.1.x86_64.rpm", "packageName": "libvirt-admin", "packageVersion": "3.3.0-24.1"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "i586", "operator": "lt", "packageFilename": "libvirt-daemon-driver-uml-debuginfo-3.3.0-24.1.i586.rpm", "packageName": "libvirt-daemon-driver-uml-debuginfo", "packageVersion": "3.3.0-24.1"}]}

{"cve": [{"lastseen": "2021-02-02T07:13:01", "description": "An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.", "edition": 13, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 2.5}, "published": "2019-04-04T16:29:00", "title": "CVE-2019-3886", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.8, "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3886"], "modified": "2020-11-16T20:31:00", "cpe": ["cpe:/o:opensuse:leap:42.3"], "id": "CVE-2019-3886", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3886", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:13:00", "description": "A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.", "edition": 7, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2019-03-27T13:29:00", "title": "CVE-2019-3840", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3840"], "modified": "2019-05-05T05:29:00", "cpe": ["cpe:/o:opensuse:leap:15.0", "cpe:/o:opensuse:leap:42.3"], "id": "CVE-2019-3840", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3840", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-01-31T16:53:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840", "CVE-2019-3886"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-04-30T00:00:00", "id": "OPENVAS:1361412562310852463", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852463", "type": "openvas", "title": "openSUSE: Security Advisory for libvirt (openSUSE-SU-2019:1294-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852463\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-3840\", \"CVE-2019-3886\");\n script_tag(name:\"cvss_base\", value:\"4.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-30 02:00:49 +0000 (Tue, 30 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for libvirt (openSUSE-SU-2019:1294-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1294-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the openSUSE-SU-2019:1294-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libvirt fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-3840: Fixed a null pointer dereference vulnerability in\n virJSONValueObjectHasKey function which could have resulted in a remote\n denial of service via the guest agent (bsc#1127458).\n\n - CVE-2019-3886: Fixed an information leak which allowed to retrieve the\n guest hostname under readonly mode (bsc#1131595).\n\n Other issue addressed:\n\n - cpu: add Skylake-Server and Skylake-Server-IBRS CPU models (FATE#327261,\n bsc#1131955)\n\n - libxl: save current memory value after successful balloon (bsc#1120813).\n\n - libxl: support Xen's max_grant_frames setting with maxGrantFrames\n attribute on the xenbus controller (bsc#1126325).\n\n - conf: add new 'xenbus' controller type\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1294=1\");\n\n script_tag(name:\"affected\", value:\"'libvirt' package(s) on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-admin\", rpm:\"libvirt-admin~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-admin-debuginfo\", rpm:\"libvirt-admin-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client\", rpm:\"libvirt-client~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client-debuginfo\", rpm:\"libvirt-client-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon\", rpm:\"libvirt-daemon~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-network\", rpm:\"libvirt-daemon-config-network~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-nwfilter\", rpm:\"libvirt-daemon-config-nwfilter~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-debuginfo\", rpm:\"libvirt-daemon-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface\", rpm:\"libvirt-daemon-driver-interface~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface-debuginfo\", rpm:\"libvirt-daemon-driver-interface-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-lxc\", rpm:\"libvirt-daemon-driver-lxc~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-lxc-debuginfo\", rpm:\"libvirt-daemon-driver-lxc-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-network\", rpm:\"libvirt-daemon-driver-network~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-network-debuginfo\", rpm:\"libvirt-daemon-driver-network-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev\", rpm:\"libvirt-daemon-driver-nodedev~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev-debuginfo\", rpm:\"libvirt-daemon-driver-nodedev-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter\", rpm:\"libvirt-daemon-driver-nwfilter~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter-debuginfo\", rpm:\"libvirt-daemon-driver-nwfilter-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu\", rpm:\"libvirt-daemon-driver-qemu~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu-debuginfo\", rpm:\"libvirt-daemon-driver-qemu-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret\", rpm:\"libvirt-daemon-driver-secret~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret-debuginfo\", rpm:\"libvirt-daemon-driver-secret-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage\", rpm:\"libvirt-daemon-driver-storage~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-core\", rpm:\"libvirt-daemon-driver-storage-core~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-core-debuginfo\", rpm:\"libvirt-daemon-driver-storage-core-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-disk\", rpm:\"libvirt-daemon-driver-storage-disk~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-disk-debuginfo\", rpm:\"libvirt-daemon-driver-storage-disk-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi\", rpm:\"libvirt-daemon-driver-storage-iscsi~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi-debuginfo\", rpm:\"libvirt-daemon-driver-storage-iscsi-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-logical\", rpm:\"libvirt-daemon-driver-storage-logical~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-logical-debuginfo\", rpm:\"libvirt-daemon-driver-storage-logical-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-mpath\", rpm:\"libvirt-daemon-driver-storage-mpath~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-mpath-debuginfo\", rpm:\"libvirt-daemon-driver-storage-mpath-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-scsi\", rpm:\"libvirt-daemon-driver-storage-scsi~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-scsi-debuginfo\", rpm:\"libvirt-daemon-driver-storage-scsi-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-uml\", rpm:\"libvirt-daemon-driver-uml~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-uml-debuginfo\", rpm:\"libvirt-daemon-driver-uml-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-vbox\", rpm:\"libvirt-daemon-driver-vbox~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-vbox-debuginfo\", rpm:\"libvirt-daemon-driver-vbox-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-hooks\", rpm:\"libvirt-daemon-hooks~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-lxc\", rpm:\"libvirt-daemon-lxc~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-qemu\", rpm:\"libvirt-daemon-qemu~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-uml\", rpm:\"libvirt-daemon-uml~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-vbox\", rpm:\"libvirt-daemon-vbox~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-debugsource\", rpm:\"libvirt-debugsource~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-libs\", rpm:\"libvirt-libs~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-libs-debuginfo\", rpm:\"libvirt-libs-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-lock-sanlock\", rpm:\"libvirt-lock-sanlock~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-lock-sanlock-debuginfo\", rpm:\"libvirt-lock-sanlock-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-nss\", rpm:\"libvirt-nss~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-nss-debuginfo\", rpm:\"libvirt-nss-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client-debuginfo-32bit\", rpm:\"libvirt-client-debuginfo-32bit~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-libxl\", rpm:\"libvirt-daemon-driver-libxl~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-libxl-debuginfo\", rpm:\"libvirt-daemon-driver-libxl-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-rbd\", rpm:\"libvirt-daemon-driver-storage-rbd~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-rbd-debuginfo\", rpm:\"libvirt-daemon-driver-storage-rbd-debuginfo~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-xen\", rpm:\"libvirt-daemon-xen~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-devel-32bit\", rpm:\"libvirt-devel-32bit~3.3.0~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-01-27T18:39:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3886"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191634", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191634", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1634)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1634\");\n script_version(\"2020-01-23T12:17:54+0000\");\n script_cve_id(\"CVE-2019-3886\");\n script_tag(name:\"cvss_base\", value:\"4.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:17:54 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:17:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1634)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1634\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1634\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libvirt' package(s) announced via the EulerOS-SA-2019-1634 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.(CVE-2019-3886)\");\n\n script_tag(name:\"affected\", value:\"'libvirt' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-admin\", rpm:\"libvirt-admin~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client\", rpm:\"libvirt-client~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon\", rpm:\"libvirt-daemon~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-network\", rpm:\"libvirt-daemon-config-network~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-nwfilter\", rpm:\"libvirt-daemon-config-nwfilter~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface\", rpm:\"libvirt-daemon-driver-interface~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-network\", rpm:\"libvirt-daemon-driver-network~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev\", rpm:\"libvirt-daemon-driver-nodedev~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter\", rpm:\"libvirt-daemon-driver-nwfilter~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu\", rpm:\"libvirt-daemon-driver-qemu~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret\", rpm:\"libvirt-daemon-driver-secret~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage\", rpm:\"libvirt-daemon-driver-storage~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-core\", rpm:\"libvirt-daemon-driver-storage-core~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-disk\", rpm:\"libvirt-daemon-driver-storage-disk~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi\", rpm:\"libvirt-daemon-driver-storage-iscsi~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-logical\", rpm:\"libvirt-daemon-driver-storage-logical~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-mpath\", rpm:\"libvirt-daemon-driver-storage-mpath~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-scsi\", rpm:\"libvirt-daemon-driver-storage-scsi~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-kvm\", rpm:\"libvirt-daemon-kvm~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-docs\", rpm:\"libvirt-docs~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-libs\", rpm:\"libvirt-libs~3.2.0~247\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-01-27T18:36:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3886"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191610", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191610", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1610)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1610\");\n script_version(\"2020-01-23T12:16:55+0000\");\n script_cve_id(\"CVE-2019-3886\");\n script_tag(name:\"cvss_base\", value:\"4.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:16:55 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:16:55 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1610)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1610\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1610\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libvirt' package(s) announced via the EulerOS-SA-2019-1610 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.(CVE-2019-3886)\");\n\n script_tag(name:\"affected\", value:\"'libvirt' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-admin\", rpm:\"libvirt-admin~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client\", rpm:\"libvirt-client~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon\", rpm:\"libvirt-daemon~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-network\", rpm:\"libvirt-daemon-config-network~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-nwfilter\", rpm:\"libvirt-daemon-config-nwfilter~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface\", rpm:\"libvirt-daemon-driver-interface~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-network\", rpm:\"libvirt-daemon-driver-network~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev\", rpm:\"libvirt-daemon-driver-nodedev~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter\", rpm:\"libvirt-daemon-driver-nwfilter~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu\", rpm:\"libvirt-daemon-driver-qemu~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret\", rpm:\"libvirt-daemon-driver-secret~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage\", rpm:\"libvirt-daemon-driver-storage~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-core\", rpm:\"libvirt-daemon-driver-storage-core~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-disk\", rpm:\"libvirt-daemon-driver-storage-disk~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-gluster\", rpm:\"libvirt-daemon-driver-storage-gluster~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi\", rpm:\"libvirt-daemon-driver-storage-iscsi~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-logical\", rpm:\"libvirt-daemon-driver-storage-logical~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-mpath\", rpm:\"libvirt-daemon-driver-storage-mpath~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-rbd\", rpm:\"libvirt-daemon-driver-storage-rbd~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-scsi\", rpm:\"libvirt-daemon-driver-storage-scsi~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-kvm\", rpm:\"libvirt-daemon-kvm~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-docs\", rpm:\"libvirt-docs~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-libs\", rpm:\"libvirt-libs~3.2.0~238\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-01-27T18:36:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191367", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191367", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1367)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1367\");\n script_version(\"2020-01-23T11:40:35+0000\");\n script_cve_id(\"CVE-2019-3840\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:40:35 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:40:35 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1367)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1367\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1367\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libvirt' package(s) announced via the EulerOS-SA-2019-1367 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A NULL pointer dereference flaw was discovered in libvirt in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.(CVE-2019-3840)\");\n\n script_tag(name:\"affected\", value:\"'libvirt' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-admin\", rpm:\"libvirt-admin~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client\", rpm:\"libvirt-client~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon\", rpm:\"libvirt-daemon~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-network\", rpm:\"libvirt-daemon-config-network~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-nwfilter\", rpm:\"libvirt-daemon-config-nwfilter~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface\", rpm:\"libvirt-daemon-driver-interface~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-network\", rpm:\"libvirt-daemon-driver-network~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev\", rpm:\"libvirt-daemon-driver-nodedev~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter\", rpm:\"libvirt-daemon-driver-nwfilter~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu\", rpm:\"libvirt-daemon-driver-qemu~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret\", rpm:\"libvirt-daemon-driver-secret~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage\", rpm:\"libvirt-daemon-driver-storage~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-core\", rpm:\"libvirt-daemon-driver-storage-core~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-disk\", rpm:\"libvirt-daemon-driver-storage-disk~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-gluster\", rpm:\"libvirt-daemon-driver-storage-gluster~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi\", rpm:\"libvirt-daemon-driver-storage-iscsi~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-logical\", rpm:\"libvirt-daemon-driver-storage-logical~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-mpath\", rpm:\"libvirt-daemon-driver-storage-mpath~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-rbd\", rpm:\"libvirt-daemon-driver-storage-rbd~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-scsi\", rpm:\"libvirt-daemon-driver-storage-scsi~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-kvm\", rpm:\"libvirt-daemon-kvm~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-docs\", rpm:\"libvirt-docs~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-libs\", rpm:\"libvirt-libs~3.2.0~214\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "description": "The remote host is missing an update for the ", "modified": "2019-04-01T00:00:00", "published": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310843933", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843933", "type": "openvas", "title": "Ubuntu Update for libvirt USN-3909-1", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843933\");\n script_version(\"2019-04-01T07:47:16+0000\");\n script_cve_id(\"CVE-2019-3840\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-04-01 07:47:16 +0000 (Mon, 01 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-15 04:09:20 +0100 (Fri, 15 Mar 2019)\");\n script_name(\"Ubuntu Update for libvirt USN-3909-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(18\\.04 LTS|18\\.10|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3909-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-March/004802.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the USN-3909-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that libvirt incorrectly handled waiting for certain\nagent events. An attacker inside a guest could possibly use this issue to\ncause libvirtd to stop responding, resulting in a denial of service.\");\n\n script_tag(name:\"affected\", value:\"libvirt on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libvirt-clients\", ver:\"4.0.0-1ubuntu8.8\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt-daemon\", ver:\"4.0.0-1ubuntu8.8\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"4.0.0-1ubuntu8.8\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libvirt-clients\", ver:\"4.6.0-2ubuntu3.4\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt-daemon\", ver:\"4.6.0-2ubuntu3.4\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"4.6.0-2ubuntu3.4\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libvirt-bin\", ver:\"1.3.1-1ubuntu10.25\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"1.3.1-1ubuntu10.25\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:37:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191653", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191653", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1653)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1653\");\n script_version(\"2020-01-23T12:19:06+0000\");\n script_cve_id(\"CVE-2019-3840\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:19:06 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:19:06 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1653)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1653\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1653\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libvirt' package(s) announced via the EulerOS-SA-2019-1653 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A NULL pointer dereference flaw was discovered in libvirt in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.(CVE-2019-3840)\");\n\n script_tag(name:\"affected\", value:\"'libvirt' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-bash-completion\", rpm:\"libvirt-bash-completion~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client\", rpm:\"libvirt-client~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon\", rpm:\"libvirt-daemon~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-network\", rpm:\"libvirt-daemon-config-network~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-nwfilter\", rpm:\"libvirt-daemon-config-nwfilter~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface\", rpm:\"libvirt-daemon-driver-interface~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-network\", rpm:\"libvirt-daemon-driver-network~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev\", rpm:\"libvirt-daemon-driver-nodedev~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter\", rpm:\"libvirt-daemon-driver-nwfilter~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu\", rpm:\"libvirt-daemon-driver-qemu~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret\", rpm:\"libvirt-daemon-driver-secret~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage\", rpm:\"libvirt-daemon-driver-storage~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-core\", rpm:\"libvirt-daemon-driver-storage-core~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-disk\", rpm:\"libvirt-daemon-driver-storage-disk~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi\", rpm:\"libvirt-daemon-driver-storage-iscsi~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi-direct\", rpm:\"libvirt-daemon-driver-storage-iscsi-direct~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-logical\", rpm:\"libvirt-daemon-driver-storage-logical~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-mpath\", rpm:\"libvirt-daemon-driver-storage-mpath~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-scsi\", rpm:\"libvirt-daemon-driver-storage-scsi~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-kvm\", rpm:\"libvirt-daemon-kvm~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-libs\", rpm:\"libvirt-libs~4.7.0~1.h1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310876316", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876316", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2019-b3bfc61567", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876316\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-3840\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:44:11 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for libvirt FEDORA-2019-b3bfc61567\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-b3bfc61567\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZRP2BRMI4RYFRPNFTTIAAUOGVN2ORP7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the FEDORA-2019-b3bfc61567 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Libvirt is a C toolkit to interact with the virtualization capabilities\nof recent versions of Linux (and other OSes). The main package includes\nthe libvirtd server exporting the virtualization support.\");\n\n script_tag(name:\"affected\", value:\"'libvirt' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~4.7.0~2.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:39:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191684", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191684", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1684)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1684\");\n script_version(\"2020-01-23T12:19:57+0000\");\n script_cve_id(\"CVE-2019-3840\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:19:57 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:19:57 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1684)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1684\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1684\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libvirt' package(s) announced via the EulerOS-SA-2019-1684 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A NULL pointer dereference flaw was discovered in libvirt in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.(CVE-2019-3840)\");\n\n script_tag(name:\"affected\", value:\"'libvirt' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client\", rpm:\"libvirt-client~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon\", rpm:\"libvirt-daemon~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-network\", rpm:\"libvirt-daemon-config-network~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-nwfilter\", rpm:\"libvirt-daemon-config-nwfilter~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface\", rpm:\"libvirt-daemon-driver-interface~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-lxc\", rpm:\"libvirt-daemon-driver-lxc~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-network\", rpm:\"libvirt-daemon-driver-network~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev\", rpm:\"libvirt-daemon-driver-nodedev~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter\", rpm:\"libvirt-daemon-driver-nwfilter~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu\", rpm:\"libvirt-daemon-driver-qemu~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret\", rpm:\"libvirt-daemon-driver-secret~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage\", rpm:\"libvirt-daemon-driver-storage~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-core\", rpm:\"libvirt-daemon-driver-storage-core~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-disk\", rpm:\"libvirt-daemon-driver-storage-disk~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-gluster\", rpm:\"libvirt-daemon-driver-storage-gluster~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi\", rpm:\"libvirt-daemon-driver-storage-iscsi~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-logical\", rpm:\"libvirt-daemon-driver-storage-logical~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-mpath\", rpm:\"libvirt-daemon-driver-storage-mpath~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-rbd\", rpm:\"libvirt-daemon-driver-storage-rbd~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-scsi\", rpm:\"libvirt-daemon-driver-storage-scsi~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-kvm\", rpm:\"libvirt-daemon-kvm~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-libs\", rpm:\"libvirt-libs~3.9.0~14.7.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:47:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-04-29T00:00:00", "id": "OPENVAS:1361412562310852459", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852459", "type": "openvas", "title": "openSUSE: Security Advisory for libvirt (openSUSE-SU-2019:1288-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852459\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-3840\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-29 02:00:43 +0000 (Mon, 29 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for libvirt (openSUSE-SU-2019:1288-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1288-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00101.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the openSUSE-SU-2019:1288-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libvirt provides the following fixes:\n\n Security issue fixed:\n\n - CVE-2019-3840: Fixed a null pointer dereference vulnerability in\n virJSONValueObjectHasKey function which could have resulted in a remote\n denial of service via the guest agent (bsc#1127458).\n\n Other issues addressed:\n\n - apparmor: reintroduce upstream lxc mount rules (bsc#1130129).\n\n - hook: encode incoming XML to UTF-8 before passing to lxml etree from\n string method (bsc#1123642).\n\n - supportconfig: collect rotated logs in /var/log/libvirt/* (bsc#1124667).\n\n - libxl: support Xen's max_grant_frames setting with maxGrantFrames\n attribute on the xenbus controller (bsc#1126325).\n\n - conf: added new 'xenbus' controller type\n\n - util: skip RDMA detection for non-PCI network devices (bsc#1112182).\n\n - qemu: don't use CAP_DAC_OVERRIDE capability if non-root (bsc#1125665).\n\n - qemu: fix issues related to restricted permissions on\n /dev/sev(bsc#1102604).\n\n - apparmor: add support for named profiles (bsc#1118952).\n\n - libxl: save current memory value after successful balloon (bsc#1120813).\n\n - apparmor: Fix ptrace rules. (bsc#1117058)\n\n - libxl: Add support for soft reset. (bsc#1081516)\n\n - libxl: Fix VM migration on busy hosts. (bsc#1108086)\n\n - qemu: Add support for SEV guests. (fate#325817)\n\n - util: Don't check for parallel iteration in hash-related functions.\n (bsc#1106420)\n\n - spec: Don't restart libvirt-guests when updating libvirt-client.\n (bsc#1104662)\n\n - Fix virNodeGetSEVInfo API crashing libvirtd on AMD SEV enabled hosts.\n (bsc#1108395)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1288=1\");\n\n script_tag(name:\"affected\", value:\"'libvirt' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-admin\", rpm:\"libvirt-admin~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-admin-debuginfo\", rpm:\"libvirt-admin-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client\", rpm:\"libvirt-client~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client-debuginfo\", rpm:\"libvirt-client-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon\", rpm:\"libvirt-daemon~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-network\", rpm:\"libvirt-daemon-config-network~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-config-nwfilter\", rpm:\"libvirt-daemon-config-nwfilter~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-debuginfo\", rpm:\"libvirt-daemon-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface\", rpm:\"libvirt-daemon-driver-interface~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-interface-debuginfo\", rpm:\"libvirt-daemon-driver-interface-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-lxc\", rpm:\"libvirt-daemon-driver-lxc~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-lxc-debuginfo\", rpm:\"libvirt-daemon-driver-lxc-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-network\", rpm:\"libvirt-daemon-driver-network~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-network-debuginfo\", rpm:\"libvirt-daemon-driver-network-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev\", rpm:\"libvirt-daemon-driver-nodedev~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nodedev-debuginfo\", rpm:\"libvirt-daemon-driver-nodedev-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter\", rpm:\"libvirt-daemon-driver-nwfilter~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-nwfilter-debuginfo\", rpm:\"libvirt-daemon-driver-nwfilter-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu\", rpm:\"libvirt-daemon-driver-qemu~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-qemu-debuginfo\", rpm:\"libvirt-daemon-driver-qemu-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret\", rpm:\"libvirt-daemon-driver-secret~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-secret-debuginfo\", rpm:\"libvirt-daemon-driver-secret-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage\", rpm:\"libvirt-daemon-driver-storage~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-core\", rpm:\"libvirt-daemon-driver-storage-core~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-core-debuginfo\", rpm:\"libvirt-daemon-driver-storage-core-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-disk\", rpm:\"libvirt-daemon-driver-storage-disk~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-disk-debuginfo\", rpm:\"libvirt-daemon-driver-storage-disk-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi\", rpm:\"libvirt-daemon-driver-storage-iscsi~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-iscsi-debuginfo\", rpm:\"libvirt-daemon-driver-storage-iscsi-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-logical\", rpm:\"libvirt-daemon-driver-storage-logical~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-logical-debuginfo\", rpm:\"libvirt-daemon-driver-storage-logical-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-mpath\", rpm:\"libvirt-daemon-driver-storage-mpath~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-mpath-debuginfo\", rpm:\"libvirt-daemon-driver-storage-mpath-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-scsi\", rpm:\"libvirt-daemon-driver-storage-scsi~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-scsi-debuginfo\", rpm:\"libvirt-daemon-driver-storage-scsi-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-uml\", rpm:\"libvirt-daemon-driver-uml~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-uml-debuginfo\", rpm:\"libvirt-daemon-driver-uml-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-vbox\", rpm:\"libvirt-daemon-driver-vbox~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-vbox-debuginfo\", rpm:\"libvirt-daemon-driver-vbox-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-hooks\", rpm:\"libvirt-daemon-hooks~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-lxc\", rpm:\"libvirt-daemon-lxc~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-qemu\", rpm:\"libvirt-daemon-qemu~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-uml\", rpm:\"libvirt-daemon-uml~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-vbox\", rpm:\"libvirt-daemon-vbox~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-debugsource\", rpm:\"libvirt-debugsource~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-libs\", rpm:\"libvirt-libs~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-libs-debuginfo\", rpm:\"libvirt-libs-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-lock-sanlock\", rpm:\"libvirt-lock-sanlock~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-lock-sanlock-debuginfo\", rpm:\"libvirt-lock-sanlock-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-nss\", rpm:\"libvirt-nss~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-nss-debuginfo\", rpm:\"libvirt-nss-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-plugin-libvirt\", rpm:\"wireshark-plugin-libvirt~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-plugin-libvirt-debuginfo\", rpm:\"wireshark-plugin-libvirt-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-client-32bit-debuginfo\", rpm:\"libvirt-client-32bit-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-libxl\", rpm:\"libvirt-daemon-driver-libxl~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-libxl-debuginfo\", rpm:\"libvirt-daemon-driver-libxl-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-rbd\", rpm:\"libvirt-daemon-driver-storage-rbd~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-driver-storage-rbd-debuginfo\", rpm:\"libvirt-daemon-driver-storage-rbd-debuginfo~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-daemon-xen\", rpm:\"libvirt-daemon-xen~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libvirt-devel-32bit\", rpm:\"libvirt-devel-32bit~4.0.0~lp150.7.10.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-06-21T12:43:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3886", "CVE-2019-10132"], "description": "The remote host is missing an update for the ", "modified": "2019-06-20T00:00:00", "published": "2019-06-20T00:00:00", "id": "OPENVAS:1361412562310844057", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844057", "type": "openvas", "title": "Ubuntu Update for libvirt USN-4021-1", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844057\");\n script_version(\"2019-06-20T06:01:12+0000\");\n script_cve_id(\"CVE-2019-10132\", \"CVE-2019-3886\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-06-20 06:01:12 +0000 (Thu, 20 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-20 02:00:33 +0000 (Thu, 20 Jun 2019)\");\n script_name(\"Ubuntu Update for libvirt USN-4021-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.10|UBUNTU19\\.04)\");\n\n script_xref(name:\"USN\", value:\"4021-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-June/004965.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the USN-4021-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Daniel P. Berrang\u00e9 discovered that libvirt incorrectly handled socket\npermissions. A local attacker could possibly use this issue to access\nlibvirt. (CVE-2019-10132)\n\nIt was discovered that libvirt incorrectly performed certain permission\nchecks. A remote attacker could possibly use this issue to access the\nguest agent and cause a denial of service. This issue only affected Ubuntu\n19.04. (CVE-2019-3886)\");\n\n script_tag(name:\"affected\", value:\"'libvirt' package(s) on Ubuntu 19.04, Ubuntu 18.10.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libvirt-clients\", ver:\"4.6.0-2ubuntu3.7\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libvirt-daemon\", ver:\"4.6.0-2ubuntu3.7\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libvirt0\", ver:\"4.6.0-2ubuntu3.7\", rls:\"UBUNTU18.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libvirt-clients\", ver:\"5.0.0-1ubuntu2.3\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libvirt-daemon\", ver:\"5.0.0-1ubuntu2.3\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libvirt0\", ver:\"5.0.0-1ubuntu2.3\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-14T06:17:54", "description": "This update for libvirt fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-3840: Fixed a NULL pointer dereference vulnerability in\nvirJSONValueObjectHasKey function which could have resulted in a\nremote denial of service via the guest agent (bsc#1127458).\n\nCVE-2019-3886: Fixed an information leak which allowed to retrieve the\nguest hostname under readonly mode (bsc#1131595).\n\nOther issues addressed: libxl: support Xen's max_grant_frames setting\nwith maxGrantFrames attribute on the xenbus controller (bsc#1126325).\n\nconf: added new 'xenbus' controller type\n\nutil: skip RDMA detection for non-PCI network devices (bsc#1112182).\n\nqemu: don't use CAP_DAC_OVERRIDE capability if non-root (bsc#1125665).\n\nqemu: fix issues related to restricted permissions on\n/dev/sev(bsc#1102604).\n\nlibxl: save current memory value after successful balloon\n(bsc#1120813).\n\nlibxl: Add support for soft reset. (bsc#1081516)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 19, "cvss3": {"score": 5.4, "vector": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}, "published": "2019-04-16T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2019:0948-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840", "CVE-2019-3886"], "modified": "2019-04-16T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-nss"], "id": "SUSE_SU-2019-0948-1.NASL", "href": "https://www.tenable.com/plugins/nessus/124082", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0948-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124082);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-3840\", \"CVE-2019-3886\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2019:0948-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libvirt fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-3840: Fixed a NULL pointer dereference vulnerability in\nvirJSONValueObjectHasKey function which could have resulted in a\nremote denial of service via the guest agent (bsc#1127458).\n\nCVE-2019-3886: Fixed an information leak which allowed to retrieve the\nguest hostname under readonly mode (bsc#1131595).\n\nOther issues addressed: libxl: support Xen's max_grant_frames setting\nwith maxGrantFrames attribute on the xenbus controller (bsc#1126325).\n\nconf: added new 'xenbus' controller type\n\nutil: skip RDMA detection for non-PCI network devices (bsc#1112182).\n\nqemu: don't use CAP_DAC_OVERRIDE capability if non-root (bsc#1125665).\n\nqemu: fix issues related to restricted permissions on\n/dev/sev(bsc#1102604).\n\nlibxl: save current memory value after successful balloon\n(bsc#1120813).\n\nlibxl: Add support for soft reset. (bsc#1081516)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1081516\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131595\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3840/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3886/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190948-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?68bcf8e0\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-948=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-948=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-948=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3886\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-admin-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-admin-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-client-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-client-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-config-network-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-config-nwfilter-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-interface-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-interface-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-lxc-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-lxc-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-network-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-network-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-nodedev-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-nwfilter-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-qemu-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-qemu-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-secret-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-secret-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-core-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-disk-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-iscsi-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-logical-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-mpath-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-scsi-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-hooks-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-lxc-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-daemon-qemu-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-debugsource-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-doc-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-libs-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-libs-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-lock-sanlock-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-lock-sanlock-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-nss-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libvirt-nss-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-admin-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-admin-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-client-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-client-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-config-network-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-config-nwfilter-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-interface-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-interface-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-lxc-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-lxc-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-network-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-network-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nodedev-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nwfilter-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-qemu-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-qemu-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-secret-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-secret-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-core-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-disk-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-iscsi-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-logical-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-mpath-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-scsi-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-lxc-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-qemu-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-debugsource-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-doc-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-libs-4.0.0-8.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libvirt-libs-debuginfo-4.0.0-8.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-14T06:18:02", "description": "This update for libvirt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-3840: Fixed a NULL pointer dereference vulnerability in\nvirJSONValueObjectHasKey function which could have resulted in a\nremote denial of service via the guest agent (bsc#1127458).\n\nCVE-2019-3886: Fixed an information leak which allowed to retrieve the\nguest hostname under readonly mode (bsc#1131595).\n\nOther issue addressed: cpu: add Skylake-Server and Skylake-Server-IBRS\nCPU models (FATE#327261, bsc#1131955)\n\nlibxl: save current memory value after successful balloon\n(bsc#1120813).\n\nlibxl: support Xen's max_grant_frames setting with maxGrantFrames\nattribute on the xenbus controller (bsc#1126325).\n\nconf: add new 'xenbus' controller type\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 19, "cvss3": {"score": 5.4, "vector": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}, "published": "2019-04-29T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2019:1042-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840", "CVE-2019-3886"], "modified": "2019-04-29T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-nss"], "id": "SUSE_SU-2019-1042-1.NASL", "href": "https://www.tenable.com/plugins/nessus/124361", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1042-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124361);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-3840\", \"CVE-2019-3886\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2019:1042-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libvirt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-3840: Fixed a NULL pointer dereference vulnerability in\nvirJSONValueObjectHasKey function which could have resulted in a\nremote denial of service via the guest agent (bsc#1127458).\n\nCVE-2019-3886: Fixed an information leak which allowed to retrieve the\nguest hostname under readonly mode (bsc#1131595).\n\nOther issue addressed: cpu: add Skylake-Server and Skylake-Server-IBRS\nCPU models (FATE#327261, bsc#1131955)\n\nlibxl: save current memory value after successful balloon\n(bsc#1120813).\n\nlibxl: support Xen's max_grant_frames setting with maxGrantFrames\nattribute on the xenbus controller (bsc#1126325).\n\nconf: add new 'xenbus' controller type\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131595\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3840/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3886/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191042-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c2d2c329\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2019-1042=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-1042=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-1042=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3886\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-admin-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-admin-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-client-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-client-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-config-network-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-config-nwfilter-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-interface-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-interface-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-lxc-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-lxc-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-network-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-network-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-nodedev-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-nwfilter-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-qemu-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-qemu-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-secret-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-secret-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-core-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-disk-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-iscsi-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-logical-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-mpath-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-scsi-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-hooks-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-lxc-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-daemon-qemu-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-debugsource-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-doc-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-libs-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-libs-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-lock-sanlock-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-lock-sanlock-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-nss-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libvirt-nss-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-admin-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-admin-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-client-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-client-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-config-network-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-config-nwfilter-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-interface-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-interface-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-lxc-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-lxc-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-network-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-network-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nodedev-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nwfilter-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-qemu-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-qemu-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-secret-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-secret-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-core-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-disk-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-iscsi-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-logical-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-mpath-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-scsi-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-lxc-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-qemu-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-debugsource-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-doc-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-libs-3.3.0-5.30.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libvirt-libs-debuginfo-3.3.0-5.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-20T12:41:13", "description": "This update for libvirt fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-3840: Fixed a NULL pointer dereference\n vulnerability in virJSONValueObjectHasKey function which\n could have resulted in a remote denial of service via\n the guest agent (bsc#1127458). \n\n - CVE-2019-3886: Fixed an information leak which allowed\n to retrieve the guest hostname under readonly mode\n (bsc#1131595).\n\nOther issue addressed :\n\n - cpu: add Skylake-Server and Skylake-Server-IBRS CPU\n models (FATE#327261, bsc#1131955)\n\n - libxl: save current memory value after successful\n balloon (bsc#1120813).\n\n - libxl: support Xen's max_grant_frames setting with\n maxGrantFrames attribute on the xenbus controller\n (bsc#1126325).\n\n - conf: add new 'xenbus' controller type\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update\nproject.", "edition": 16, "cvss3": {"score": 5.4, "vector": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}, "published": "2019-04-30T00:00:00", "title": "openSUSE Security Update : libvirt (openSUSE-2019-1294)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840", "CVE-2019-3886"], "modified": "2019-04-30T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml", "p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-devel-32bit", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:opensuse:libvirt-nss-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-client-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-network", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:opensuse:libvirt-lock-sanlock", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-hooks", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:opensuse:libvirt-devel", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-uml", "p-cpe:/a:novell:opensuse:libvirt", "p-cpe:/a:novell:opensuse:libvirt-daemon-lxc", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface", "p-cpe:/a:novell:opensuse:libvirt-daemon-xen", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-vbox", "p-cpe:/a:novell:opensuse:libvirt-admin", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-admin-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-client", "p-cpe:/a:novell:opensuse:libvirt-libs", "p-cpe:/a:novell:opensuse:libvirt-nss", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-client-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret", "p-cpe:/a:novell:opensuse:libvirt-debugsource", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-libs-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox-debuginfo", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:opensuse:libvirt-daemon"], "id": "OPENSUSE-2019-1294.NASL", "href": "https://www.tenable.com/plugins/nessus/124402", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1294.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124402);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-3840\", \"CVE-2019-3886\");\n\n script_name(english:\"openSUSE Security Update : libvirt (openSUSE-2019-1294)\");\n script_summary(english:\"Check for the openSUSE-2019-1294 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libvirt fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-3840: Fixed a NULL pointer dereference\n vulnerability in virJSONValueObjectHasKey function which\n could have resulted in a remote denial of service via\n the guest agent (bsc#1127458). \n\n - CVE-2019-3886: Fixed an information leak which allowed\n to retrieve the guest hostname under readonly mode\n (bsc#1131595).\n\nOther issue addressed :\n\n - cpu: add Skylake-Server and Skylake-Server-IBRS CPU\n models (FATE#327261, bsc#1131955)\n\n - libxl: save current memory value after successful\n balloon (bsc#1120813).\n\n - libxl: support Xen's max_grant_frames setting with\n maxGrantFrames attribute on the xenbus controller\n (bsc#1126325).\n\n - conf: add new 'xenbus' controller type\n\nThis update was imported from the SUSE:SLE-12-SP3:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131595\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/327261\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3886\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-uml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-vbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-admin-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-admin-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-client-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-client-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-config-network-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-config-nwfilter-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-interface-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-interface-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-lxc-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-lxc-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-network-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-network-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-nodedev-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-nwfilter-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-qemu-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-qemu-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-secret-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-secret-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-core-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-disk-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-iscsi-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-logical-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-mpath-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-scsi-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-uml-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-uml-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-vbox-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-driver-vbox-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-hooks-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-lxc-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-qemu-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-uml-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-daemon-vbox-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-debugsource-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-devel-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-libs-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-libs-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-lock-sanlock-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-lock-sanlock-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-nss-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libvirt-nss-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libvirt-client-debuginfo-32bit-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-3.3.0-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libvirt-devel-32bit-3.3.0-24.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-admin / libvirt-admin-debuginfo / libvirt-client / etc\");\n}\n", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-07T08:58:21", "description": "According to the version of the libvirt packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - An incorrect permissions check was discovered in\n libvirt 4.8.0 and above. The readonly permission was\n allowed to invoke APIs depending on the guest agent\n which could lead to potentially disclosing unintended\n information or denial of service by causing libvirt to\n block.(CVE-2019-3886)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "cvss3": {"score": 5.4, "vector": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}, "published": "2019-05-30T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : libvirt (EulerOS-SA-2019-1634)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3886"], "modified": "2019-05-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvirt-libs", "p-cpe:/a:huawei:euleros:libvirt-devel", "cpe:/o:huawei:euleros:uvp:3.0.2.0", "p-cpe:/a:huawei:euleros:libvirt-daemon-kvm", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical", "p-cpe:/a:huawei:euleros:libvirt-client", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev", "p-cpe:/a:huawei:euleros:libvirt-docs", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu", "p-cpe:/a:huawei:euleros:libvirt-daemon", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:huawei:euleros:libvirt-admin", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:huawei:euleros:libvirt", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface"], "id": "EULEROS_SA-2019-1634.NASL", "href": "https://www.tenable.com/plugins/nessus/125586", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125586);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-3886\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : libvirt (EulerOS-SA-2019-1634)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libvirt packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - An incorrect permissions check was discovered in\n libvirt 4.8.0 and above. The readonly permission was\n allowed to invoke APIs depending on the guest agent\n which could lead to potentially disclosing unintended\n information or denial of service by causing libvirt to\n block.(CVE-2019-3886)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1634\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?392ed872\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvirt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libvirt-3.2.0-247\",\n \"libvirt-admin-3.2.0-247\",\n \"libvirt-client-3.2.0-247\",\n \"libvirt-daemon-3.2.0-247\",\n \"libvirt-daemon-config-network-3.2.0-247\",\n \"libvirt-daemon-config-nwfilter-3.2.0-247\",\n \"libvirt-daemon-driver-interface-3.2.0-247\",\n \"libvirt-daemon-driver-network-3.2.0-247\",\n \"libvirt-daemon-driver-nodedev-3.2.0-247\",\n \"libvirt-daemon-driver-nwfilter-3.2.0-247\",\n \"libvirt-daemon-driver-qemu-3.2.0-247\",\n \"libvirt-daemon-driver-secret-3.2.0-247\",\n \"libvirt-daemon-driver-storage-3.2.0-247\",\n \"libvirt-daemon-driver-storage-core-3.2.0-247\",\n \"libvirt-daemon-driver-storage-disk-3.2.0-247\",\n \"libvirt-daemon-driver-storage-iscsi-3.2.0-247\",\n \"libvirt-daemon-driver-storage-logical-3.2.0-247\",\n \"libvirt-daemon-driver-storage-mpath-3.2.0-247\",\n \"libvirt-daemon-driver-storage-scsi-3.2.0-247\",\n \"libvirt-daemon-kvm-3.2.0-247\",\n \"libvirt-devel-3.2.0-247\",\n \"libvirt-docs-3.2.0-247\",\n \"libvirt-libs-3.2.0-247\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-07T08:58:16", "description": "According to the version of the libvirt packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - An incorrect permissions check was discovered in\n libvirt 4.8.0 and above. The readonly permission was\n allowed to invoke APIs depending on the guest agent\n which could lead to potentially disclosing unintended\n information or denial of service by causing libvirt to\n block.(CVE-2019-3886)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "cvss3": {"score": 5.4, "vector": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}, "published": "2019-05-30T00:00:00", "title": "EulerOS Virtualization 3.0.1.0 : libvirt (EulerOS-SA-2019-1610)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3886"], "modified": "2019-05-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvirt-libs", "p-cpe:/a:huawei:euleros:libvirt-devel", "p-cpe:/a:huawei:euleros:libvirt-daemon-kvm", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical", "p-cpe:/a:huawei:euleros:libvirt-client", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev", "cpe:/o:huawei:euleros:uvp:3.0.1.0", "p-cpe:/a:huawei:euleros:libvirt-docs", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu", "p-cpe:/a:huawei:euleros:libvirt-daemon", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:huawei:euleros:libvirt-admin", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:huawei:euleros:libvirt", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface"], "id": "EULEROS_SA-2019-1610.NASL", "href": "https://www.tenable.com/plugins/nessus/125562", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125562);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-3886\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : libvirt (EulerOS-SA-2019-1610)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libvirt packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - An incorrect permissions check was discovered in\n libvirt 4.8.0 and above. The readonly permission was\n allowed to invoke APIs depending on the guest agent\n which could lead to potentially disclosing unintended\n information or denial of service by causing libvirt to\n block.(CVE-2019-3886)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1610\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?09d29c1b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvirt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libvirt-3.2.0-238\",\n \"libvirt-admin-3.2.0-238\",\n \"libvirt-client-3.2.0-238\",\n \"libvirt-daemon-3.2.0-238\",\n \"libvirt-daemon-config-network-3.2.0-238\",\n \"libvirt-daemon-config-nwfilter-3.2.0-238\",\n \"libvirt-daemon-driver-interface-3.2.0-238\",\n \"libvirt-daemon-driver-network-3.2.0-238\",\n \"libvirt-daemon-driver-nodedev-3.2.0-238\",\n \"libvirt-daemon-driver-nwfilter-3.2.0-238\",\n \"libvirt-daemon-driver-qemu-3.2.0-238\",\n \"libvirt-daemon-driver-secret-3.2.0-238\",\n \"libvirt-daemon-driver-storage-3.2.0-238\",\n \"libvirt-daemon-driver-storage-core-3.2.0-238\",\n \"libvirt-daemon-driver-storage-disk-3.2.0-238\",\n \"libvirt-daemon-driver-storage-gluster-3.2.0-238\",\n \"libvirt-daemon-driver-storage-iscsi-3.2.0-238\",\n \"libvirt-daemon-driver-storage-logical-3.2.0-238\",\n \"libvirt-daemon-driver-storage-mpath-3.2.0-238\",\n \"libvirt-daemon-driver-storage-rbd-3.2.0-238\",\n \"libvirt-daemon-driver-storage-scsi-3.2.0-238\",\n \"libvirt-daemon-kvm-3.2.0-238\",\n \"libvirt-devel-3.2.0-238\",\n \"libvirt-docs-3.2.0-238\",\n \"libvirt-libs-3.2.0-238\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-14T06:18:08", "description": "This update for libvirt fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-3886: Fixed an information leak which allowed to retrieve the\nguest hostname under readonly mode (bsc#1131595).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 5.4, "vector": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}, "published": "2019-05-20T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2019:1285-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3886"], "modified": "2019-05-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:wireshark-plugin-libvirt", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-plugin-libvirt-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-devel", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-nss"], "id": "SUSE_SU-2019-1285-1.NASL", "href": "https://www.tenable.com/plugins/nessus/125280", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1285-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125280);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-3886\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2019:1285-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libvirt fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-3886: Fixed an information leak which allowed to retrieve the\nguest hostname under readonly mode (bsc#1131595).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131595\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3886/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191285-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cbb8c950\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2019-1285=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-1285=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-1285=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-plugin-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-plugin-libvirt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-admin-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-admin-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-client-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-client-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-config-network-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-config-nwfilter-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-interface-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-interface-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-lxc-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-lxc-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-network-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-network-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-nodedev-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-nwfilter-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-qemu-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-qemu-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-secret-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-secret-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-core-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-core-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-disk-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-disk-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-iscsi-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-iscsi-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-logical-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-logical-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-mpath-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-mpath-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-scsi-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-driver-storage-scsi-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-hooks-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-lxc-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-daemon-qemu-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-debugsource-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-devel-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-doc-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-libs-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-libs-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-lock-sanlock-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-lock-sanlock-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-nss-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libvirt-nss-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-plugin-libvirt-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-plugin-libvirt-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libvirt-debugsource-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libvirt-libs-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libvirt-libs-debuginfo-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-plugin-libvirt-4.0.0-9.19.4\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-plugin-libvirt-debuginfo-4.0.0-9.19.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 4.8, "vector": "AV:A/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-07T08:58:40", "description": "According to the version of the libvirt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - A NULL pointer dereference flaw was discovered in\n libvirt in the way it gets interface information\n through the QEMU agent. An attacker in a guest VM can\n use this flaw to crash libvirtd and cause a denial of\n service.(CVE-2019-3840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 12, "cvss3": {"score": 6.3, "vector": "AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}, "published": "2019-07-02T00:00:00", "title": "EulerOS 2.0 SP5 : libvirt (EulerOS-SA-2019-1684)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "modified": "2019-07-02T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libvirt-libs", "p-cpe:/a:huawei:euleros:libvirt-daemon-kvm", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical", "p-cpe:/a:huawei:euleros:libvirt-client", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu", "p-cpe:/a:huawei:euleros:libvirt-daemon", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-lxc", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:huawei:euleros:libvirt", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1684.NASL", "href": "https://www.tenable.com/plugins/nessus/126425", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126425);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-3840\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libvirt (EulerOS-SA-2019-1684)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libvirt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - A NULL pointer dereference flaw was discovered in\n libvirt in the way it gets interface information\n through the QEMU agent. An attacker in a guest VM can\n use this flaw to crash libvirtd and cause a denial of\n service.(CVE-2019-3840)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1684\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d613e5cb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libvirt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libvirt-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-client-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-config-network-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-config-nwfilter-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-interface-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-lxc-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-network-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-nodedev-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-nwfilter-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-qemu-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-secret-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-storage-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-storage-core-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-storage-disk-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-storage-gluster-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-storage-iscsi-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-storage-logical-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-storage-mpath-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-storage-rbd-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-driver-storage-scsi-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-daemon-kvm-3.9.0-14.7.h2.eulerosv2r7\",\n \"libvirt-libs-3.9.0-14.7.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-03-01T07:38:24", "description": "It was discovered that libvirt incorrectly handled waiting for certain\nagent events. An attacker inside a guest could possibly use this issue\nto cause libvirtd to stop responding, resulting in a denial of\nservice.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 19, "cvss3": {"score": 6.3, "vector": "AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}, "published": "2019-03-15T00:00:00", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : libvirt vulnerability (USN-3909-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libvirt-bin", "p-cpe:/a:canonical:ubuntu_linux:libvirt-clients", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:16.04", "p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libvirt0"], "id": "UBUNTU_USN-3909-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122868", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3909-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122868);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/05\");\n\n script_cve_id(\"CVE-2019-3840\");\n script_xref(name:\"USN\", value:\"3909-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : libvirt vulnerability (USN-3909-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that libvirt incorrectly handled waiting for certain\nagent events. An attacker inside a guest could possibly use this issue\nto cause libvirtd to stop responding, resulting in a denial of\nservice.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3909-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libvirt-bin\", pkgver:\"1.3.1-1ubuntu10.25\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libvirt0\", pkgver:\"1.3.1-1ubuntu10.25\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libvirt-clients\", pkgver:\"4.0.0-1ubuntu8.8\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libvirt-daemon\", pkgver:\"4.0.0-1ubuntu8.8\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libvirt0\", pkgver:\"4.0.0-1ubuntu8.8\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libvirt-clients\", pkgver:\"4.6.0-2ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libvirt-daemon\", pkgver:\"4.6.0-2ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libvirt0\", pkgver:\"4.6.0-2ubuntu3.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt-bin / libvirt-clients / libvirt-daemon / libvirt0\");\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-03-01T05:51:05", "description": "An update for libvirt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe libvirt library contains a C API for managing and interacting with\nthe virtualization capabilities of Linux and other operating systems.\nIn addition, libvirt provides tools for remote management of\nvirtualized systems.\n\nSecurity Fix(es) :\n\n* libvirt: NULL pointer dereference after running qemuAgentCommand in\nqemuAgentGetInterfaces function (CVE-2019-3840)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.", "edition": 19, "cvss3": {"score": 6.3, "vector": "AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}, "published": "2019-08-12T00:00:00", "title": "RHEL 7 : libvirt (RHSA-2019:2294)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-lxc", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss", "p-cpe:/a:redhat:enterprise_linux:libvirt-admin", "p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-login-shell", "p-cpe:/a:redhat:enterprise_linux:libvirt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel"], "id": "REDHAT-RHSA-2019-2294.NASL", "href": "https://www.tenable.com/plugins/nessus/127708", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2294. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127708);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-3840\");\n script_xref(name:\"RHSA\", value:\"2019:2294\");\n\n script_name(english:\"RHEL 7 : libvirt (RHSA-2019:2294)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for libvirt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe libvirt library contains a C API for managing and interacting with\nthe virtualization capabilities of Linux and other operating systems.\nIn addition, libvirt provides tools for remote management of\nvirtualized systems.\n\nSecurity Fix(es) :\n\n* libvirt: NULL pointer dereference after running qemuAgentCommand in\nqemuAgentGetInterfaces function (CVE-2019-3840)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-3840\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2294\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-admin-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-admin-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-bash-completion-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-bash-completion-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libvirt-client-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-config-network-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-config-network-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-config-nwfilter-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-config-nwfilter-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-interface-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-interface-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-lxc-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-lxc-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-network-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-network-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-nodedev-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nodedev-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-nwfilter-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nwfilter-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-qemu-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-qemu-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-secret-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-secret-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-core-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-core-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-disk-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-disk-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-gluster-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-logical-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-logical-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-mpath-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-mpath-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-driver-storage-scsi-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-scsi-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-kvm-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-kvm-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-daemon-lxc-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-daemon-lxc-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libvirt-debuginfo-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libvirt-devel-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-docs-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-docs-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libvirt-libs-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-lock-sanlock-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-lock-sanlock-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libvirt-login-shell-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libvirt-login-shell-4.5.0-23.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"libvirt-nss-4.5.0-23.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-admin / libvirt-bash-completion / libvirt-client / etc\");\n }\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-03-01T01:37:31", "description": "An update for libvirt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe libvirt library contains a C API for managing and interacting with\nthe virtualization capabilities of Linux and other operating systems.\nIn addition, libvirt provides tools for remote management of\nvirtualized systems.\n\nSecurity Fix(es) :\n\n* libvirt: NULL pointer dereference after running qemuAgentCommand in\nqemuAgentGetInterfaces function (CVE-2019-3840)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.", "edition": 18, "cvss3": {"score": 6.3, "vector": "AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}, "published": "2019-08-30T00:00:00", "title": "CentOS 7 : libvirt (CESA-2019:2294)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-3840"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libvirt-docs", "p-cpe:/a:centos:centos:libvirt-libs", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-logical", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-disk", "p-cpe:/a:centos:centos:libvirt-daemon-driver-lxc", "p-cpe:/a:centos:centos:libvirt-client", "p-cpe:/a:centos:centos:libvirt-daemon-config-nwfilter", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-mpath", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:libvirt-daemon-driver-interface", "p-cpe:/a:centos:centos:libvirt-daemon-driver-qemu", "p-cpe:/a:centos:centos:libvirt-lock-sanlock", "p-cpe:/a:centos:centos:libvirt-bash-completion", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage", "p-cpe:/a:centos:centos:libvirt-daemon-lxc", "p-cpe:/a:centos:centos:libvirt-daemon-driver-secret", "p-cpe:/a:centos:centos:libvirt-daemon-kvm", "p-cpe:/a:centos:centos:libvirt", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:centos:centos:libvirt-daemon", "p-cpe:/a:centos:centos:libvirt-daemon-driver-nwfilter", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-core", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:centos:centos:libvirt-nss", "p-cpe:/a:centos:centos:libvirt-daemon-config-network", "p-cpe:/a:centos:centos:libvirt-admin", "p-cpe:/a:centos:centos:libvirt-login-shell", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:centos:centos:libvirt-daemon-driver-network", "p-cpe:/a:centos:centos:libvirt-daemon-driver-nodedev", "p-cpe:/a:centos:centos:libvirt-devel"], "id": "CENTOS_RHSA-2019-2294.NASL", "href": "https://www.tenable.com/plugins/nessus/128386", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2294 and \n# CentOS Errata and Security Advisory 2019:2294 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128386);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-3840\");\n script_xref(name:\"RHSA\", value:\"2019:2294\");\n\n script_name(english:\"CentOS 7 : libvirt (CESA-2019:2294)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for libvirt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe libvirt library contains a C API for managing and interacting with\nthe virtualization capabilities of Linux and other operating systems.\nIn addition, libvirt provides tools for remote management of\nvirtualized systems.\n\nSecurity Fix(es) :\n\n* libvirt: NULL pointer dereference after running qemuAgentCommand in\nqemuAgentGetInterfaces function (CVE-2019-3840)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/005972.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6a3a9f8f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3840\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-login-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-admin-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-bash-completion-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-client-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-config-network-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-config-nwfilter-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-interface-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-lxc-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-network-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nodedev-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-nwfilter-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-qemu-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-secret-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-core-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-disk-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-gluster-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-iscsi-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-logical-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-mpath-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-rbd-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-storage-scsi-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-kvm-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-daemon-lxc-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-devel-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-docs-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-libs-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-lock-sanlock-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-login-shell-4.5.0-23.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libvirt-nss-4.5.0-23.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-admin / libvirt-bash-completion / libvirt-client / etc\");\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2019-04-29T04:20:31", "bulletinFamily": "unix", "cvelist": ["CVE-2019-3840"], "description": "This update for libvirt provides the following fixes:\n\n Security issue fixed:\n\n - CVE-2019-3840: Fixed a null pointer dereference vulnerability in\n virJSONValueObjectHasKey function which could have resulted in a remote\n denial of service via the guest agent (bsc#1127458).\n\n Other issues addressed:\n\n - apparmor: reintroduce upstream lxc mount rules (bsc#1130129).\n - hook: encode incoming XML to UTF-8 before passing to lxml etree from\n string method (bsc#1123642).\n - supportconfig: collect rotated logs in /var/log/libvirt/* (bsc#1124667).\n - libxl: support Xen's max_grant_frames setting with maxGrantFrames\n attribute on the xenbus controller (bsc#1126325).\n - conf: added new 'xenbus' controller type\n - util: skip RDMA detection for non-PCI network devices (bsc#1112182).\n - qemu: don't use CAP_DAC_OVERRIDE capability if non-root (bsc#1125665).\n - qemu: fix issues related to restricted permissions on\n /dev/sev(bsc#1102604).\n - apparmor: add support for named profiles (bsc#1118952).\n - libxl: save current memory value after successful balloon (bsc#1120813).\n - apparmor: Fix ptrace rules. (bsc#1117058)\n - libxl: Add support for soft reset. (bsc#1081516)\n - libxl: Fix VM migration on busy hosts. (bsc#1108086)\n - qemu: Add support for SEV guests. (fate#325817)\n - util: Don't check for parallel iteration in hash-related functions.\n (bsc#1106420)\n - spec: Don't restart libvirt-guests when updating libvirt-client.\n (bsc#1104662)\n - Fix virNodeGetSEVInfo API crashing libvirtd on AMD SEV enabled hosts.\n (bsc#1108395)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-04-29T03:08:51", "published": "2019-04-29T03:08:51", "id": "OPENSUSE-SU-2019:1288-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00101.html", "title": "Security update for libvirt (important)", "type": "suse", "cvss": {"score": 3.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-12-20T18:27:07", "bulletinFamily": "unix", "cvelist": ["CVE-2019-3840"], "description": "**CentOS Errata and Security Advisory** CESA-2019:2294\n\n\nThe libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.\n\nSecurity Fix(es):\n\n* libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function (CVE-2019-3840)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2019-August/005972.html\n\n**Affected packages:**\nlibvirt\nlibvirt-admin\nlibvirt-bash-completion\nlibvirt-client\nlibvirt-daemon\nlibvirt-daemon-config-network\nlibvirt-daemon-config-nwfilter\nlibvirt-daemon-driver-interface\nlibvirt-daemon-driver-lxc\nlibvirt-daemon-driver-network\nlibvirt-daemon-driver-nodedev\nlibvirt-daemon-driver-nwfilter\nlibvirt-daemon-driver-qemu\nlibvirt-daemon-driver-secret\nlibvirt-daemon-driver-storage\nlibvirt-daemon-driver-storage-core\nlibvirt-daemon-driver-storage-disk\nlibvirt-daemon-driver-storage-gluster\nlibvirt-daemon-driver-storage-iscsi\nlibvirt-daemon-driver-storage-logical\nlibvirt-daemon-driver-storage-mpath\nlibvirt-daemon-driver-storage-rbd\nlibvirt-daemon-driver-storage-scsi\nlibvirt-daemon-kvm\nlibvirt-daemon-lxc\nlibvirt-devel\nlibvirt-docs\nlibvirt-libs\nlibvirt-lock-sanlock\nlibvirt-login-shell\nlibvirt-nss\n\n**Upstream details at:**\n", "edition": 2, "modified": "2019-08-30T03:33:00", "published": "2019-08-30T03:33:00", "id": "CESA-2019:2294", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2019-August/005972.html", "title": "libvirt security update", "type": "centos", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:34:46", "bulletinFamily": "unix", "cvelist": ["CVE-2019-3840"], "description": "It was discovered that libvirt incorrectly handled waiting for certain \nagent events. An attacker inside a guest could possibly use this issue to \ncause libvirtd to stop responding, resulting in a denial of service.", "edition": 4, "modified": "2019-03-14T00:00:00", "published": "2019-03-14T00:00:00", "id": "USN-3909-1", "href": "https://ubuntu.com/security/notices/USN-3909-1", "title": "libvirt vulnerability", "type": "ubuntu", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-07-09T01:36:38", "bulletinFamily": "unix", "cvelist": ["CVE-2019-3886", "CVE-2019-10132"], "description": "Daniel P. Berrang\u00e9 discovered that libvirt incorrectly handled socket \npermissions. A local attacker could possibly use this issue to access \nlibvirt. (CVE-2019-10132)\n\nIt was discovered that libvirt incorrectly performed certain permission \nchecks. A remote attacker could possibly use this issue to access the \nguest agent and cause a denial of service. This issue only affected Ubuntu \n19.04. (CVE-2019-3886)", "edition": 2, "modified": "2019-06-19T00:00:00", "published": "2019-06-19T00:00:00", "id": "USN-4021-1", "href": "https://ubuntu.com/security/notices/USN-4021-1", "title": "libvirt vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-3840"], "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "modified": "2019-05-05T02:43:52", "published": "2019-05-05T02:43:52", "id": "FEDORA:DD32C6076D0E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libvirt-4.7.0-2.fc29", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2019-10132", "CVE-2019-10161", "CVE-2019-10166", "CVE-2019-10167", "CVE-2019-10168", "CVE-2019-11091", "CVE-2019-3840", "CVE-2019-3886"], "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "modified": "2019-07-09T02:25:07", "published": "2019-07-09T02:25:07", "id": "FEDORA:B550461845B3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libvirt-4.7.0-5.fc29", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2019-11091", "CVE-2019-3840"], "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "modified": "2019-05-17T03:18:05", "published": "2019-05-17T03:18:05", "id": "FEDORA:69C3B608C005", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: libvirt-4.7.0-3.fc29", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2019-10132", "CVE-2019-10161", "CVE-2019-10166", "CVE-2019-10167", "CVE-2019-10168", "CVE-2019-11091", "CVE-2019-3886"], "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "modified": "2019-07-09T00:56:34", "published": "2019-07-09T00:56:34", "id": "FEDORA:761BC607A42A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: libvirt-5.1.0-9.fc30", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-15T00:44:14", "bulletinFamily": "unix", "cvelist": ["CVE-2019-3840"], "description": "The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.\n\nSecurity Fix(es):\n\n* libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function (CVE-2019-3840)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "modified": "2019-08-06T13:45:11", "published": "2019-08-06T12:22:20", "id": "RHSA-2019:2294", "href": "https://access.redhat.com/errata/RHSA-2019:2294", "type": "redhat", "title": "(RHSA-2019:2294) Moderate: libvirt security, bug fix, and enhancement update", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:34:38", "bulletinFamily": "unix", "cvelist": ["CVE-2019-3840"], "description": "**Issue Overview:**\n\nA NULL pointer dereference flaw was discovered in libvirt in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service. ([CVE-2019-3840 __](<https://access.redhat.com/security/cve/CVE-2019-3840>))\n\n \n**Affected Packages:** \n\n\nlibvirt\n\n \n**Issue Correction:** \nRun _yum update libvirt_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n libvirt-4.5.0-23.amzn2.aarch64 \n libvirt-docs-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-config-network-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-config-nwfilter-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-network-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-nwfilter-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-nodedev-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-interface-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-secret-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-storage-core-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-storage-logical-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-storage-disk-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-storage-scsi-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-storage-iscsi-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-storage-mpath-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-storage-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-qemu-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-driver-lxc-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-kvm-4.5.0-23.amzn2.aarch64 \n libvirt-daemon-lxc-4.5.0-23.amzn2.aarch64 \n libvirt-client-4.5.0-23.amzn2.aarch64 \n libvirt-libs-4.5.0-23.amzn2.aarch64 \n libvirt-admin-4.5.0-23.amzn2.aarch64 \n libvirt-bash-completion-4.5.0-23.amzn2.aarch64 \n libvirt-login-shell-4.5.0-23.amzn2.aarch64 \n libvirt-devel-4.5.0-23.amzn2.aarch64 \n libvirt-lock-sanlock-4.5.0-23.amzn2.aarch64 \n libvirt-nss-4.5.0-23.amzn2.aarch64 \n libvirt-debuginfo-4.5.0-23.amzn2.aarch64 \n \n i686: \n libvirt-4.5.0-23.amzn2.i686 \n libvirt-docs-4.5.0-23.amzn2.i686 \n libvirt-daemon-4.5.0-23.amzn2.i686 \n libvirt-daemon-config-network-4.5.0-23.amzn2.i686 \n libvirt-daemon-config-nwfilter-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-network-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-nwfilter-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-nodedev-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-interface-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-secret-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-storage-core-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-storage-logical-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-storage-disk-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-storage-scsi-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-storage-iscsi-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-storage-mpath-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-storage-4.5.0-23.amzn2.i686 \n libvirt-daemon-driver-lxc-4.5.0-23.amzn2.i686 \n libvirt-daemon-lxc-4.5.0-23.amzn2.i686 \n libvirt-client-4.5.0-23.amzn2.i686 \n libvirt-libs-4.5.0-23.amzn2.i686 \n libvirt-admin-4.5.0-23.amzn2.i686 \n libvirt-bash-completion-4.5.0-23.amzn2.i686 \n libvirt-login-shell-4.5.0-23.amzn2.i686 \n libvirt-devel-4.5.0-23.amzn2.i686 \n libvirt-nss-4.5.0-23.amzn2.i686 \n libvirt-debuginfo-4.5.0-23.amzn2.i686 \n \n src: \n libvirt-4.5.0-23.amzn2.src \n \n x86_64: \n libvirt-4.5.0-23.amzn2.x86_64 \n libvirt-docs-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-config-network-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-config-nwfilter-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-network-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-nwfilter-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-nodedev-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-interface-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-secret-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-storage-core-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-storage-logical-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-storage-disk-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-storage-scsi-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-storage-iscsi-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-storage-mpath-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-storage-gluster-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-storage-rbd-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-storage-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-qemu-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-driver-lxc-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-kvm-4.5.0-23.amzn2.x86_64 \n libvirt-daemon-lxc-4.5.0-23.amzn2.x86_64 \n libvirt-client-4.5.0-23.amzn2.x86_64 \n libvirt-libs-4.5.0-23.amzn2.x86_64 \n libvirt-admin-4.5.0-23.amzn2.x86_64 \n libvirt-bash-completion-4.5.0-23.amzn2.x86_64 \n libvirt-login-shell-4.5.0-23.amzn2.x86_64 \n libvirt-devel-4.5.0-23.amzn2.x86_64 \n libvirt-lock-sanlock-4.5.0-23.amzn2.x86_64 \n libvirt-nss-4.5.0-23.amzn2.x86_64 \n libvirt-debuginfo-4.5.0-23.amzn2.x86_64 \n \n \n", "edition": 1, "modified": "2019-11-11T17:40:00", "published": "2019-11-11T17:40:00", "id": "ALAS2-2019-1361", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1361.html", "title": "Medium: libvirt", "type": "amazon", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-08-14T08:34:38", "bulletinFamily": "unix", "cvelist": ["CVE-2019-3840", "CVE-2018-12126", "CVE-2018-12127", "CVE-2019-10132", "CVE-2019-10168", "CVE-2019-10166", "CVE-2019-10167", "CVE-2019-10161", "CVE-2019-11091", "CVE-2018-12130"], "description": "[4.5.0-23]\n- api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161)\n- api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166)\n- api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167)\n- api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168)\n[4.5.0-22]\n- qemu: Drop cleanup label from qemuProcessInitCpuAffinity() (rhbz#1718172)\n- qemu: Fix NULL pointer access in qemuProcessInitCpuAffinity() (rhbz#1718172)\n[4.5.0-21]\n- cpu_conf: Fix XPath for parsing TSC frequency (rhbz#1641702)\n[4.5.0-20]\n- util: alloc: add macros for implementing automatic cleanup functionality (rhbz#1703661)\n- util: bitmap: define cleanup function using VIR_DEFINE_AUTOPTR_FUNC (rhbz#1703661)\n- util: Introduce virBitmapUnion() (rhbz#1703661)\n- util: Introduce virNumaNodesetToCPUset() (rhbz#1703661)\n- qemu: Fix qemuProcessInitCpuAffinity() (rhbz#1703661)\n- qemu: Fix leak in qemuProcessInitCpuAffinity() (rhbz#1703661)\n[4.5.0-19]\n- virfile: added GPFS as shared fs (rhbz#1710728)\n- util: file: introduce VIR_AUTOCLOSE macro to close fd of the file automatically (rhbz#1641702)\n- vircpuhost: Add support for reading MSRs (rhbz#1641702)\n- virhostcpu: Make virHostCPUGetMSR() work only on x86 (rhbz#1641702)\n- qemu: Make virQEMUCapsProbeHostCPUForEmulator more generic (rhbz#1641702)\n- qemuargv2xmltest: Use mocked virQEMUCapsProbeHostCPU (rhbz#1641702)\n- util: Add virHostCPUGetTscInfo (rhbz#1641702)\n- conf: Report TSC frequency in host CPU capabilities (rhbz#1641702)\n- cpu_x86: Fix placement of *CheckFeature functions (rhbz#1641702)\n- cpu_x86: Probe TSC frequency and scaling support (rhbz#1641702)\n- qemu: Check TSC frequency before starting QEMU (rhbz#1641702)\n- util: Propagate numad failures correctly (rhbz#1716387)\n[4.5.0-18]\n- admin: reject clients unless their UID matches the current UID (CVE-2019-10132)\n- locking: restrict sockets to mode 0600 (CVE-2019-10132)\n- logging: restrict sockets to mode 0600 (CVE-2019-10132)\n- util: require command args to be non-NULL (rhbz#1672957)\n- qemu: use line breaks in command line args written to log (rhbz#1672957)\n[4.5.0-17]\n- cpu_map: Add support for cldemote CPU feature (rhbz#1537777)\n- cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5 (CVE-2018-12126, CVE-2018-12127, CVE-2019-11091, CVE-2018-12130)\n- cpu_map: Define md-clear CPUID bit (CVE-2018-12126, CVE-2018-12127, CVE-2019-11091, CVE-2018-12130)\n[4.5.0-16]\n- Handle copying bitmaps to larger data buffers (rhbz#1703159)\n- nwfilter: fix adding std MAC and IP values to filter binding (rhbz#1691358)\n- util: suppress unimportant ovs-vsctl errors when getting interface stats (rhbz#1683175)\n[4.5.0-15]\n- qemu_hotplug: Initialize @charAlias in qemuDomainRemoveChrDevice (rhbz#1658198)\n[4.5.0-14]\n- cpu_map: Add features for Icelake CPUs (rhbz#1527659, rhbz#1526624)\n- cpu_map: Add Icelake CPU models (rhbz#1526624)\n- cpu_x86: Do not cache microcode version (rhbz#1576369)\n- qemu: Dont cache microcode version (rhbz#1576369)\n- util: Rename some functions of virresctrl (rhbz#1468650)\n- util: Refactor virResctrlGetInfo in virresctrl (rhbz#1468650)\n- util: Refactor virResctrlAllocFormat of virresctrl (rhbz#1468650)\n- util: Add MBA capability information query to resctrl (rhbz#1468650)\n- util: Add MBA check to virResctrlInfoGetCache (rhbz#1468650)\n- util: Add MBA allocation to virresctrl (rhbz#1468650)\n- util: Add MBA schemata parse and format methods (rhbz#1468650)\n- util: Add support to calculate MBA utilization (rhbz#1468650)\n- util: Introduce virResctrlAllocForeachMemory (rhbz#1468650)\n- util: Introduce virResctrlAllocSetMemoryBandwidth (rhbz#1468650)\n- conf: Rename cachetune to resctrl (rhbz#1468650)\n- conf: Factor out vcpus parsing part from virDomainCachetuneDefParse (rhbz#1468650)\n- conf: Factor out vcpus overlapping from virDomainCachetuneDefParse (rhbz#1468650)\n- conf: Factor out virDomainResctrlDef update from virDomainCachetuneDefParse (rhbz#1468650)\n- conf: Add support for memorytune XML processing for resctrl MBA (rhbz#1468650)\n- conf: Add return value check to virResctrlAllocForeachCache (rhbz#1468650)\n- conf: Add memory bandwidth allocation capability of host (rhbz#1468650)\n- conf: Fix bug in finding alloc through matching vcpus (rhbz#1468650)\n- resctrl: Do not calculate free bandwidth for MBA (rhbz#1468650)\n- resctrl: Set MBA defaults properly (rhbz#1468650)\n- resctrl: Fix testing line (rhbz#1468650)\n- virresctrl: fix MBA memory leak (rhbz#1468650)\n- test: caps: Add capabilities for QEMU 3.1.0 (rhbz#1628892)\n- util: Introduce virHostGetDRMRenderNode helper (rhbz#1628892)\n- conf: Introduce virDomainGraphics-related helpers (rhbz#1628892)\n- qemu: process: spice: Pick the first available DRM render node (rhbz#1628892)\n- qemu: command: Introduce qemuBuildGraphicsEGLHeadlessCommandLine helper (rhbz#1628892)\n- qemu: caps: Introduce QEMU_EGL_HEADLESS_RENDERNODE capability (rhbz#1628892)\n- conf: gfx: Add egl-headless as a member to virDomainGraphicsDef struct (rhbz#1628892)\n- conf: gfx: egl-headless: Introduce a new \n subelement (rhbz#1628892)\n- qemu: domain: egl-headless: Add the DRI device into the namespace (rhbz#1628892)\n- qemu: cgroup: gfx: egl-headless: Add the DRI device into the cgroup list (rhbz#1628892)\n- security: dac: gfx: egl-headless: Relabel the DRI device (rhbz#1628892)\n- qemu: command: gfx: egl-headless: Add 'rendernode' option to the cmdline (rhbz#1628892)\n- domain: conf: graphics: Fix picking DRI renderer automatically for SPICE (rhbz#1628892)\n- qemu: domain: gfx: Fix shadowing of a function argument in validation (rhbz#1628892)\n[4.5.0-13]\n- storage: Extract out mount command creation for FS Backend (rhbz#1584663)\n- storage: Move FS backend mount creation command helper (rhbz#1584663)\n- storage: Move virStorageBackendFileSystemGetPoolSource (rhbz#1584663)\n- tests: Introduce tests for storage pool xml to argv checks (rhbz#1584663)\n- tests: Add storagepool xml test for netfs-auto (rhbz#1584663)\n- storage: Rework virStorageBackendFileSystemMountCmd (rhbz#1584663)\n- storage: Add default mount options for fs/netfs storage pools (rhbz#1584663)\n- conf: Add optional NFS Source Pool \n option (rhbz#1584663)\n- storage: Add the nfsvers to the command line (rhbz#1584663)\n- virsh: Add source-protocol-ver for pool commands (rhbz#1584663)\n- RHEL: conf: storage: Fix a memory leak in virStoragePoolDefParseSource (rhbz#1584663)\n- tests: Reuse qemucapabilities data for qemucaps2xml (rhbz#1628469)\n- tests: Add more tests to qemucaps2xml (rhbz#1628469)\n- qemu: Drop QEMU_CAPS_ENABLE_KVM (rhbz#1628469)\n- qemu: Avoid probing non-native binaries all the time (rhbz#1628469)\n- qemu: Clarify QEMU_CAPS_KVM (rhbz#1628469)\n- qemu: Dont check for /dev/kvm presence (rhbz#1628469)\n- tests: Follow up on qemucaps2xmldata rename (rhbz#1628469)\n- qemu: hotplug: Dont generate alias when detaching disk (rhbz#1658198)\n- qemu: hotplug: Dont generate alias when detaching controllers (rhbz#1658198)\n- tests: add channel-unix-guestfwd (rhbz#1658198)\n- qemu: Use @tmpChr in qemuDomainDetachChrDevice to build device string (rhbz#1658198)\n- qemuL: Drop 'user-' prefix for guestfwd netdev (rhbz#1658198)\n- qemu_hotplug: Attach guestfwd using netdev_add (rhbz#1658198)\n- qemu_hotplug: Detach guestfwd using netdev_del (rhbz#1658198)\n- qemuhotplugtest: Test guestfwd attach and detach (rhbz#1658198)\n- qemu_hotplug: Dont build device string in qemuDomainDetachChrDevice (rhbz#1658198)\n- qemu_hotplug: Assume chardev alias always exists in qemuDomainDetachChrDevice (rhbz#1658198)\n- qemu: fix device name passed to error report (rhbz#1658198)\n- qemu_hotplug: Properly check for qemuMonitorDelDevice retval (rhbz#1658198)\n- qemu_hotplug: Introduce and use qemuDomainDeleteDevice (rhbz#1658198)\n- qemu: hotplug: Remove 'ret' variable in qemuDomainDetachDeviceDiskLive (rhbz#1658198)\n- qemu: hotplug: Use typecasted enum in qemuDomainDetachDeviceDiskLive (rhbz#1658198)\n- qemu: hotplug: Use switch statement for selecting disk bus function (rhbz#1658198)\n- qemu: hotplug: Merge virtio and non-virtio disk unplug code (rhbz#1658198)\n- qemu_hotplug: remove unnecessary check for valid PCI address (rhbz#1658198)\n- qemu_hotplug: rename a virDomainDeviceInfoPtr to avoid confusion (rhbz#1658198)\n- qemu_hotplug: eliminate multiple identical qemuDomainDetachHost*Device() functions (rhbz#1658198)\n- qemu_hotplug: eliminate unnecessary call to qemuDomainDetachNetDevice() (rhbz#1658198)\n- qemu_hotplug: refactor qemuDomainDetachDiskLive and qemuDomainDetachDiskDevice (rhbz#1658198)\n- qemu_hotplug: dont call DetachThisHostDevice for hostdev network devices (rhbz#1658198)\n- qemu_hotplug: merge qemuDomainDetachThisHostDevice into qemuDomainDetachHostDevice (rhbz#1658198)\n- qemu_hotplug: move qemuDomainChangeGraphicsPasswords() (rhbz#1658198)\n- qemu_hotplug: move (almost) all qemuDomainDetach*() functions together (rhbz#1658198)\n- qemu_hotplug: move (Attach|Detach)Lease functions with others of same type (rhbz#1658198)\n- qemu_hotplug: move qemuDomainDetachDeviceLive() to qemu_hotplug.c (rhbz#1658198)\n- qemu_hotplug: remove extra function in middle of DetachController call chain (rhbz#1658198)\n- qemu_hotplug: pull qemuDomainUpdateDeviceList out of qemuDomainDetachDeviceLive (rhbz#1658198)\n- test: replace calls to individual detach functions with one call to main detach (rhbz#1658198)\n- qemu_hotplug: make Detach functions called only from qemu_hotplug.c static (rhbz#1658198)\n- qemu_hotplug: rename dev to match in qemuDomainDetachDeviceLive (rhbz#1658198)\n- qemu_hotplug: separate Chr|Lease from other devices in DetachDevice switch (rhbz#1658198)\n- qemu_hotplug: standardize the names/args/calling of qemuDomainDetach*() (rhbz#1658198)\n- qemu_hotplug: rename Chr and Lease Detach functions (rhbz#1658198)\n- qemu_hotplug: new function qemuDomainRemoveAuditDevice() (rhbz#1658198)\n- qemu_hotplug: audit *all* auditable device types in qemuDomainRemoveAuditDevice (rhbz#1658198)\n- qemu_hotplug: consolidate all common detach code in qemuDomainDetachDeviceLive (rhbz#1658198)\n- qemu_hotplug: dont shutdown net device until the guest has released it (rhbz#1658198)\n- qemu_hotplug: delay sending DEVICE_REMOVED event until after *all* teardown (rhbz#1658198)\n- conf: Expose virDomainSCSIDriveAddressIsUsed (rhbz#1692296)\n- qemuhotplugtest: Dont plug a SCSI disk at unit 7 (rhbz#1692296)\n- qemu_hotplug: Check for duplicate drive addresses (rhbz#1692296)\n- qemu: Rework setting process affinity (rhbz#1695434)\n- qemu: Set up EMULATOR thread and cpuset.mems before exec()-ing qemu (rhbz#1695434)\n[4.5.0-12]\n- src: Document autostart for session demon (rhbz#1501450)\n- nwfilter: Add extra verbiage for binding create/delete (rhbz#1609454)\n- qemu: Remove duplicated qemuAgentCheckError (rhbz#1663051, CVE-2019-3840)\n- qemu: require reply from guest agent in qemuAgentGetInterfaces (rhbz#1663051, CVE-2019-3840)\n- virsh: Add missed fields to pool-define-as item entry (rhbz#1615680)\n- qemu: Add entry for balloon stat stat-disk-caches (rhbz#1690122)\n- qemu: Set identity for the reconnect all thread (rhbz#1631622)\n- docs: schemas: Fix missing timestamp inside backingStore (rhbz#1594266)\n- storage: Remove secretPath from _virStorageBackendQemuImgInfo (rhbz#1613737)\n- storage: Allow for inputvol to have any format for encryption (rhbz#1613737)\n- storage: Allow inputvol to be encrypted (rhbz#1613737)\n- virsh: man: Document quirks of device-detach and friends (rhbz#1688961)\n- virsh: man: Document asynchronous behaviour of detach-device-alias (rhbz#1688961)\n- access: Modify the VIR_ERR_ACCESS_DENIED to include driverName (rhbz#1631606)\n- qemu: Put format=raw onto cmd line for SCSI passthrough (rhbz#1632833)\n- virnwfilterbindingobj: Introduce and use virNWFilterBindingObjStealDef (rhbz#1686927)\n- logging: ensure pending I/O is drained before reading position (rhbz#1660531)\n- conf: Fix check for chardev source path (rhbz#1609720)\n- util: skip RDMA detection for non-PCI network devices (rhbz#1639258)\n- qemu: Set job statsType for external memory snapshot (rhbz#1690703)\n- virsh: Strip XML declaration when extracting CPU XMLs (rhbz#1592737)\n- virsh: Require explicit --domain for domxml-to-native (rhbz#1633077)\n[4.5.0-11]\n- security: dac: also label listen UNIX sockets (rhbz#1633389)\n- qemu: fix up permissions for pre-created UNIX sockets (rhbz#1633389)\n- virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1632711)\n- virfile: fix cast-align error (rhbz#1632711)\n- virfiletest: Fix test name prefix for virFileInData test (rhbz#1632711)\n- virfiletst: Test virFileIsSharedFS (rhbz#1632711)\n- virFileIsSharedFSType: Detect direct mount points (rhbz#1632711)\n- virfile: Rework virFileIsSharedFixFUSE (rhbz#1632711)\n- virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1640465)\n- qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1612943)\n- qemu: Report more appropriate running reasons (rhbz#1612943)\n- qemu: Pass running reason to RESUME event handler (rhbz#1612943)\n- qemu: Map running reason to resume event detail (rhbz#1612943)\n- qemu: Avoid duplicate resume events and state changes (rhbz#1612943)\n- qemu: Dont ignore resume events (rhbz#1612943)\n- qemu: Fix post-copy migration on the source (rhbz#1647365)\n- RHEL: cpu_map: Mark arch-facilities feature as non-migratable (rhbz#1658406)\n- virfile: Detect ceph as shared FS (rhbz#1665553)\n- util: Dont overflow in virRandomBits (rhbz#1652894)\n- virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1652894)\n- RHEL: spec: Require new enough librbd1 (rhbz#1658652)\n- cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1558558)\n- cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1558558)\n- cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1558558)\n- cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1558558)\n- cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1558558)\n- cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1558558)\n- cpu_x86: Add x86ModelCopySignatures helper (rhbz#1558558)\n- cpu_x86: Store CPU signature in an array (rhbz#1558558)\n- cpu_x86: Allow multiple signatures for a CPU model (rhbz#1558558)\n- cpu_map: Add hex representation of signatures (rhbz#1558558)\n- cpu_map: Add more signatures for Conroe CPU model (rhbz#1558558)\n- cpu_map: Add more signatures for Penryn CPU model (rhbz#1558558)\n- cpu_map: Add more signatures for Nehalem CPU models (rhbz#1558558)\n- cpu_map: Add more signatures for Westmere CPU model (rhbz#1558558)\n- cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1558558)\n- cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1558558)\n- cpu_map: Add more signatures for Haswell CPU models (rhbz#1558558)\n- cpu_map: Add more signatures for Broadwell CPU models (rhbz#1558558)\n- cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1558558)\n- cpu: Dont access invalid memory in virCPUx86Translate (rhbz#1558558)\n- cpu_x86: Log decoded CPU model and signatures (rhbz#1558558)\n- util: Modify virStorageFileGetSCSIKey return (rhbz#1657468)\n- storage: Rework virStorageBackendSCSISerial (rhbz#1657468)\n- util: Introduce virStorageFileGetNPIVKey (rhbz#1657468)\n- storage: Fetch a unique key for vHBA/NPIV LUNs (rhbz#1657468)\n- RHEL: qemu: Alter @val usage in qemuSetUnprivSGIO (rhbz#1656360)\n- RHEL: qemu: Alter qemuSetUnprivSGIO hostdev shareable logic (rhbz#1656360)\n- qemu: Filter non SCSI hostdevs in qemuHostdevPrepareSCSIDevices (rhbz#1665474)\n- qemu: Fix logic error in qemuSetUnprivSGIO (rhbz#1669581)\n- qemu: Fix crash trying to use iSCSI hostdev (rhbz#1669586)", "edition": 1, "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "ELSA-2019-2294", "href": "http://linux.oracle.com/errata/ELSA-2019-2294.html", "title": "libvirt security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}