DATABASE RESOURCES PRICING ABOUT US

{"id": "VERACODE:28398", "vendorId": null, "type": "veracode", "bulletinFamily": "software", "title": "Denial Of Service (DoS)", "description": "qemu is vulnerable to denial of service (DoS). The vulnerability exists in `hw/pci/msix.c`, allowing a malicious user to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. \n", "published": "2020-12-06T04:23:32", "modified": "2020-12-14T22:41:36", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 4.6}, "severity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 0.8, "impactScore": 5.9}, "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-28398/summary", "reporter": "Veracode Vulnerability Database", "references": ["https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html", "https://security-tracker.debian.org/tracker/CVE-2020-13754", "https://www.debian.org/security/2020/dsa-4728", "https://security.gentoo.org/glsa/202011-09", "https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00004.html", "https://security.netapp.com/advisory/ntap-20200608-0007/", "http://www.openwall.com/lists/oss-security/2020/06/01/6", "http://www.openwall.com/lists/oss-security/2020/06/15/8", "https://usn.ubuntu.com/4467-1/"], "cvelist": ["CVE-2020-13754"], "immutableFields": [], "lastseen": "2022-07-26T16:43:22", "viewCount": 2, "enchantments": {"score": {"value": 3.6, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2021:3061"]}, {"type": "cve", "idList": ["CVE-2020-13754"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2288-1:30AC1", "DEBIAN:DLA-2288-1:E9E8F", "DEBIAN:DSA-4728-1:DBA83", "DEBIAN:DSA-4733-1:89986"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-13754"]}, {"type": "f5", "idList": ["F5:K61547155"]}, {"type": "gentoo", "idList": ["GLSA-202011-09"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-3061.NASL", "DEBIAN_DLA-2288.NASL", "DEBIAN_DSA-4728.NASL", "DEBIAN_DSA-4733.NASL", "EULEROS_SA-2020-2531.NASL", "EULEROS_SA-2021-1735.NASL", "EULEROS_SA-2021-1763.NASL", "EULEROS_SA-2021-2011.NASL", "EULEROS_SA-2021-2046.NASL", "EULEROS_SA-2021-2855.NASL", "EULEROS_SA-2022-1014.NASL", "EULEROS_SA-2022-1034.NASL", "GENTOO_GLSA-202011-09.NASL", "ORACLELINUX_ELSA-2021-3061.NASL", "ORACLELINUX_ELSA-2021-9034.NASL", "REDHAT-RHSA-2021-2521.NASL", "REDHAT-RHSA-2021-3061.NASL", "ROCKY_LINUX_RLSA-2021-3061.NASL", "SUSE_SU-2021-1829-1.NASL", "SUSE_SU-2021-1894-1.NASL", "SUSE_SU-2021-1895-1.NASL", "SUSE_SU-2021-1947-1.NASL", "UBUNTU_USN-4467-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704728"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-3061", "ELSA-2021-9034"]}, {"type": "osv", "idList": ["OSV:DLA-2288-1", "OSV:DSA-4728-1", "OSV:DSA-4733-1"]}, {"type": "redhat", "idList": ["RHSA-2021:2521", "RHSA-2021:3061"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-13754"]}, {"type": "rocky", "idList": ["RLSA-2021:3061"]}, {"type": "ubuntu", "idList": ["USN-4467-1", "USN-4467-2", "USN-4467-3"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-13754"]}]}, "epss": [{"cve": "CVE-2020-13754", "epss": "0.000450000", "percentile": "0.120110000", "modified": "2023-03-19"}], "vulnersScore": 3.6}, "_state": {"score": 1659991872, "dependencies": 1659988328, "affected_software_major_version": 1666695388, "epss": 1679301451}, "_internal": {"score_hash": "ab169f63c4129404925cd89da4501100"}, "affectedSoftware": [{"version": "1:2.8+dfsg-6+deb9u9", "operator": "eq", "name": "qemu:stretch"}, {"version": "4.2.0-r2", "operator": "eq", "name": "qemu:edge"}]}

{"ubuntucve": [{"lastseen": "2022-08-04T13:28:48", "description": "hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an\nout-of-bounds access via a crafted address in an msi-x mmio operation.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | the fix for this issue introduced a regression, see: https://bugs.launchpad.net/qemu/+bug/1886318\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-02T00:00:00", "type": "ubuntucve", "title": "CVE-2020-13754", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754"], "modified": "2020-06-02T00:00:00", "id": "UB:CVE-2020-13754", "href": "https://ubuntu.com/security/CVE-2020-13754", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-02-09T15:03:32", "description": "hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-02T14:15:00", "type": "cve", "title": "CVE-2020-13754", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754"], "modified": "2020-12-14T20:31:00", "cpe": ["cpe:/a:qemu:qemu:5.0.1", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:20.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "CVE-2020-13754", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13754", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "cpe:2.3:a:qemu:qemu:5.0.1:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2023-01-26T15:27:09", "description": "## Releases\n\n * Ubuntu 20.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 LTS\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * qemu \\- Machine emulator and virtualizer\n\nUSN-4467-1 fixed vulnerabilities in QEMU. The fix for CVE-2020-13754 \nintroduced a regression in certain environments. This update fixes the \nproblem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nRen Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko \ndiscovered that the QEMU incorrectly handled certain msi-x mmio operations. \nAn attacker inside a guest could possibly use this issue to cause QEMU to \ncrash, resulting in a denial of service. (CVE-2020-13754)\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-22T00:00:00", "type": "ubuntu", "title": "QEMU regression", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754"], "modified": "2021-02-22T00:00:00", "id": "USN-4467-3", "href": "https://ubuntu.com/security/notices/USN-4467-3", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T15:27:43", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * qemu \\- Machine emulator and virtualizer\n\nUSN-4467-1 fixed several vulnerabilities in QEMU. This update provides \nthe corresponding update for Ubuntu 14.04 ESM.\n\nOriginal advisory details:\n\nIt was discovered that the QEMU SD memory card implementation incorrectly \nhandled certain memory operations. An attacker inside a guest could \npossibly use this issue to cause QEMU to crash, resulting in a denial of \nservice. (CVE-2020-13253)\n\nRen Ding and Hanqing Zhao discovered that the QEMU ES1370 audio driver \nincorrectly handled certain invalid frame counts. An attacker inside a \nguest could possibly use this issue to cause QEMU to crash, resulting in a \ndenial of service. (CVE-2020-13361)\n\nRen Ding and Hanqing Zhao discovered that the QEMU MegaRAID SAS SCSI driver \nincorrectly handled certain memory operations. An attacker inside a guest \ncould possibly use this issue to cause QEMU to crash, resulting in a denial \nof service. (CVE-2020-13362)\n\nAlexander Bulekov discovered that QEMU MegaRAID SAS SCSI driver incorrectly \nhandled certain memory space operations. An attacker inside a guest could \npossibly use this issue to cause QEMU to crash, resulting in a denial of \nservice. (CVE-2020-13659)\n\nRen Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko \ndiscovered that the QEMU incorrectly handled certain msi-x mmio operations. \nAn attacker inside a guest could possibly use this issue to cause QEMU to \ncrash, resulting in a denial of service. (CVE-2020-13754)\n\nZiming Zhang, Xiao Wei, Gonglei Arei and Yanyu Zhang discovered that \nQEMU incorrectly handled certain USB packets. An attacker could possibly \nuse this to expose sensitive information or execute arbitrary code. \n(CVE-2020-14364)\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-02T00:00:00", "type": "ubuntu", "title": "QEMU vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13253", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754", "CVE-2020-14364"], "modified": "2021-02-02T00:00:00", "id": "USN-4467-2", "href": "https://ubuntu.com/security/notices/USN-4467-2", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T15:34:36", "description": "## Releases\n\n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 LTS\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * qemu \\- Machine emulator and virtualizer\n\nZiming Zhang and VictorV discovered that the QEMU SLiRP networking \nimplementation incorrectly handled replying to certain ICMP echo requests. \nAn attacker inside a guest could possibly use this issue to leak host \nmemory to obtain sensitive information. This issue only affected Ubuntu \n18.04 LTS. (CVE-2020-10756)\n\nEric Blake and Xueqiang Wei discovered that the QEMU NDB implementation \nincorrectly handled certain requests. A remote attacker could possibly use \nthis issue to cause QEMU to crash, resulting in a denial of service. This \nissue only affected Ubuntu 20.04 LTS. (CVE-2020-10761)\n\nZiming Zhang discovered that the QEMU SM501 graphics driver incorrectly \nhandled certain operations. An attacker inside a guest could use this issue \nto cause QEMU to crash, resulting in a denial of service, or possibly \nexecute arbitrary code. (CVE-2020-12829)\n\nIt was discovered that the QEMU SD memory card implementation incorrectly \nhandled certain memory operations. An attacker inside a guest could \npossibly use this issue to cause QEMU to crash, resulting in a denial of \nservice. (CVE-2020-13253)\n\nRen Ding and Hanqing Zhao discovered that the QEMU ES1370 audio driver \nincorrectly handled certain invalid frame counts. An attacker inside a \nguest could possibly use this issue to cause QEMU to crash, resulting in a \ndenial of service. (CVE-2020-13361)\n\nRen Ding and Hanqing Zhao discovered that the QEMU MegaRAID SAS SCSI driver \nincorrectly handled certain memory operations. An attacker inside a guest \ncould possibly use this issue to cause QEMU to crash, resulting in a denial \nof service. (CVE-2020-13362)\n\nAlexander Bulekov discovered that QEMU MegaRAID SAS SCSI driver incorrectly \nhandled certain memory space operations. An attacker inside a guest could \npossibly use this issue to cause QEMU to crash, resulting in a denial of \nservice. (CVE-2020-13659)\n\nRen Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko \ndiscovered that the QEMU incorrectly handled certain msi-x mmio operations. \nAn attacker inside a guest could possibly use this issue to cause QEMU to \ncrash, resulting in a denial of service. (CVE-2020-13754)\n\nIt was discovered that QEMU incorrectly handled certain memory copy \noperations when loading ROM contents. If a user were tricked into running \nan untrusted kernel image, a remote attacker could possibly use this issue \nto run arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu \n18.04 LTS. (CVE-2020-13765)\n\nRen Ding, Hanqing Zhao, and Yi Ren discovered that the QEMU ATI video \ndriver incorrectly handled certain index values. An attacker inside a guest \ncould possibly use this issue to cause QEMU to crash, resulting in a denial \nof service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-13800)\n\nZiming Zhang discovered that the QEMU OSS audio driver incorrectly handled \ncertain operations. An attacker inside a guest could possibly use this \nissue to cause QEMU to crash, resulting in a denial of service. This issue \nonly affected Ubuntu 20.04 LTS. (CVE-2020-14415)\n\nZiming Zhang discovered that the QEMU XGMAC Ethernet controller incorrectly \nhandled packet transmission. An attacker inside a guest could use this \nissue to cause QEMU to crash, resulting in a denial of service, or possibly \nexecute arbitrary code. (CVE-2020-15863)\n\nZiming Zhang discovered that the QEMU e1000e Ethernet controller \nincorrectly handled packet processing. An attacker inside a guest could \npossibly use this issue to cause QEMU to crash, resulting in a denial of \nservice. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. \n(CVE-2020-16092)\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-08-19T00:00:00", "type": "ubuntu", "title": "QEMU vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10756", "CVE-2020-10761", "CVE-2020-12829", "CVE-2020-13253", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754", "CVE-2020-13765", "CVE-2020-13800", "CVE-2020-14415", "CVE-2020-15863", "CVE-2020-16092"], "modified": "2020-08-19T00:00:00", "id": "USN-4467-1", "href": "https://ubuntu.com/security/notices/USN-4467-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2023-03-08T20:19:53", "description": "An out-of-bounds access flaw was found in the Message Signalled Interrupt (MSI-X) device support of QEMU. This issue occurs while performing MSI-X mmio operations when a guest sent address goes beyond the mmio region. A guest user or process may use this flaw to crash the QEMU process resulting in a denial of service.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-01T18:20:19", "type": "redhatcve", "title": "CVE-2020-13754", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754"], "modified": "2023-03-08T19:45:54", "id": "RH:CVE-2020-13754", "href": "https://access.redhat.com/security/cve/cve-2020-13754", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-03-26T06:09:33", "description": "hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-02T14:15:00", "type": "debiancve", "title": "CVE-2020-13754", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754"], "modified": "2020-06-02T14:15:00", "id": "DEBIANCVE:CVE-2020-13754", "href": "https://security-tracker.debian.org/tracker/CVE-2020-13754", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:35:55", "description": "The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n* qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-06-22T13:35:00", "type": "redhat", "title": "(RHSA-2021:2521) Moderate: virt:8.2 and virt-devel:8.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2021-20221"], "modified": "2021-06-22T14:06:55", "id": "RHSA-2021:2521", "href": "https://access.redhat.com/errata/RHSA-2021:2521", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:37:25", "description": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n* hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504)\n\n* QEMU: net: an assert failure via eth_get_gso_type (CVE-2020-27617)\n\n* QEMU: net: infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n* qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* cannot restart default network and firewalld: iptables: No chain/target/match by that name. (BZ#1958301)\n\n* RHEL8.4 Nightly[0322] - KVM guest fails to find zipl boot menu index (qemu-kvm) (BZ#1975679)", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-10T11:58:46", "type": "redhat", "title": "(RHSA-2021:3061) Moderate: virt:rhel and virt-devel:rhel security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-27617", "CVE-2021-20221", "CVE-2021-3416", "CVE-2021-3504"], "modified": "2021-08-10T13:02:05", "id": "RHSA-2021:3061", "href": "https://access.redhat.com/errata/RHSA-2021:3061", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}], "nessus": [{"lastseen": "2023-01-24T14:48:41", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2521 advisory.\n\n - QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n - qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-27T00:00:00", "type": "nessus", "title": "RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:2521)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2021-20221"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:SLOF", "p-cpe:/a:redhat:enterprise_linux:hivex", "p-cpe:/a:redhat:enterprise_linux:hivex-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs", "p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking", "p-cpe:/a:redhat:enterprise_linux:libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c", "p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport", "p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs", "p-cpe:/a:redhat:enterprise_linux:libiscsi", "p-cpe:/a:redhat:enterprise_linux:libiscsi-devel", "p-cpe:/a:redhat:enterprise_linux:libiscsi-utils", "p-cpe:/a:redhat:enterprise_linux:libnbd", "p-cpe:/a:redhat:enterprise_linux:libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:libtpms", "p-cpe:/a:redhat:enterprise_linux:libtpms-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-admin", "p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-dbus", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss", "p-cpe:/a:redhat:enterprise_linux:lua-guestfs", "p-cpe:/a:redhat:enterprise_linux:nbdfuse", "p-cpe:/a:redhat:enterprise_linux:nbdkit", "p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-devel", "p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-server", "p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter", "p-cpe:/a:redhat:enterprise_linux:netcf", "p-cpe:/a:redhat:enterprise_linux:netcf-devel", "p-cpe:/a:redhat:enterprise_linux:netcf-libs", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt", "p-cpe:/a:redhat:enterprise_linux:perl-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-libguestfs", "p-cpe:/a:redhat:enterprise_linux:python3-libnbd", "p-cpe:/a:redhat:enterprise_linux:python3-libvirt", "p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi", "p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent", "p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests", "p-cpe:/a:redhat:enterprise_linux:ruby-hivex", "p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs", "p-cpe:/a:redhat:enterprise_linux:seabios", "p-cpe:/a:redhat:enterprise_linux:seabios-bin", "p-cpe:/a:redhat:enterprise_linux:seavgabios-bin", "p-cpe:/a:redhat:enterprise_linux:sgabios", "p-cpe:/a:redhat:enterprise_linux:sgabios-bin", "p-cpe:/a:redhat:enterprise_linux:supermin", "p-cpe:/a:redhat:enterprise_linux:supermin-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm", "p-cpe:/a:redhat:enterprise_linux:swtpm-devel", "p-cpe:/a:redhat:enterprise_linux:swtpm-libs", "p-cpe:/a:redhat:enterprise_linux:swtpm-tools", "p-cpe:/a:redhat:enterprise_linux:virglrenderer", "p-cpe:/a:redhat:enterprise_linux:virglrenderer-devel", "p-cpe:/a:redhat:enterprise_linux:virglrenderer-test-server", "p-cpe:/a:redhat:enterprise_linux:virt-dib", "p-cpe:/a:redhat:enterprise_linux:virt-v2v"], "id": "REDHAT-RHSA-2021-2521.NASL", "href": "https://www.tenable.com/plugins/nessus/151018", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2521. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151018);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2020-13754\", \"CVE-2021-20221\");\n script_xref(name:\"RHSA\", value:\"2021:2521\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n\n script_name(english:\"RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:2521)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2521 advisory.\n\n - QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n - qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1842363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1924601\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(125, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtpms-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:swtpm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virglrenderer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virglrenderer-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virglrenderer-test-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'virt-devel:8.2': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.2.0+5590+82cd80df', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-0.7.0-1.20191018gitdc116933b7.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtpms-devel-0.7.0-1.20191018gitdc116933b7.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-20.module+el8.2.0+5588+63a201c3', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.2.0+5488+267def79', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.2.0+5644+32ac38d4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.2.0+5453+31b2b136', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.2.0+4793+b09dd2fb', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'swtpm-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-devel-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-libs-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'swtpm-tools-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virglrenderer-0.8.2-1.module+el8.2.0+5777+d9c2af8c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virglrenderer-devel-0.8.2-1.module+el8.2.0+5777+d9c2af8c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virglrenderer-test-server-0.8.2-1.module+el8.2.0+5777+d9c2af8c', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ],\n 'virt:8.2': [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/debug',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/os',\n 'content/dist/layered/rhel8/aarch64/advanced-virt/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt-crb/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/debug',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/os',\n 'content/dist/layered/rhel8/x86_64/advanced-virt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-24.module+el8.2.1+7154+47ffd890', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-24.module+el8.2.1+7154+47ffd890', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-25.5.module+el8.2.1+8680+ea98947b', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.2.1+6710+effcb1df', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-pyvmomi-6.7.1-7.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-29.module+el8.2.1+11280+70ae3d73.8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.2.1+7284+aa32a2c4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.2.1+7284+aa32a2c4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.2.1+7284+aa32a2c4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module+el8.2.0+5449+efc036dd', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.2.0+4793+b09dd2fb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-24.module+el8.2.1+7154+47ffd890', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-24.module+el8.2.1+7154+47ffd890', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:8.2 / virt:8.2');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:17:29", "description": "It was discovered that incorrect memory handling in the SLIRP networking implementation could result in denial of service or potentially the execution of arbitrary code.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.4}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "Debian DSA-4733-1 : qemu - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-8608"], "modified": "2020-11-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:qemu", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4733.NASL", "href": "https://www.tenable.com/plugins/nessus/138914", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4733. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138914);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-8608\");\n script_xref(name:\"DSA\", value:\"4733\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n\n script_name(english:\"Debian DSA-4733-1 : qemu - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that incorrect memory handling in the SLIRP\nnetworking implementation could result in denial of service or\npotentially the execution of arbitrary code.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-13754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/qemu\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/qemu\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2020/dsa-4733\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the qemu packages.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1:3.1+dfsg-8+deb10u7. In addition this update fixes a\nregression caused by the patch for CVE-2020-13754, which could lead to\nstartup failures in some Xen setups.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8608\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"qemu\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-block-extra\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-guest-agent\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-kvm\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-arm\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-common\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-data\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-gui\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-mips\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-misc\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-ppc\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-sparc\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-x86\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-user\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-user-binfmt\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-user-static\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-utils\", reference:\"1:3.1+dfsg-8+deb10u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:54:51", "description": "According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system (for example a PC), including a processor and various peripherials. It can be used to launch different Operating Systems without rebooting the PC or to debug system code. * User mode emulation. In this mode, QEMU can launch Linux processes compiled for one CPU on another CPU. As QEMU requires no host kernel patches to run, it is safe and easy to use.Security Fix(es):In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/ net/ net_tx_pkt.c.(CVE-2020-16092)hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.(CVE-2020-13754)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-14T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : qemu (EulerOS-SA-2020-2531)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-16092"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qemu-img", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2531.NASL", "href": "https://www.tenable.com/plugins/nessus/144161", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144161);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-13754\",\n \"CVE-2020-16092\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : qemu (EulerOS-SA-2020-2531)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qemu package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - QEMU is a generic and open source processor emulator\n which achieves a good emulation speed by using dynamic\n translation. QEMU has two operating modes: * Full\n system emulation. In this mode, QEMU emulates a full\n system (for example a PC), including a processor and\n various peripherials. It can be used to launch\n different Operating Systems without rebooting the PC or\n to debug system code. * User mode emulation. In this\n mode, QEMU can launch Linux processes compiled for one\n CPU on another CPU. As QEMU requires no host kernel\n patches to run, it is safe and easy to use.Security\n Fix(es):In QEMU through 5.0.0, an assertion failure can\n occur in the network packet processing. This issue\n affects the e1000e and vmxnet3 network devices. A\n malicious guest user/process could use this flaw to\n abort the QEMU process on the host, resulting in a\n denial of service condition in\n net_tx_pkt_add_raw_fragment in hw/ net/\n net_tx_pkt.c.(CVE-2020-16092)hw/pci/msix.c in QEMU\n 4.2.0 allows guest OS users to trigger an out-of-bounds\n access via a crafted address in an msi-x mmio\n operation.(CVE-2020-13754)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2531\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?32764f22\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"qemu-img-3.0.1-3.h9.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-10T19:15:24", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3061 advisory.\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-3416)\n\n - A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat from this vulnerability is to system availability. (CVE-2021-3504)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:3061)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-27617", "CVE-2021-20221", "CVE-2021-3416", "CVE-2021-3504"], "modified": "2022-11-21T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:hivex", "p-cpe:/a:rocky:linux:hivex-debuginfo", "p-cpe:/a:rocky:linux:hivex-debugsource", "p-cpe:/a:rocky:linux:hivex-devel", "p-cpe:/a:rocky:linux:libguestfs", "p-cpe:/a:rocky:linux:libguestfs-bash-completion", "p-cpe:/a:rocky:linux:libguestfs-benchmarking", "p-cpe:/a:rocky:linux:libguestfs-benchmarking-debuginfo", "p-cpe:/a:rocky:linux:libguestfs-debuginfo", "p-cpe:/a:rocky:linux:libguestfs-debugsource", "p-cpe:/a:rocky:linux:libguestfs-devel", "p-cpe:/a:rocky:linux:libguestfs-gfs2", "p-cpe:/a:rocky:linux:libguestfs-gobject", "p-cpe:/a:rocky:linux:libguestfs-gobject-debuginfo", "p-cpe:/a:rocky:linux:libguestfs-gobject-devel", "p-cpe:/a:rocky:linux:libguestfs-inspect-icons", "p-cpe:/a:rocky:linux:libguestfs-java", "p-cpe:/a:rocky:linux:libguestfs-java-debuginfo", "p-cpe:/a:rocky:linux:libguestfs-java-devel", "p-cpe:/a:rocky:linux:libguestfs-javadoc", "p-cpe:/a:rocky:linux:libguestfs-man-pages-ja", "p-cpe:/a:rocky:linux:libguestfs-man-pages-uk", "p-cpe:/a:rocky:linux:libguestfs-rescue", "p-cpe:/a:rocky:linux:libguestfs-rsync", "p-cpe:/a:rocky:linux:libguestfs-tools", "p-cpe:/a:rocky:linux:libguestfs-tools-c", "p-cpe:/a:rocky:linux:libguestfs-tools-c-debuginfo", "p-cpe:/a:rocky:linux:libguestfs-xfs", "p-cpe:/a:rocky:linux:libnbd", "p-cpe:/a:rocky:linux:libnbd-debuginfo", "p-cpe:/a:rocky:linux:libnbd-debugsource", "p-cpe:/a:rocky:linux:libnbd-devel", "p-cpe:/a:rocky:linux:libvirt", "p-cpe:/a:rocky:linux:libvirt-admin", "p-cpe:/a:rocky:linux:libvirt-admin-debuginfo", "p-cpe:/a:rocky:linux:libvirt-bash-completion", "p-cpe:/a:rocky:linux:libvirt-client", "p-cpe:/a:rocky:linux:libvirt-client-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon", "p-cpe:/a:rocky:linux:libvirt-daemon-config-network", "p-cpe:/a:rocky:linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:rocky:linux:libvirt-daemon-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-interface", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-network", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-qemu", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-secret", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-core-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-disk-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-gluster-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi-direct-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-logical-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-mpath-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-rbd-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-scsi-debuginfo", "p-cpe:/a:rocky:linux:libvirt-daemon-kvm", "p-cpe:/a:rocky:linux:libvirt-debuginfo", "p-cpe:/a:rocky:linux:libvirt-debugsource", "p-cpe:/a:rocky:linux:libvirt-devel", "p-cpe:/a:rocky:linux:libvirt-docs", "p-cpe:/a:rocky:linux:libvirt-libs", "p-cpe:/a:rocky:linux:libvirt-libs-debuginfo", "p-cpe:/a:rocky:linux:libvirt-lock-sanlock", "p-cpe:/a:rocky:linux:libvirt-lock-sanlock-debuginfo", "p-cpe:/a:rocky:linux:libvirt-nss", "p-cpe:/a:rocky:linux:libvirt-nss-debuginfo", "p-cpe:/a:rocky:linux:libvirt-python-debugsource", "p-cpe:/a:rocky:linux:lua-guestfs", "p-cpe:/a:rocky:linux:lua-guestfs-debuginfo", "p-cpe:/a:rocky:linux:nbdfuse", "p-cpe:/a:rocky:linux:nbdfuse-debuginfo", "p-cpe:/a:rocky:linux:nbdkit", "p-cpe:/a:rocky:linux:nbdkit-bash-completion", "p-cpe:/a:rocky:linux:nbdkit-basic-filters", "p-cpe:/a:rocky:linux:nbdkit-basic-filters-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-basic-plugins", "p-cpe:/a:rocky:linux:nbdkit-basic-plugins-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-curl-plugin", "p-cpe:/a:rocky:linux:nbdkit-curl-plugin-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-debugsource", "p-cpe:/a:rocky:linux:nbdkit-devel", "p-cpe:/a:rocky:linux:nbdkit-example-plugins", "p-cpe:/a:rocky:linux:nbdkit-example-plugins-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-gzip-plugin", "p-cpe:/a:rocky:linux:nbdkit-gzip-plugin-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:rocky:linux:nbdkit-linuxdisk-plugin-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-python-plugin", "p-cpe:/a:rocky:linux:nbdkit-python-plugin-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-server", "p-cpe:/a:rocky:linux:nbdkit-server-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-ssh-plugin", "p-cpe:/a:rocky:linux:nbdkit-ssh-plugin-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-vddk-plugin", "p-cpe:/a:rocky:linux:nbdkit-vddk-plugin-debuginfo", "p-cpe:/a:rocky:linux:nbdkit-xz-filter", "p-cpe:/a:rocky:linux:nbdkit-xz-filter-debuginfo", "p-cpe:/a:rocky:linux:ocaml-hivex", "p-cpe:/a:rocky:linux:ocaml-hivex-debuginfo", "p-cpe:/a:rocky:linux:ocaml-hivex-devel", "p-cpe:/a:rocky:linux:ocaml-libguestfs", "p-cpe:/a:rocky:linux:ocaml-libguestfs-debuginfo", "p-cpe:/a:rocky:linux:ocaml-libguestfs-devel", "p-cpe:/a:rocky:linux:ocaml-libnbd", "p-cpe:/a:rocky:linux:ocaml-libnbd-debuginfo", "p-cpe:/a:rocky:linux:ocaml-libnbd-devel", "p-cpe:/a:rocky:linux:perl-Sys-Guestfs", "p-cpe:/a:rocky:linux:perl-Sys-Guestfs-debuginfo", "p-cpe:/a:rocky:linux:perl-Sys-Virt", "p-cpe:/a:rocky:linux:perl-Sys-Virt-debuginfo", "p-cpe:/a:rocky:linux:perl-Sys-Virt-debugsource", "p-cpe:/a:rocky:linux:perl-hivex", "p-cpe:/a:rocky:linux:perl-hivex-debuginfo", "p-cpe:/a:rocky:linux:python3-hivex", "p-cpe:/a:rocky:linux:python3-hivex-debuginfo", "p-cpe:/a:rocky:linux:python3-libguestfs", "p-cpe:/a:rocky:linux:python3-libguestfs-debuginfo", "p-cpe:/a:rocky:linux:python3-libnbd", "p-cpe:/a:rocky:linux:python3-libnbd-debuginfo", "p-cpe:/a:rocky:linux:python3-libvirt", "p-cpe:/a:rocky:linux:python3-libvirt-debuginfo", "p-cpe:/a:rocky:linux:qemu-guest-agent", "p-cpe:/a:rocky:linux:qemu-guest-agent-debuginfo", "p-cpe:/a:rocky:linux:qemu-img", "p-cpe:/a:rocky:linux:qemu-img-debuginfo", "p-cpe:/a:rocky:linux:qemu-kvm", "p-cpe:/a:rocky:linux:qemu-kvm-block-curl", "p-cpe:/a:rocky:linux:qemu-kvm-block-curl-debuginfo", "p-cpe:/a:rocky:linux:qemu-kvm-block-gluster", "p-cpe:/a:rocky:linux:qemu-kvm-block-gluster-debuginfo", "p-cpe:/a:rocky:linux:qemu-kvm-block-iscsi", "p-cpe:/a:rocky:linux:qemu-kvm-block-iscsi-debuginfo", "p-cpe:/a:rocky:linux:qemu-kvm-block-rbd", "p-cpe:/a:rocky:linux:qemu-kvm-block-rbd-debuginfo", "p-cpe:/a:rocky:linux:qemu-kvm-block-ssh", "p-cpe:/a:rocky:linux:qemu-kvm-block-ssh-debuginfo", "p-cpe:/a:rocky:linux:qemu-kvm-common", "p-cpe:/a:rocky:linux:qemu-kvm-common-debuginfo", "p-cpe:/a:rocky:linux:qemu-kvm-core", "p-cpe:/a:rocky:linux:qemu-kvm-core-debuginfo", "p-cpe:/a:rocky:linux:qemu-kvm-debuginfo", "p-cpe:/a:rocky:linux:qemu-kvm-debugsource", "p-cpe:/a:rocky:linux:qemu-kvm-tests", "p-cpe:/a:rocky:linux:qemu-kvm-tests-debuginfo", "p-cpe:/a:rocky:linux:ruby-hivex", "p-cpe:/a:rocky:linux:ruby-hivex-debuginfo", "p-cpe:/a:rocky:linux:ruby-libguestfs", "p-cpe:/a:rocky:linux:ruby-libguestfs-debuginfo", "p-cpe:/a:rocky:linux:seabios", "p-cpe:/a:rocky:linux:seabios-bin", "p-cpe:/a:rocky:linux:seavgabios-bin", "p-cpe:/a:rocky:linux:sgabios", "p-cpe:/a:rocky:linux:sgabios-bin", "p-cpe:/a:rocky:linux:supermin", "p-cpe:/a:rocky:linux:supermin-debuginfo", "p-cpe:/a:rocky:linux:supermin-debugsource", "p-cpe:/a:rocky:linux:supermin-devel", "p-cpe:/a:rocky:linux:virt-dib", "p-cpe:/a:rocky:linux:virt-dib-debuginfo", "p-cpe:/a:rocky:linux:virt-v2v", "p-cpe:/a:rocky:linux:virt-v2v-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2021-3061.NASL", "href": "https://www.tenable.com/plugins/nessus/157808", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2021:3061.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157808);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\n \"CVE-2020-13754\",\n \"CVE-2020-27617\",\n \"CVE-2021-3416\",\n \"CVE-2021-3504\",\n \"CVE-2021-20221\"\n );\n script_xref(name:\"RLSA\", value:\"2021:3061\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:3061)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2021:3061 advisory.\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest\n can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions\n up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get\n bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the\n host resulting in DoS scenario. (CVE-2021-3416)\n\n - A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds\n check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive)\n file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The\n highest threat from this vulnerability is to system availability. (CVE-2021-3504)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of\n QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an\n interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said\n issue while updating controller state fields and their subsequent processing. A privileged guest user may\n use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2021:3061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1842363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1891668\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1924601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1932827\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1949687\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1958301\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3504\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:hivex-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:hivex-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-benchmarking-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-gobject-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-java-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-tools-c-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libnbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libnbd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-admin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-disk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-gluster-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi-direct-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-logical-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-mpath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-scsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libvirt-python-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:lua-guestfs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdfuse-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-basic-filters-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-basic-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-curl-plugin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-example-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-gzip-plugin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-linuxdisk-plugin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-python-plugin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-ssh-plugin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-vddk-plugin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:nbdkit-xz-filter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ocaml-hivex-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ocaml-libguestfs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ocaml-libnbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perl-Sys-Guestfs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perl-Sys-Virt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perl-Sys-Virt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perl-hivex-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-hivex-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-libguestfs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-libnbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-libvirt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-guest-agent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-img-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-gluster-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-block-ssh-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-common-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:qemu-kvm-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ruby-hivex-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:ruby-libguestfs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:supermin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:supermin-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:virt-dib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:virt-v2v\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:virt-v2v-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-debugsource-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-debugsource-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-debugsource-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-debugsource-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-debugsource-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-javadoc-1.40.2-27.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-1.40.2-27.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-debugsource-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-debugsource-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-debugsource-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-debugsource-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-debugsource-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-debugsource-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-debuginfo-6.0.0-35.1.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-python-debugsource-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-python-debugsource-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-python-debugsource-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-debugsource-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-debugsource-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-debuginfo-1.16.2-4.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-debuginfo-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-debuginfo-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-debuginfo-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-debugsource-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-debugsource-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-debugsource-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-debuginfo-1.2.2-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-debuginfo-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-debuginfo-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-debuginfo-6.0.0-1.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-img-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-img-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-curl-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-curl-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-gluster-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-gluster-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-iscsi-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-iscsi-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-rbd-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-rbd-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-ssh-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-block-ssh-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-common-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-common-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-core-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-core-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-debugsource-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-debugsource-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-debuginfo-4.2.0-48.module+el8.4.0+642+7e26f5e1.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-debuginfo-1.3.18-21.module+el8.4.0+642+7e26f5e1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-1.13.0-2.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.4.0+534+4680a14e', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.4.0+534+4680a14e', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-debuginfo-5.1.19-10.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-debuginfo-5.1.19-10.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-debugsource-5.1.19-10.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-debugsource-5.1.19-10.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-debuginfo-1.40.2-27.module+el8.4.0+534+4680a14e', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hivex / hivex-debuginfo / hivex-debugsource / hivex-devel / libguestfs / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-02-11T14:36:23", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3061 advisory.\n\n - QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n - QEMU: net: an assert failure via eth_get_gso_type (CVE-2020-27617)\n\n - qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\n - QEMU: net: Infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n - hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-11T00:00:00", "type": "nessus", "title": "CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:3061)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-27617", "CVE-2021-20221", "CVE-2021-3416", "CVE-2021-3504"], "modified": "2023-02-08T00:00:00", "cpe": ["p-cpe:2.3:a:centos:centos:libvirt:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-client:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-lock-sanlock:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-java:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-java-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-javadoc:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-tools:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-tools-c:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:ocaml-libguestfs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:ocaml-libguestfs-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:perl-sys-guestfs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:ruby-libguestfs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:hivex:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:hivex-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:ocaml-hivex:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:ocaml-hivex-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:perl-hivex:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:ruby-hivex:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-config-network:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-config-nwfilter:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-interface:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-network:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-nodedev:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-nwfilter:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-qemu:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-secret:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-kvm:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-docs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:netcf:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:netcf-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:netcf-libs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-nss:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-admin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage-core:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage-disk:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage-gluster:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage-iscsi:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage-logical:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage-mpath:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage-rbd:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage-scsi:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-libs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-bash-completion:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-winsupport:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-bash-completion:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-gfs2:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-gobject:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-gobject-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-inspect-icons:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-man-pages-ja:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-man-pages-uk:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-rescue:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-rsync:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-xfs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:lua-guestfs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:virt-dib:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:virt-v2v:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-basic-plugins:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-example-plugins:*:*:*:*:*:*:*", "cpe:2.3:o:centos:centos:8:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:slof:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libguestfs-benchmarking:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libiscsi:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libiscsi-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libiscsi-utils:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-dbus:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-bash-completion:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:perl-sys-virt:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:python3-hivex:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:python3-libguestfs:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:python3-libvirt:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:seabios:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:seabios-bin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:seavgabios-bin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:sgabios:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:sgabios-bin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:supermin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:supermin-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libnbd:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libnbd-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:libvirt-daemon-driver-storage-iscsi-direct:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdfuse:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-basic-filters:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-curl-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-gzip-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-linuxdisk-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-python-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-server:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-ssh-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-vddk-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:nbdkit-xz-filter:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:ocaml-libnbd:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:ocaml-libnbd-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:centos:centos:python3-libnbd:*:*:*:*:*:*:*"], "id": "CENTOS8_RHSA-2021-3061.NASL", "href": "https://www.tenable.com/plugins/nessus/152461", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:3061. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152461);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2020-13754\",\n \"CVE-2020-27617\",\n \"CVE-2021-3416\",\n \"CVE-2021-3504\",\n \"CVE-2021-20221\"\n );\n script_xref(name:\"RHSA\", value:\"2021:3061\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n\n script_name(english:\"CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:3061)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:3061 advisory.\n\n - QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n - QEMU: net: an assert failure via eth_get_gso_type (CVE-2020-27617)\n\n - qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\n - QEMU: net: Infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n - hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3061\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3504\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-v2v\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/virt-devel');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\nif ('rhel' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt-devel:' + module_ver);\n\nvar appstreams = {\n 'virt-devel:rhel': [\n {'reference':'hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-javadoc-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-javadoc-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-21.module_el8.4.0+885+5e18b468', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module_el8.1.0+248+298dec18', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module_el8.1.0+248+298dec18', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'SLOF-20191022-3.git899d9883.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-10.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-10.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module_el8.3.0+555+a55c8938', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module_el8.3.0+555+a55c8938', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-1.40.2-27.module_el8.4.0+783+f8734d30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-01-24T14:50:54", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3061 advisory.\n\n - QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n - QEMU: net: an assert failure via eth_get_gso_type (CVE-2020-27617)\n\n - qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\n - QEMU: net: Infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n - hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-11T00:00:00", "type": "nessus", "title": "RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:3061)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-27617", "CVE-2021-20221", "CVE-2021-3416", "CVE-2021-3504"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:SLOF", "p-cpe:/a:redhat:enterprise_linux:hivex", "p-cpe:/a:redhat:enterprise_linux:hivex-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs", "p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking", "p-cpe:/a:redhat:enterprise_linux:libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject", "p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java", "p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel", "p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja", "p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue", "p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools", "p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c", "p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport", "p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs", "p-cpe:/a:redhat:enterprise_linux:libiscsi", "p-cpe:/a:redhat:enterprise_linux:libiscsi-devel", "p-cpe:/a:redhat:enterprise_linux:libiscsi-utils", "p-cpe:/a:redhat:enterprise_linux:libnbd", "p-cpe:/a:redhat:enterprise_linux:libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-admin", "p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion", "p-cpe:/a:redhat:enterprise_linux:libvirt-client", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm", "p-cpe:/a:redhat:enterprise_linux:libvirt-dbus", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-docs", "p-cpe:/a:redhat:enterprise_linux:libvirt-libs", "p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock", "p-cpe:/a:redhat:enterprise_linux:libvirt-nss", "p-cpe:/a:redhat:enterprise_linux:lua-guestfs", "p-cpe:/a:redhat:enterprise_linux:nbdfuse", "p-cpe:/a:redhat:enterprise_linux:nbdkit", "p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters", "p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-devel", "p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins", "p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-server", "p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin", "p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter", "p-cpe:/a:redhat:enterprise_linux:netcf", "p-cpe:/a:redhat:enterprise_linux:netcf-devel", "p-cpe:/a:redhat:enterprise_linux:netcf-libs", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex", "p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs", "p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd", "p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs", "p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt", "p-cpe:/a:redhat:enterprise_linux:perl-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-hivex", "p-cpe:/a:redhat:enterprise_linux:python3-libguestfs", "p-cpe:/a:redhat:enterprise_linux:python3-libnbd", "p-cpe:/a:redhat:enterprise_linux:python3-libvirt", "p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent", "p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests", "p-cpe:/a:redhat:enterprise_linux:ruby-hivex", "p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs", "p-cpe:/a:redhat:enterprise_linux:seabios", "p-cpe:/a:redhat:enterprise_linux:seabios-bin", "p-cpe:/a:redhat:enterprise_linux:seavgabios-bin", "p-cpe:/a:redhat:enterprise_linux:sgabios", "p-cpe:/a:redhat:enterprise_linux:sgabios-bin", "p-cpe:/a:redhat:enterprise_linux:supermin", "p-cpe:/a:redhat:enterprise_linux:supermin-devel", "p-cpe:/a:redhat:enterprise_linux:virt-dib", "p-cpe:/a:redhat:enterprise_linux:virt-v2v"], "id": "REDHAT-RHSA-2021-3061.NASL", "href": "https://www.tenable.com/plugins/nessus/152445", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3061. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152445);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-13754\",\n \"CVE-2020-27617\",\n \"CVE-2021-3416\",\n \"CVE-2021-3504\",\n \"CVE-2021-20221\"\n );\n script_xref(name:\"RHSA\", value:\"2021:3061\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n\n script_name(english:\"RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:3061)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:3061 advisory.\n\n - QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n - QEMU: net: an assert failure via eth_get_gso_type (CVE-2020-27617)\n\n - qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\n - QEMU: net: Infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n - hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3416\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3504\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1842363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1891668\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1924601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1932827\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1949687\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3504\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(125, 617, 787, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:virt-v2v\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'virt-devel:rhel': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+10770+19c037f9', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+10770+19c037f9', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7353+9de0a3cc', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+6423+e4cb6418', 'cpu':'i686', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+10770+19c037f9', 'cpu':'i686', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'cpu':'i686', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ],\n 'virt:rhel': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'sp':'4', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'sp':'4', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.3.0+6922+fd575af8', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-27.module+el8.4.0+9282+0bdec052', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.module+el8.4.0+9282+0bdec052', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.1.module+el8.4.0+11273+64eb94ef', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdkit-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.module+el8.3.0+6922+fd575af8', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.module+el8.3.0+6922+fd575af8', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+11909+3300d70f.3', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.3.0+7353+9de0a3cc', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.1.0+4066+0f1aadab', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20191022-3.git899d9883.module+el8.3.0+6423+e4cb6418', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+6423+e4cb6418', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.module+el8.4.0+9282+0bdec052', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-27.module+el8.4.0+9282+0bdec052', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel / virt:rhel');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-01-11T15:16:58", "description": "Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-20T00:00:00", "type": "nessus", "title": "Debian DSA-4728-1 : qemu - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10756", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754"], "modified": "2020-11-09T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:qemu", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4728.NASL", "href": "https://www.tenable.com/plugins/nessus/138648", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4728. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138648);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/09\");\n\n script_cve_id(\"CVE-2020-10756\", \"CVE-2020-13361\", \"CVE-2020-13362\", \"CVE-2020-13659\", \"CVE-2020-13754\");\n script_xref(name:\"DSA\", value:\"4728\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n\n script_name(english:\"Debian DSA-4728-1 : qemu - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in QEMU, a fast processor\nemulator, which could result in denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961888\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/qemu\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/qemu\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4728\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the qemu packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 1:3.1+dfsg-8+deb10u6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13754\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"qemu\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-block-extra\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-guest-agent\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-kvm\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-arm\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-common\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-data\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-gui\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-mips\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-misc\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-ppc\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-sparc\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-system-x86\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-user\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-user-binfmt\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-user-static\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"qemu-utils\", reference:\"1:3.1+dfsg-8+deb10u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:22", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3061 advisory.\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\n - A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat from this vulnerability is to system availability. (CVE-2021-3504)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-3416)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-13T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2021-3061)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-27617", "CVE-2021-20221", "CVE-2021-3416", "CVE-2021-3504"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:hivex", "p-cpe:/a:oracle:linux:hivex-devel", "p-cpe:/a:oracle:linux:libguestfs", "p-cpe:/a:oracle:linux:libguestfs-bash-completion", "p-cpe:/a:oracle:linux:libguestfs-benchmarking", "p-cpe:/a:oracle:linux:libguestfs-devel", "p-cpe:/a:oracle:linux:libguestfs-gfs2", "p-cpe:/a:oracle:linux:libguestfs-gobject", "p-cpe:/a:oracle:linux:libguestfs-gobject-devel", "p-cpe:/a:oracle:linux:libguestfs-inspect-icons", "p-cpe:/a:oracle:linux:libguestfs-java", "p-cpe:/a:oracle:linux:libguestfs-java-devel", "p-cpe:/a:oracle:linux:libguestfs-javadoc", "p-cpe:/a:oracle:linux:libguestfs-man-pages-ja", "p-cpe:/a:oracle:linux:libguestfs-man-pages-uk", "p-cpe:/a:oracle:linux:libguestfs-rescue", "p-cpe:/a:oracle:linux:libguestfs-rsync", "p-cpe:/a:oracle:linux:libguestfs-tools", "p-cpe:/a:oracle:linux:libguestfs-tools-c", "p-cpe:/a:oracle:linux:libguestfs-winsupport", "p-cpe:/a:oracle:linux:libguestfs-xfs", "p-cpe:/a:oracle:linux:libiscsi", "p-cpe:/a:oracle:linux:libiscsi-devel", "p-cpe:/a:oracle:linux:libiscsi-utils", "p-cpe:/a:oracle:linux:libnbd", "p-cpe:/a:oracle:linux:libnbd-devel", "p-cpe:/a:oracle:linux:libvirt", "p-cpe:/a:oracle:linux:libvirt-admin", "p-cpe:/a:oracle:linux:libvirt-bash-completion", "p-cpe:/a:oracle:linux:libvirt-client", "p-cpe:/a:oracle:linux:libvirt-daemon", "p-cpe:/a:oracle:linux:libvirt-daemon-config-network", "p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-network", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:oracle:linux:libvirt-daemon-kvm", "p-cpe:/a:oracle:linux:libvirt-dbus", "p-cpe:/a:oracle:linux:libvirt-devel", "p-cpe:/a:oracle:linux:libvirt-docs", "p-cpe:/a:oracle:linux:libvirt-libs", "p-cpe:/a:oracle:linux:libvirt-lock-sanlock", "p-cpe:/a:oracle:linux:libvirt-nss", "p-cpe:/a:oracle:linux:lua-guestfs", "p-cpe:/a:oracle:linux:nbdfuse", "p-cpe:/a:oracle:linux:nbdkit", "p-cpe:/a:oracle:linux:nbdkit-bash-completion", "p-cpe:/a:oracle:linux:nbdkit-basic-filters", "p-cpe:/a:oracle:linux:nbdkit-basic-plugins", "p-cpe:/a:oracle:linux:nbdkit-curl-plugin", "p-cpe:/a:oracle:linux:nbdkit-devel", "p-cpe:/a:oracle:linux:nbdkit-example-plugins", "p-cpe:/a:oracle:linux:nbdkit-gzip-plugin", "p-cpe:/a:oracle:linux:nbdkit-linuxdisk-plugin", "p-cpe:/a:oracle:linux:nbdkit-python-plugin", "p-cpe:/a:oracle:linux:nbdkit-server", "p-cpe:/a:oracle:linux:nbdkit-ssh-plugin", "p-cpe:/a:oracle:linux:nbdkit-vddk-plugin", "p-cpe:/a:oracle:linux:nbdkit-xz-filter", "p-cpe:/a:oracle:linux:netcf", "p-cpe:/a:oracle:linux:netcf-devel", "p-cpe:/a:oracle:linux:netcf-libs", "p-cpe:/a:oracle:linux:ocaml-hivex", "p-cpe:/a:oracle:linux:ocaml-hivex-devel", "p-cpe:/a:oracle:linux:ocaml-libguestfs", "p-cpe:/a:oracle:linux:ocaml-libguestfs-devel", "p-cpe:/a:oracle:linux:ocaml-libnbd", "p-cpe:/a:oracle:linux:ocaml-libnbd-devel", "p-cpe:/a:oracle:linux:perl-Sys-Guestfs", "p-cpe:/a:oracle:linux:perl-Sys-Virt", "p-cpe:/a:oracle:linux:perl-hivex", "p-cpe:/a:oracle:linux:python3-hivex", "p-cpe:/a:oracle:linux:python3-libguestfs", "p-cpe:/a:oracle:linux:python3-libnbd", "p-cpe:/a:oracle:linux:python3-libvirt", "p-cpe:/a:oracle:linux:qemu-guest-agent", "p-cpe:/a:oracle:linux:qemu-img", "p-cpe:/a:oracle:linux:qemu-kvm", "p-cpe:/a:oracle:linux:qemu-kvm-block-curl", "p-cpe:/a:oracle:linux:qemu-kvm-block-gluster", "p-cpe:/a:oracle:linux:qemu-kvm-block-iscsi", "p-cpe:/a:oracle:linux:qemu-kvm-block-rbd", "p-cpe:/a:oracle:linux:qemu-kvm-block-ssh", "p-cpe:/a:oracle:linux:qemu-kvm-common", "p-cpe:/a:oracle:linux:qemu-kvm-core", "p-cpe:/a:oracle:linux:qemu-kvm-tests", "p-cpe:/a:oracle:linux:ruby-hivex", "p-cpe:/a:oracle:linux:ruby-libguestfs", "p-cpe:/a:oracle:linux:seabios", "p-cpe:/a:oracle:linux:seabios-bin", "p-cpe:/a:oracle:linux:seavgabios-bin", "p-cpe:/a:oracle:linux:sgabios", "p-cpe:/a:oracle:linux:sgabios-bin", "p-cpe:/a:oracle:linux:supermin", "p-cpe:/a:oracle:linux:supermin-devel", "p-cpe:/a:oracle:linux:virt-dib", "p-cpe:/a:oracle:linux:virt-v2v"], "id": "ORACLELINUX_ELSA-2021-3061.NASL", "href": "https://www.tenable.com/plugins/nessus/152538", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-3061.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152538);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2020-13754\",\n \"CVE-2020-27617\",\n \"CVE-2021-3416\",\n \"CVE-2021-3504\",\n \"CVE-2021-20221\"\n );\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n\n script_name(english:\"Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2021-3061)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-3061 advisory.\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest\n can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of\n QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an\n interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said\n issue while updating controller state fields and their subsequent processing. A privileged guest user may\n use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\n - A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds\n check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive)\n file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The\n highest threat from this vulnerability is to system availability. (CVE-2021-3504)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions\n up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get\n bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the\n host resulting in DoS scenario. (CVE-2021-3416)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-3061.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3504\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdfuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-basic-filters\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-curl-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-gzip-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-linuxdisk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-python-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-ssh-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-vddk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nbdkit-xz-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocaml-libnbd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libnbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:virt-v2v\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/virt');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:ol');\nif ('ol' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt:' + module_ver);\n\nvar appstreams = {\n 'virt:ol': [\n {'reference':'hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-bash-completion-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-benchmarking-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gfs2-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-gobject-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-inspect-icons-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-java-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-javadoc-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-ja-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-man-pages-uk-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rescue-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-rsync-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-tools-c-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libguestfs-xfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libiscsi-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.3.0-2.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-6.0.0-35.1.0.1.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'lua-guestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdfuse-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-filters-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-curl-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-gzip-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-linuxdisk-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-python-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-server-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-ssh-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-vddk-plugin-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-xz-filter-1.16.2-4.0.1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libguestfs-devel-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libnbd-devel-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'perl-Sys-Guestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libnbd-1.2.2-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-6.0.0-1.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-guest-agent-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-img-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-curl-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-gluster-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-iscsi-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-rbd-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-block-ssh-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-common-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'qemu-kvm-tests-4.2.0-48.module+el8.4.0+20285+126f2e4b.3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'15'},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.18-21.module+el8.4.0+20285+126f2e4b', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'ruby-libguestfs-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'seabios-1.13.0-2.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.13.0-2.module+el8.3.0+7860+a7792d29', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.13.0-2.module+el8.3.0+7860+a7792d29', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module+el8.3.0+7860+a7792d29', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module+el8.3.0+7860+a7792d29', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-10.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+7860+a7792d29', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-10.module+el8.3.0+7860+a7792d29', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-dib-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'virt-v2v-1.40.2-27.0.1.module+el8.4.0+20093+03a97712', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:ol');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hivex / hivex-devel / libguestfs / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-01-11T14:47:01", "description": "According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. (CVE-2020-29443)\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0.\n This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.\n (CVE-2020-14364)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.(CVE-2020-13754)\n\n - In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.(CVE-2020-15469)\n\n - A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host.(CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.(CVE-2020-25085)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this.(CVE-2021-3409)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.(CVE-2021-3416)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-15T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2021-1763)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-14364", "CVE-2020-15469", "CVE-2020-17380", "CVE-2020-25085", "CVE-2020-29443", "CVE-2021-3409", "CVE-2021-3416"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qemu", "p-cpe:/a:huawei:euleros:qemu-img", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2021-1763.NASL", "href": "https://www.tenable.com/plugins/nessus/148632", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148632);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-13754\",\n \"CVE-2020-14364\",\n \"CVE-2020-15469\",\n \"CVE-2020-17380\",\n \"CVE-2020-25085\",\n \"CVE-2020-29443\",\n \"CVE-2021-3409\",\n \"CVE-2021-3416\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2021-1763)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qemu packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0\n allows out-of-bounds read access because a buffer index\n is not validated. (CVE-2020-29443)\n\n - An out-of-bounds read/write access flaw was found in\n the USB emulator of the QEMU in versions before 5.2.0.\n This issue occurs while processing USB packets from a\n guest when USBDevice 'setup_len' exceeds its\n 'data_buf[4096]' in the do_token_in, do_token_out\n routines. This flaw allows a guest user to crash the\n QEMU process, resulting in a denial of service, or the\n potential execution of arbitrary code with the\n privileges of the QEMU process on the host.\n (CVE-2020-14364)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to\n trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation.(CVE-2020-13754)\n\n - In QEMU 4.2.0, a MemoryRegionOps object may lack\n read/write callback methods, leading to a NULL pointer\n dereference.(CVE-2020-15469)\n\n - A heap-based buffer overflow was found in QEMU through\n 5.0.0 in the SDHCI device emulation support. It could\n occur while doing a multi block SDMA transfer via the\n sdhci_sdma_transfer_multi_blocks() routine in\n hw/sd/sdhci.c. A guest user or process could use this\n flaw to crash the QEMU process on the host, resulting\n in a denial of service condition, or potentially\n execute arbitrary code with privileges of the QEMU\n process on the host.(CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in\n flatview_read_continue in exec.c because hw/sd/sdhci.c\n mishandles a write operation in the SDHC_BLKSIZE\n case.(CVE-2020-25085)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found\n to be ineffective, thus making QEMU vulnerable to the\n out-of-bounds read/write access issues previously found\n in the SDHCI controller emulation code. This flaw\n allows a malicious privileged guest to crash the QEMU\n process on the host, resulting in a denial of service\n or potential code execution. QEMU up to (including)\n 5.2.0 is affected by this.(CVE-2021-3409)\n\n - A potential stack overflow via infinite loop issue was\n found in various NIC emulators of QEMU in versions up\n to and including 5.2.0. The issue occurs in loopback\n mode of a NIC wherein reentrant DMA checks get\n bypassed. A guest user/process may use this flaw to\n consume CPU cycles or crash the QEMU process on the\n host resulting in DoS scenario.(CVE-2021-3416)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1763\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5a38842d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3409\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"qemu-4.1.0-2.9.1.2.263\",\n \"qemu-img-4.1.0-2.9.1.2.263\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:48", "description": "According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. (CVE-2020-29443)\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0.\n This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.\n (CVE-2020-14364)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.(CVE-2020-13754)\n\n - In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.(CVE-2020-15469)\n\n - A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host.(CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.(CVE-2020-25085)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this.(CVE-2021-3409)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.(CVE-2021-3416)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-15T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2021-1735)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-14364", "CVE-2020-15469", "CVE-2020-17380", "CVE-2020-25085", "CVE-2020-29443", "CVE-2021-3409", "CVE-2021-3416"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qemu", "p-cpe:/a:huawei:euleros:qemu-debuginfo", "p-cpe:/a:huawei:euleros:qemu-debugsource", "p-cpe:/a:huawei:euleros:qemu-guest-agent", "p-cpe:/a:huawei:euleros:qemu-img", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2021-1735.NASL", "href": "https://www.tenable.com/plugins/nessus/148583", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148583);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-13754\",\n \"CVE-2020-14364\",\n \"CVE-2020-15469\",\n \"CVE-2020-17380\",\n \"CVE-2020-25085\",\n \"CVE-2020-29443\",\n \"CVE-2021-3409\",\n \"CVE-2021-3416\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2021-1735)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qemu packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0\n allows out-of-bounds read access because a buffer index\n is not validated. (CVE-2020-29443)\n\n - An out-of-bounds read/write access flaw was found in\n the USB emulator of the QEMU in versions before 5.2.0.\n This issue occurs while processing USB packets from a\n guest when USBDevice 'setup_len' exceeds its\n 'data_buf[4096]' in the do_token_in, do_token_out\n routines. This flaw allows a guest user to crash the\n QEMU process, resulting in a denial of service, or the\n potential execution of arbitrary code with the\n privileges of the QEMU process on the host.\n (CVE-2020-14364)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to\n trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation.(CVE-2020-13754)\n\n - In QEMU 4.2.0, a MemoryRegionOps object may lack\n read/write callback methods, leading to a NULL pointer\n dereference.(CVE-2020-15469)\n\n - A heap-based buffer overflow was found in QEMU through\n 5.0.0 in the SDHCI device emulation support. It could\n occur while doing a multi block SDMA transfer via the\n sdhci_sdma_transfer_multi_blocks() routine in\n hw/sd/sdhci.c. A guest user or process could use this\n flaw to crash the QEMU process on the host, resulting\n in a denial of service condition, or potentially\n execute arbitrary code with privileges of the QEMU\n process on the host.(CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in\n flatview_read_continue in exec.c because hw/sd/sdhci.c\n mishandles a write operation in the SDHC_BLKSIZE\n case.(CVE-2020-25085)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found\n to be ineffective, thus making QEMU vulnerable to the\n out-of-bounds read/write access issues previously found\n in the SDHCI controller emulation code. This flaw\n allows a malicious privileged guest to crash the QEMU\n process on the host, resulting in a denial of service\n or potential code execution. QEMU up to (including)\n 5.2.0 is affected by this.(CVE-2021-3409)\n\n - A potential stack overflow via infinite loop issue was\n found in various NIC emulators of QEMU in versions up\n to and including 5.2.0. The issue occurs in loopback\n mode of a NIC wherein reentrant DMA checks get\n bypassed. A guest user/process may use this flaw to\n consume CPU cycles or crash the QEMU process on the\n host resulting in DoS scenario.(CVE-2021-3416)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1735\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e5b30da6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3409\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"qemu-4.1.0-2.9.1.2.263\",\n \"qemu-debuginfo-4.1.0-2.9.1.1.263\",\n \"qemu-debugsource-4.1.0-2.9.1.2.263\",\n \"qemu-guest-agent-4.1.0-2.9.1.2.263\",\n \"qemu-img-4.1.0-2.9.1.2.263\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:39", "description": "According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An out-of-bounds access flaw was found in the Message Signalled Interrupt (MSI-X) device support of QEMU.\n This issue occurs while performing MSI-X mmio operations when a guest sent address goes beyond the mmio region. A guest user or process may use this flaw to crash the QEMU process resulting in a denial of service.(CVE-2020-13754)\n\n - hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.(CVE-2020-25743)\n\n - pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.(CVE-2020-25742)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.(CVE-2020-25085)\n\n - The patch for CVE-2020-17380 and CVE-2020-25085, both involving a heap buffer overflow in the SDHCI controller emulation code of QEMU, was found to be incomplete. A malicious privileged guest could reproduce the same issues with specially crafted input, inducing a bogus transfer and subsequent out-of-bounds read/write access in sdhci_do_adma() or sdhci_sdma_transfer_multi_blocks(). CVE-2021-3409 was assigned to facilitate the tracking and backporting of the new patch.(CVE-2021-3409)\n\n - A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.(CVE-2021-3392)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.(CVE-2021-3416)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-01T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : qemu-kvm (EulerOS-SA-2021-2046)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20382", "CVE-2020-13754", "CVE-2020-17380", "CVE-2020-25085", "CVE-2020-25742", "CVE-2020-25743", "CVE-2021-3392", "CVE-2021-3409", "CVE-2021-3416"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qemu-gpu-specs", "p-cpe:/a:huawei:euleros:qemu-guest-agent", "p-cpe:/a:huawei:euleros:qemu-img", "p-cpe:/a:huawei:euleros:qemu-kvm", "p-cpe:/a:huawei:euleros:qemu-kvm-common", "p-cpe:/a:huawei:euleros:qemu-kvm-tools", "p-cpe:/a:huawei:euleros:qemu-seabios", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2021-2046.NASL", "href": "https://www.tenable.com/plugins/nessus/151231", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151231);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2019-20382\",\n \"CVE-2020-13754\",\n \"CVE-2020-25085\",\n \"CVE-2020-25742\",\n \"CVE-2020-25743\",\n \"CVE-2021-3392\",\n \"CVE-2021-3409\",\n \"CVE-2021-3416\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : qemu-kvm (EulerOS-SA-2021-2046)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qemu-kvm packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An out-of-bounds access flaw was found in the Message\n Signalled Interrupt (MSI-X) device support of QEMU.\n This issue occurs while performing MSI-X mmio\n operations when a guest sent address goes beyond the\n mmio region. A guest user or process may use this flaw\n to crash the QEMU process resulting in a denial of\n service.(CVE-2020-13754)\n\n - hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL\n pointer dereference because it lacks a pointer check\n before an ide_cancel_dma_sync call.(CVE-2020-25743)\n\n - pci_change_irq_level in hw/pci/pci.c in QEMU before\n 5.1.1 has a NULL pointer dereference because\n pci_get_bus() might not return a valid\n pointer.(CVE-2020-25742)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in\n flatview_read_continue in exec.c because hw/sd/sdhci.c\n mishandles a write operation in the SDHC_BLKSIZE\n case.(CVE-2020-25085)\n\n - The patch for CVE-2020-17380 and CVE-2020-25085, both\n involving a heap buffer overflow in the SDHCI\n controller emulation code of QEMU, was found to be\n incomplete. A malicious privileged guest could\n reproduce the same issues with specially crafted input,\n inducing a bogus transfer and subsequent out-of-bounds\n read/write access in sdhci_do_adma() or\n sdhci_sdma_transfer_multi_blocks(). CVE-2021-3409 was\n assigned to facilitate the tracking and backporting of\n the new patch.(CVE-2021-3409)\n\n - A use-after-free flaw was found in the MegaRAID\n emulator of QEMU. This issue occurs while processing\n SCSI I/O requests in the case of an error\n mptsas_free_request() that does not dequeue the request\n object 'req' from a pending requests queue. This flaw\n allows a privileged guest user to crash the QEMU\n process on the host, resulting in a denial of\n service.(CVE-2021-3392)\n\n - A potential stack overflow via infinite loop issue was\n found in various NIC emulators of QEMU. The issue\n occurs in loopback mode of a NIC wherein reentrant DMA\n checks get bypassed. A guest user/process may use this\n flaw to consume CPU cycles or crash the QEMU process on\n the host resulting in DoS scenario.(CVE-2021-3416)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2046\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6cacf841\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu-kvm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3409\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-gpu-specs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"qemu-gpu-specs-2.8.1-30.211\",\n \"qemu-guest-agent-2.8.1-30.211\",\n \"qemu-img-2.8.1-30.211\",\n \"qemu-kvm-2.8.1-30.211\",\n \"qemu-kvm-common-2.8.1-30.211\",\n \"qemu-kvm-tools-2.8.1-30.211\",\n \"qemu-seabios-2.8.1-30.211\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-kvm\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:53:29", "description": "The remote host is affected by the vulnerability described in GLSA-202011-09 (QEMU: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "GLSA-202011-09 : QEMU: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10717", "CVE-2020-10761", "CVE-2020-13253", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754", "CVE-2020-13791", "CVE-2020-13800", "CVE-2020-14364"], "modified": "2020-11-17T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:qemu", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202011-09.NASL", "href": "https://www.tenable.com/plugins/nessus/142843", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202011-09.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142843);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/17\");\n\n script_cve_id(\"CVE-2020-10717\", \"CVE-2020-10761\", \"CVE-2020-13253\", \"CVE-2020-13361\", \"CVE-2020-13362\", \"CVE-2020-13659\", \"CVE-2020-13754\", \"CVE-2020-13791\", \"CVE-2020-13800\", \"CVE-2020-14364\");\n script_xref(name:\"GLSA\", value:\"202011-09\");\n\n script_name(english:\"GLSA-202011-09 : QEMU: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202011-09\n(QEMU: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in QEMU. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202011-09\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All QEMU users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/qemu-5.1.0-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13754\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/qemu\", unaffected:make_list(\"ge 5.1.0-r1\"), vulnerable:make_list(\"lt 5.1.0-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"QEMU\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:50:59", "description": "According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.(CVE-2021-34161)\n\n - hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.(CVE-2020-13791)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.(CVE-2020-13754)\n\n - A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host. (CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.\n (CVE-2020-25085)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this. (CVE-2021-3409)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-30T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : qemu-kvm (EulerOS-SA-2021-2011)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-13791", "CVE-2020-17380", "CVE-2020-25085", "CVE-2020-25625", "CVE-2020-27617", "CVE-2020-28916", "CVE-2021-3409", "CVE-2021-3416", "CVE-2021-34161"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qemu-img", "p-cpe:/a:huawei:euleros:qemu-kvm", "p-cpe:/a:huawei:euleros:qemu-kvm-common", "p-cpe:/a:huawei:euleros:qemu-kvm-tools", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2021-2011.NASL", "href": "https://www.tenable.com/plugins/nessus/151162", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151162);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2020-13754\",\n \"CVE-2020-13791\",\n \"CVE-2020-17380\",\n \"CVE-2020-25085\",\n \"CVE-2020-25625\",\n \"CVE-2020-27617\",\n \"CVE-2020-28916\",\n \"CVE-2021-3409\",\n \"CVE-2021-3416\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : qemu-kvm (EulerOS-SA-2021-2011)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qemu-kvm packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - A potential stack overflow via infinite loop issue was\n found in various NIC emulators of QEMU in versions up\n to and including 5.2.0. The issue occurs in loopback\n mode of a NIC wherein reentrant DMA checks get\n bypassed. A guest user/process may use this flaw to\n consume CPU cycles or crash the QEMU process on the\n host resulting in DoS scenario.(CVE-2021-34161)\n\n - hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to\n trigger an out-of-bounds access by providing an address\n near the end of the PCI configuration\n space.(CVE-2020-13791)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to\n trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation.(CVE-2020-13754)\n\n - A heap-based buffer overflow was found in QEMU through\n 5.0.0 in the SDHCI device emulation support. It could\n occur while doing a multi block SDMA transfer via the\n sdhci_sdma_transfer_multi_blocks() routine in\n hw/sd/sdhci.c. A guest user or process could use this\n flaw to crash the QEMU process on the host, resulting\n in a denial of service condition, or potentially\n execute arbitrary code with privileges of the QEMU\n process on the host. (CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in\n flatview_read_continue in exec.c because hw/sd/sdhci.c\n mishandles a write operation in the SDHC_BLKSIZE case.\n (CVE-2020-25085)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found\n to be ineffective, thus making QEMU vulnerable to the\n out-of-bounds read/write access issues previously found\n in the SDHCI controller emulation code. This flaw\n allows a malicious privileged guest to crash the QEMU\n process on the host, resulting in a denial of service\n or potential code execution. QEMU up to (including)\n 5.2.0 is affected by this. (CVE-2021-3409)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2011\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7959c880\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu-kvm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3409\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"qemu-img-2.8.1-30.482\",\n \"qemu-kvm-2.8.1-30.482\",\n \"qemu-kvm-common-2.8.1-30.482\",\n \"qemu-kvm-tools-2.8.1-30.482\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-kvm\");\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:51:13", "description": "This update for qemu fixes the following issues :\n\nFix OOB access during mmio operations (CVE-2020-13754, bsc#1172382)\n\nFix sPAPR emulator leaks the host hardware identity (CVE-2019-8934, bsc#1126455)\n\nFix out-of-bounds read information disclosure in icmp6_send_echoreply (CVE-2020-10756, bsc#1172380)\n\nFix out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221, bsc#1181933)\n\nFor the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues:\n(CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534, CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477, CVE-2021-20257, bsc#1182846, CVE-2021-3419, bsc#1182975, bsc#1031692, bsc#1094725)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-03T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1829-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15890", "CVE-2019-8934", "CVE-2020-10756", "CVE-2020-13754", "CVE-2020-14364", "CVE-2020-25723", "CVE-2020-29130", "CVE-2020-8608", "CVE-2021-20221", "CVE-2021-20257", "CVE-2021-3419"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-ssh", "p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-debugsource", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-x86", "p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1829-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150203", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2021:1829-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150203);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2019-8934\",\n \"CVE-2019-15890\",\n \"CVE-2020-8608\",\n \"CVE-2020-10756\",\n \"CVE-2020-13754\",\n \"CVE-2020-14364\",\n \"CVE-2020-25723\",\n \"CVE-2020-29130\",\n \"CVE-2021-3419\",\n \"CVE-2021-20221\",\n \"CVE-2021-20257\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1829-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for qemu fixes the following issues :\n\nFix OOB access during mmio operations (CVE-2020-13754, bsc#1172382)\n\nFix sPAPR emulator leaks the host hardware identity (CVE-2019-8934,\nbsc#1126455)\n\nFix out-of-bounds read information disclosure in icmp6_send_echoreply\n(CVE-2020-10756, bsc#1172380)\n\nFix out-of-bound heap buffer access via an interrupt ID field\n(CVE-2021-20221, bsc#1181933)\n\nFor the record, these issues are fixed in this package already. Most\nare alternate references to previously mentioned issues:\n(CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019,\nCVE-2020-14364, bsc#1175534, CVE-2020-25723, bsc#1178935,\nCVE-2020-29130, bsc#1179477, CVE-2021-20257, bsc#1182846,\nCVE-2021-3419, bsc#1182975, bsc#1031692, bsc#1094725)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031692\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094725\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126455\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172380\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1175534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178935\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1179477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1181933\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1182846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1182975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15890/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8934/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10756/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13754/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14364/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25723/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29130/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8608/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20221/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20257/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3419/\");\n # https://www.suse.com/support/update/announcement/2021/suse-su-20211829-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c8ac9c53\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-1829=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8608\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-block-curl-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-block-curl-debuginfo-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-block-rbd-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-block-rbd-debuginfo-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-block-ssh-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-block-ssh-debuginfo-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-debugsource-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-guest-agent-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-guest-agent-debuginfo-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-kvm-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-lang-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-tools-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-tools-debuginfo-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-x86-2.6.2-41.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-x86-debuginfo-2.6.2-41.65.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:50", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1894-1 advisory.\n\n - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. (CVE-2019-15890)\n\n - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator.\n This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1. (CVE-2020-10756)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. (CVE-2020-14364)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916 (CVE-2020-25707)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service. (CVE-2020-25723)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. (CVE-2020-8608)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. (CVE-2021-3419)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1894-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15890", "CVE-2020-10756", "CVE-2020-13754", "CVE-2020-14364", "CVE-2020-25707", "CVE-2020-25723", "CVE-2020-28916", "CVE-2020-29130", "CVE-2020-8608", "CVE-2021-20221", "CVE-2021-20257", "CVE-2021-3419"], "modified": "2022-11-21T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-arm", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-iscsi", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-ssh", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-ipxe", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-ppc", "p-cpe:/a:novell:suse_linux:qemu-s390", "p-cpe:/a:novell:suse_linux:qemu-seabios", "p-cpe:/a:novell:suse_linux:qemu-sgabios", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-vgabios", "p-cpe:/a:novell:suse_linux:qemu-x86", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1894-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150399", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:1894-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150399);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\n \"CVE-2019-15890\",\n \"CVE-2020-8608\",\n \"CVE-2020-10756\",\n \"CVE-2020-13754\",\n \"CVE-2020-14364\",\n \"CVE-2020-25707\",\n \"CVE-2020-25723\",\n \"CVE-2020-29130\",\n \"CVE-2021-3419\",\n \"CVE-2021-20221\",\n \"CVE-2021-20257\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:1894-1\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1894-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:1894-1 advisory.\n\n - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. (CVE-2019-15890)\n\n - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator.\n This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known\n as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible\n information disclosure. This flaw affects versions of libslirp before 4.3.1. (CVE-2020-10756)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before\n 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its\n 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the\n QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the\n privileges of the QEMU process on the host. (CVE-2020-14364)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916\n (CVE-2020-25707)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while\n processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user\n within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host,\n resulting in a denial of service. (CVE-2020-25723)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer\n overflow in later code. (CVE-2020-8608)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of\n QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an\n interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said\n issue while updating controller state fields and their subsequent processing. A privileged guest user may\n use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Notes: none. (CVE-2021-3419)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1094725\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1149813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1163019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172380\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1175534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1178683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1178935\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1181933\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182975\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-June/008954.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7f2c87cb\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3419\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8608\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ipxe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ppc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-vgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'qemu-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-arm-2.9.1-6.50', 'sp':'3', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-block-curl-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-block-curl-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-block-iscsi-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-block-iscsi-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-block-rbd-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-block-rbd-2.9.1-6.50', 'sp':'3', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-block-rbd-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-block-ssh-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-block-ssh-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-guest-agent-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-guest-agent-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-ipxe-1.0.0+-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-ipxe-1.0.0+-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-kvm-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-kvm-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-lang-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-lang-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-s390-2.9.1-6.50', 'sp':'3', 'cpu':'s390x', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-seabios-1.10.2_0_g5f4c7b1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-seabios-1.10.2_0_g5f4c7b1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-sgabios-8-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-sgabios-8-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-tools-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-tools-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-vgabios-1.10.2_0_g5f4c7b1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-vgabios-1.10.2_0_g5f4c7b1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-x86-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-x86-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'qemu-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-arm-2.9.1-6.50', 'sp':'3', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-block-curl-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-block-curl-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-block-iscsi-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-block-iscsi-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-block-rbd-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-block-rbd-2.9.1-6.50', 'sp':'3', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-block-rbd-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-block-ssh-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-block-ssh-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-guest-agent-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-guest-agent-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-ipxe-1.0.0+-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-ipxe-1.0.0+-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-kvm-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-kvm-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-lang-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-lang-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-s390-2.9.1-6.50', 'sp':'3', 'cpu':'s390x', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-seabios-1.10.2_0_g5f4c7b1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-seabios-1.10.2_0_g5f4c7b1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-sgabios-8-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-sgabios-8-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-tools-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-tools-2.9.1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-vgabios-1.10.2_0_g5f4c7b1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-vgabios-1.10.2_0_g5f4c7b1-6.50', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-x86-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'qemu-x86-2.9.1-6.50', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu / qemu-arm / qemu-block-curl / qemu-block-iscsi / qemu-block-rbd / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:49", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1895-1 advisory.\n\n - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. (CVE-2019-15890)\n\n - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator.\n This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1. (CVE-2020-10756)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. (CVE-2020-14364)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916 (CVE-2020-25707)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service. (CVE-2020-25723)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. (CVE-2020-8608)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. (CVE-2021-3419)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : qemu (SUSE-SU-2021:1895-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15890", "CVE-2020-10756", "CVE-2020-13754", "CVE-2020-14364", "CVE-2020-25707", "CVE-2020-25723", "CVE-2020-28916", "CVE-2020-29129", "CVE-2020-29130", "CVE-2020-8608", "CVE-2021-20257", "CVE-2021-3419"], "modified": "2022-11-21T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-arm", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-iscsi", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-ssh", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-ipxe", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-ppc", "p-cpe:/a:novell:suse_linux:qemu-s390", "p-cpe:/a:novell:suse_linux:qemu-seabios", "p-cpe:/a:novell:suse_linux:qemu-sgabios", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-vgabios", "p-cpe:/a:novell:suse_linux:qemu-x86", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-1895-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150395", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:1895-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150395);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\n \"CVE-2019-15890\",\n \"CVE-2020-8608\",\n \"CVE-2020-10756\",\n \"CVE-2020-13754\",\n \"CVE-2020-14364\",\n \"CVE-2020-25707\",\n \"CVE-2020-25723\",\n \"CVE-2020-29129\",\n \"CVE-2020-29130\",\n \"CVE-2021-3419\",\n \"CVE-2021-20257\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:1895-1\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"SUSE SLES15 Security Update : qemu (SUSE-SU-2021:1895-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:1895-1 advisory.\n\n - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. (CVE-2019-15890)\n\n - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator.\n This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known\n as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible\n information disclosure. This flaw affects versions of libslirp before 4.3.1. (CVE-2020-10756)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before\n 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its\n 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the\n QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the\n privileges of the QEMU process on the host. (CVE-2020-14364)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916\n (CVE-2020-25707)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while\n processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user\n within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host,\n resulting in a denial of service. (CVE-2020-25723)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer\n overflow in later code. (CVE-2020-8608)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Notes: none. (CVE-2021-3419)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1149813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1163019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172380\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1175534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1178683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1178935\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179484\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182975\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-June/008959.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?afe06d82\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3419\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8608\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ipxe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ppc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-vgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-ipxe-1.0.0+-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-kvm-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-seabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-sgabios-8-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-vgabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-x86-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15'},\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-arm-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-arm-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-ipxe-1.0.0+-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-ipxe-1.0.0+-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-kvm-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-kvm-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-seabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-seabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-sgabios-8-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-sgabios-8-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-vgabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-vgabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-x86-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-x86-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-ESPOS-release-15'},\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-arm-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-arm-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-ipxe-1.0.0+-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-ipxe-1.0.0+-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-kvm-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-kvm-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-seabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-seabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-sgabios-8-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-sgabios-8-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-vgabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-vgabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-x86-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-x86-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-LTSS-release-15'},\n {'reference':'qemu-2.11.2-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-arm-2.11.2-9.46', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-block-curl-2.11.2-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-block-iscsi-2.11.2-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-block-rbd-2.11.2-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-block-ssh-2.11.2-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-guest-agent-2.11.2-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-ipxe-1.0.0+-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-kvm-2.11.2-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-lang-2.11.2-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-s390-2.11.2-9.46', 'sp':'0', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-seabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-sgabios-8-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-tools-2.11.2-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-vgabios-1.11.0_0_g63451fc-9.46', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'},\n {'reference':'qemu-x86-2.11.2-9.46', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-ltss-release-15'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu / qemu-arm / qemu-block-curl / qemu-block-iscsi / qemu-block-rbd / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:24", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1947-1 advisory.\n\n - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. (CVE-2019-15890)\n\n - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator.\n This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1. (CVE-2020-10756)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. (CVE-2020-14364)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916 (CVE-2020-25707)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service. (CVE-2020-25723)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. (CVE-2020-8608)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. (CVE-2021-3419)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-12T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1947-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15890", "CVE-2020-10756", "CVE-2020-13754", "CVE-2020-14364", "CVE-2020-25707", "CVE-2020-25723", "CVE-2020-28916", "CVE-2020-29129", "CVE-2020-29130", "CVE-2020-8608", "CVE-2021-20257", "CVE-2021-3419"], "modified": "2022-11-21T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-arm", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-iscsi", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-ssh", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-ipxe", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-ppc", "p-cpe:/a:novell:suse_linux:qemu-s390", "p-cpe:/a:novell:suse_linux:qemu-seabios", "p-cpe:/a:novell:suse_linux:qemu-sgabios", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-vgabios", "p-cpe:/a:novell:suse_linux:qemu-x86", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-1947-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150733", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:1947-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150733);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\n \"CVE-2019-15890\",\n \"CVE-2020-8608\",\n \"CVE-2020-10756\",\n \"CVE-2020-13754\",\n \"CVE-2020-14364\",\n \"CVE-2020-25707\",\n \"CVE-2020-25723\",\n \"CVE-2020-29129\",\n \"CVE-2020-29130\",\n \"CVE-2021-3419\",\n \"CVE-2021-20257\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:1947-1\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1947-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:1947-1 advisory.\n\n - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. (CVE-2019-15890)\n\n - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator.\n This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known\n as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible\n information disclosure. This flaw affects versions of libslirp before 4.3.1. (CVE-2020-10756)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before\n 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its\n 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the\n QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the\n privileges of the QEMU process on the host. (CVE-2020-14364)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-28916\n (CVE-2020-25707)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while\n processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user\n within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host,\n resulting in a denial of service. (CVE-2020-25723)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer\n overflow in later code. (CVE-2020-8608)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Notes: none. (CVE-2021-3419)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1149813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1163019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172380\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1175534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1178683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1178935\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179484\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182975\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-June/008990.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?edd6b848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3419\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8608\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ipxe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ppc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-vgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'qemu-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-arm-2.11.2-5.32', 'sp':'4', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-block-curl-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-block-curl-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-block-iscsi-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-block-iscsi-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-block-rbd-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-block-rbd-2.11.2-5.32', 'sp':'4', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-block-rbd-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-block-ssh-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-block-ssh-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-guest-agent-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-guest-agent-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-ipxe-1.0.0+-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-ipxe-1.0.0+-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-kvm-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-kvm-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-lang-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-lang-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-s390-2.11.2-5.32', 'sp':'4', 'cpu':'s390x', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-seabios-1.11.0_0_g63451fc-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-seabios-1.11.0_0_g63451fc-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-sgabios-8-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-sgabios-8-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-tools-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-tools-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-vgabios-1.11.0_0_g63451fc-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-vgabios-1.11.0_0_g63451fc-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-x86-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-x86-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'qemu-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-arm-2.11.2-5.32', 'sp':'4', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-block-curl-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-block-iscsi-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-block-rbd-2.11.2-5.32', 'sp':'4', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-block-rbd-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-block-ssh-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-guest-agent-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-ipxe-1.0.0+-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-kvm-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-lang-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-s390-2.11.2-5.32', 'sp':'4', 'cpu':'s390x', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-seabios-1.11.0_0_g63451fc-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-sgabios-8-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-tools-2.11.2-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-vgabios-1.11.0_0_g63451fc-5.32', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'qemu-x86-2.11.2-5.32', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu / qemu-arm / qemu-block-curl / qemu-block-iscsi / qemu-block-rbd / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-01T14:44:43", "description": "The following CVE(s) were reported against src:qemu :\n\nCVE-2017-9503\n\nQEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.\n\nCVE-2019-12068\n\nIn QEMU 1:4.1-1 (1:2.8+dfsg-6+deb9u8), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.\n\nCVE-2019-20382\n\nQEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.\n\nCVE-2020-1983\n\nA use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.\n\nCVE-2020-8608\n\nIn libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.\n\nCVE-2020-10756\n\nAn out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.\n\nCVE-2020-13361\n\nIn QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.\n\nCVE-2020-13362\n\nIn QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.\n\nCVE-2020-13659\n\naddress_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.\n\nCVE-2020-13754\n\nhw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.\n\nCVE-2020-13765\n\nrom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.\n\nCVE-2020-15863\n\nStack-based overflow in xgmac_enet_send() in hw/net/xgmac.c.\n\nFor Debian 9 stretch, these problems have been fixed in version 1:2.8+dfsg-6+deb9u10.\n\nWe recommend that you upgrade your qemu packages.\n\nFor the detailed security status of qemu please refer to its security tracker page at: https://security-tracker.debian.org/tracker/qemu\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "Debian DLA-2288-1 : qemu security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9503", "CVE-2019-12068", "CVE-2019-20382", "CVE-2020-10756", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754", "CVE-2020-13765", "CVE-2020-15863", "CVE-2020-1983", "CVE-2020-8608"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:qemu", "p-cpe:/a:debian:debian_linux:qemu-block-extra", "p-cpe:/a:debian:debian_linux:qemu-guest-agent", "p-cpe:/a:debian:debian_linux:qemu-kvm", "p-cpe:/a:debian:debian_linux:qemu-system", "p-cpe:/a:debian:debian_linux:qemu-system-arm", "p-cpe:/a:debian:debian_linux:qemu-system-common", "p-cpe:/a:debian:debian_linux:qemu-system-mips", "p-cpe:/a:debian:debian_linux:qemu-system-misc", "p-cpe:/a:debian:debian_linux:qemu-system-ppc", "p-cpe:/a:debian:debian_linux:qemu-system-sparc", "p-cpe:/a:debian:debian_linux:qemu-system-x86", "p-cpe:/a:debian:debian_linux:qemu-user", "p-cpe:/a:debian:debian_linux:qemu-user-binfmt", "p-cpe:/a:debian:debian_linux:qemu-user-static", "p-cpe:/a:debian:debian_linux:qemu-utils", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2288.NASL", "href": "https://www.tenable.com/plugins/nessus/138911", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2288-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138911);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2017-9503\", \"CVE-2019-12068\", \"CVE-2019-20382\", \"CVE-2020-10756\", \"CVE-2020-13361\", \"CVE-2020-13362\", \"CVE-2020-13659\", \"CVE-2020-13754\", \"CVE-2020-13765\", \"CVE-2020-15863\", \"CVE-2020-1983\", \"CVE-2020-8608\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n\n script_name(english:\"Debian DLA-2288-1 : qemu security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The following CVE(s) were reported against src:qemu :\n\nCVE-2017-9503\n\nQEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host\nBus Adapter emulation support, allows local guest OS privileged users\nto cause a denial of service (NULL pointer dereference and QEMU\nprocess crash) via vectors involving megasas command processing.\n\nCVE-2019-12068\n\nIn QEMU 1:4.1-1 (1:2.8+dfsg-6+deb9u8), when executing script in\nlsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp'\nindex to read next opcode. This can lead to an infinite loop if the\nnext opcode is empty. Move the existing loop exit after 10k iterations\nso that it covers no-op opcodes as well.\n\nCVE-2019-20382\n\nQEMU 4.1.0 has a memory leak in zrle_compress_data in\nui/vnc-enc-zrle.c during a VNC disconnect operation because libz is\nmisused, resulting in a situation where memory allocated in\ndeflateInit2 is not freed in deflateEnd.\n\nCVE-2020-1983\n\nA use after free vulnerability in ip_reass() in ip_input.c of libslirp\n4.2.0 and prior releases allows crafted packets to cause a denial of\nservice.\n\nCVE-2020-8608\n\nIn libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf\nreturn values, leading to a buffer overflow in later code.\n\nCVE-2020-10756\n\nAn out-of-bounds read vulnerability was found in the SLiRP networking\nimplementation of the QEMU emulator. This flaw occurs in the\nicmp6_send_echoreply() routine while replying to an ICMP echo request,\nalso known as ping. This flaw allows a malicious guest to leak the\ncontents of the host memory, resulting in possible information\ndisclosure. This flaw affects versions of libslirp before 4.3.1.\n\nCVE-2020-13361\n\nIn QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c\ndoes not properly validate the frame count, which allows guest OS\nusers to trigger an out-of-bounds access during an es1370_write()\noperation.\n\nCVE-2020-13362\n\nIn QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c\nhas an out-of-bounds read via a crafted reply_queue_head field from a\nguest OS user.\n\nCVE-2020-13659\n\naddress_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer\ndereference related to BounceBuffer.\n\nCVE-2020-13754\n\nhw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an\nout-of-bounds access via a crafted address in an msi-x mmio operation.\n\nCVE-2020-13765\n\nrom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate the\nrelationship between two addresses, which allows attackers to trigger\nan invalid memory copy operation.\n\nCVE-2020-15863\n\nStack-based overflow in xgmac_enet_send() in hw/net/xgmac.c.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:2.8+dfsg-6+deb9u10.\n\nWe recommend that you upgrade your qemu packages.\n\nFor the detailed security status of qemu please refer to its security\ntracker page at: https://security-tracker.debian.org/tracker/qemu\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/qemu\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/qemu\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8608\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-block-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-system\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-system-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-system-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-system-mips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-system-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-system-ppc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-system-sparc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-system-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-user\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-user-binfmt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-user-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qemu-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"qemu\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-block-extra\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-guest-agent\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-kvm\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-system\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-system-arm\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-system-common\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-system-mips\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-system-misc\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-system-ppc\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-system-sparc\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-system-x86\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-user\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-user-binfmt\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-user-static\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qemu-utils\", reference:\"1:2.8+dfsg-6+deb9u10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-14T14:57:47", "description": "Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-10756) Eric Blake and Xueqiang Wei discovered that the QEMU NDB implementation incorrectly handled certain requests. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-10761) Ziming Zhang discovered that the QEMU SM501 graphics driver incorrectly handled certain operations. An attacker inside a guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12829) It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service.\n(CVE-2020-13253) Ren Ding and Hanqing Zhao discovered that the QEMU ES1370 audio driver incorrectly handled certain invalid frame counts.\nAn attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13361) Ren Ding and Hanqing Zhao discovered that the QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13362) Alexander Bulekov discovered that QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory space operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service.\n(CVE-2020-13659) Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the QEMU incorrectly handled certain msi-x mmio operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2020-13754) It was discovered that QEMU incorrectly handled certain memory copy operations when loading ROM contents. If a user were tricked into running an untrusted kernel image, a remote attacker could possibly use this issue to run arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.\n(CVE-2020-13765) Ren Ding, Hanqing Zhao, and Yi Ren discovered that the QEMU ATI video driver incorrectly handled certain index values. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-13800) Ziming Zhang discovered that the QEMU OSS audio driver incorrectly handled certain operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-14415) Ziming Zhang discovered that the QEMU XGMAC Ethernet controller incorrectly handled packet transmission. An attacker inside a guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-15863) Ziming Zhang discovered that the QEMU e1000e Ethernet controller incorrectly handled packet processing. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-16092).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-08-20T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : QEMU vulnerabilities (USN-4467-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10756", "CVE-2020-10761", "CVE-2020-12829", "CVE-2020-13253", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754", "CVE-2020-13765", "CVE-2020-13800", "CVE-2020-14415", "CVE-2020-15863", "CVE-2020-16092"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:qemu", "p-cpe:/a:canonical:ubuntu_linux:qemu-system", "p-cpe:/a:canonical:ubuntu_linux:qemu-system-aarch64", "p-cpe:/a:canonical:ubuntu_linux:qemu-system-arm", "p-cpe:/a:canonical:ubuntu_linux:qemu-system-mips", "p-cpe:/a:canonical:ubuntu_linux:qemu-system-ppc", "p-cpe:/a:canonical:ubuntu_linux:qemu-system-s390x", "p-cpe:/a:canonical:ubuntu_linux:qemu-system-sparc", "p-cpe:/a:canonical:ubuntu_linux:qemu-system-x86", "p-cpe:/a:canonical:ubuntu_linux:qemu-system-x86-microvm", "p-cpe:/a:canonical:ubuntu_linux:qemu-system-x86-xen", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04"], "id": "UBUNTU_USN-4467-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139725", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4467-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139725);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2020-10756\", \"CVE-2020-10761\", \"CVE-2020-12829\", \"CVE-2020-13253\", \"CVE-2020-13361\", \"CVE-2020-13362\", \"CVE-2020-13659\", \"CVE-2020-13754\", \"CVE-2020-13765\", \"CVE-2020-13800\", \"CVE-2020-14415\", \"CVE-2020-15863\", \"CVE-2020-16092\");\n script_xref(name:\"USN\", value:\"4467-1\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : QEMU vulnerabilities (USN-4467-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ziming Zhang and VictorV discovered that the QEMU SLiRP networking\nimplementation incorrectly handled replying to certain ICMP echo\nrequests. An attacker inside a guest could possibly use this issue to\nleak host memory to obtain sensitive information. This issue only\naffected Ubuntu 18.04 LTS. (CVE-2020-10756) Eric Blake and Xueqiang\nWei discovered that the QEMU NDB implementation incorrectly handled\ncertain requests. A remote attacker could possibly use this issue to\ncause QEMU to crash, resulting in a denial of service. This issue only\naffected Ubuntu 20.04 LTS. (CVE-2020-10761) Ziming Zhang discovered\nthat the QEMU SM501 graphics driver incorrectly handled certain\noperations. An attacker inside a guest could use this issue to cause\nQEMU to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2020-12829) It was discovered that the QEMU SD\nmemory card implementation incorrectly handled certain memory\noperations. An attacker inside a guest could possibly use this issue\nto cause QEMU to crash, resulting in a denial of service.\n(CVE-2020-13253) Ren Ding and Hanqing Zhao discovered that the QEMU\nES1370 audio driver incorrectly handled certain invalid frame counts.\nAn attacker inside a guest could possibly use this issue to cause QEMU\nto crash, resulting in a denial of service. (CVE-2020-13361) Ren Ding\nand Hanqing Zhao discovered that the QEMU MegaRAID SAS SCSI driver\nincorrectly handled certain memory operations. An attacker inside a\nguest could possibly use this issue to cause QEMU to crash, resulting\nin a denial of service. (CVE-2020-13362) Alexander Bulekov discovered\nthat QEMU MegaRAID SAS SCSI driver incorrectly handled certain memory\nspace operations. An attacker inside a guest could possibly use this\nissue to cause QEMU to crash, resulting in a denial of service.\n(CVE-2020-13659) Ren Ding, Hanqing Zhao, Alexander Bulekov, and\nAnatoly Trosinenko discovered that the QEMU incorrectly handled\ncertain msi-x mmio operations. An attacker inside a guest could\npossibly use this issue to cause QEMU to crash, resulting in a denial\nof service. (CVE-2020-13754) It was discovered that QEMU incorrectly\nhandled certain memory copy operations when loading ROM contents. If a\nuser were tricked into running an untrusted kernel image, a remote\nattacker could possibly use this issue to run arbitrary code. This\nissue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.\n(CVE-2020-13765) Ren Ding, Hanqing Zhao, and Yi Ren discovered that\nthe QEMU ATI video driver incorrectly handled certain index values. An\nattacker inside a guest could possibly use this issue to cause QEMU to\ncrash, resulting in a denial of service. This issue only affected\nUbuntu 20.04 LTS. (CVE-2020-13800) Ziming Zhang discovered that the\nQEMU OSS audio driver incorrectly handled certain operations. An\nattacker inside a guest could possibly use this issue to cause QEMU to\ncrash, resulting in a denial of service. This issue only affected\nUbuntu 20.04 LTS. (CVE-2020-14415) Ziming Zhang discovered that the\nQEMU XGMAC Ethernet controller incorrectly handled packet\ntransmission. An attacker inside a guest could use this issue to cause\nQEMU to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2020-15863) Ziming Zhang discovered that the QEMU\ne1000e Ethernet controller incorrectly handled packet processing. An\nattacker inside a guest could possibly use this issue to cause QEMU to\ncrash, resulting in a denial of service. This issue only affected\nUbuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-16092).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4467-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13765\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system-mips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system-ppc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system-sparc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system-x86-microvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qemu-system-x86-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 20.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"qemu\", pkgver:\"1:2.5+dfsg-5ubuntu10.45\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"qemu-system\", pkgver:\"1:2.5+dfsg-5ubuntu10.45\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"qemu-system-aarch64\", pkgver:\"1:2.5+dfsg-5ubuntu10.45\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"qemu-system-arm\", pkgver:\"1:2.5+dfsg-5ubuntu10.45\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"qemu-system-mips\", pkgver:\"1:2.5+dfsg-5ubuntu10.45\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"qemu-system-ppc\", pkgver:\"1:2.5+dfsg-5ubuntu10.45\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"qemu-system-s390x\", pkgver:\"1:2.5+dfsg-5ubuntu10.45\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"qemu-system-sparc\", pkgver:\"1:2.5+dfsg-5ubuntu10.45\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"qemu-system-x86\", pkgver:\"1:2.5+dfsg-5ubuntu10.45\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"qemu\", pkgver:\"1:2.11+dfsg-1ubuntu7.31\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"qemu-system\", pkgver:\"1:2.11+dfsg-1ubuntu7.31\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"qemu-system-mips\", pkgver:\"1:2.11+dfsg-1ubuntu7.31\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"qemu-system-ppc\", pkgver:\"1:2.11+dfsg-1ubuntu7.31\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"qemu-system-s390x\", pkgver:\"1:2.11+dfsg-1ubuntu7.31\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"qemu-system-sparc\", pkgver:\"1:2.11+dfsg-1ubuntu7.31\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"qemu-system-x86\", pkgver:\"1:2.11+dfsg-1ubuntu7.31\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu-system\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu-system-arm\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu-system-mips\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu-system-ppc\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu-system-s390x\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu-system-sparc\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu-system-x86\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu-system-x86-microvm\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"qemu-system-x86-xen\", pkgver:\"1:4.2-3ubuntu6.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu / qemu-system / qemu-system-aarch64 / qemu-system-arm / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:35:49", "description": "According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process. (CVE-2020-13253)\n\n - In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.\n (CVE-2020-13361)\n\n - In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. (CVE-2020-13362)\n\n - address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.\n (CVE-2020-13659)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space. (CVE-2020-13791)\n\n - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c. (CVE-2020-16092)\n\n - A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host. (CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case. (CVE-2020-25085)\n\n - hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver. (CVE-2020-25624)\n\n - hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. (CVE-2020-25625)\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.\n (CVE-2020-28916)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this. (CVE-2021-3409)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-3416)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.6 : qemu-kvm (EulerOS-SA-2021-2855)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13253", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754", "CVE-2020-13791", "CVE-2020-16092", "CVE-2020-17380", "CVE-2020-25085", "CVE-2020-25624", "CVE-2020-25625", "CVE-2020-27617", "CVE-2020-28916", "CVE-2021-3409", "CVE-2021-3416"], "modified": "2022-11-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qemu-gpu-specs", "p-cpe:/a:huawei:euleros:qemu-guest-agent", "p-cpe:/a:huawei:euleros:qemu-img", "p-cpe:/a:huawei:euleros:qemu-kvm", "p-cpe:/a:huawei:euleros:qemu-kvm-common", "p-cpe:/a:huawei:euleros:qemu-kvm-tools", "p-cpe:/a:huawei:euleros:qemu-seabios", "cpe:/o:huawei:euleros:uvp:3.0.2.6"], "id": "EULEROS_SA-2021-2855.NASL", "href": "https://www.tenable.com/plugins/nessus/156489", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156489);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\n \"CVE-2020-13253\",\n \"CVE-2020-13361\",\n \"CVE-2020-13362\",\n \"CVE-2020-13659\",\n \"CVE-2020-13754\",\n \"CVE-2020-13791\",\n \"CVE-2020-16092\",\n \"CVE-2020-17380\",\n \"CVE-2020-25085\",\n \"CVE-2020-25624\",\n \"CVE-2020-25625\",\n \"CVE-2020-27617\",\n \"CVE-2020-28916\",\n \"CVE-2021-3409\",\n \"CVE-2021-3416\"\n );\n script_xref(name:\"IAVB\", value:\"2020-B-0026-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.6 : qemu-kvm (EulerOS-SA-2021-2855)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read\n during sdhci_write() operations. A guest OS user can crash the QEMU process. (CVE-2020-13253)\n\n - In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame\n count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.\n (CVE-2020-13361)\n\n - In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a\n crafted reply_queue_head field from a guest OS user. (CVE-2020-13362)\n\n - address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.\n (CVE-2020-13659)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an\n address near the end of the PCI configuration space. (CVE-2020-13791)\n\n - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects\n the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the\n QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in\n hw/net/net_tx_pkt.c. (CVE-2020-16092)\n\n - A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It\n could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in\n hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host,\n resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the\n QEMU process on the host. (CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c\n mishandles a write operation in the SDHC_BLKSIZE case. (CVE-2020-25085)\n\n - hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host\n controller driver. (CVE-2020-25624)\n\n - hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. (CVE-2020-25625)\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest\n can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.\n (CVE-2020-28916)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to\n the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This\n flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of\n service or potential code execution. QEMU up to (including) 5.2.0 is affected by this. (CVE-2021-3409)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions\n up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get\n bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the\n host resulting in DoS scenario. (CVE-2021-3416)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2855\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b23d4511\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu-kvm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3409\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-gpu-specs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.6\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"qemu-gpu-specs-2.8.1-30.093\",\n \"qemu-guest-agent-2.8.1-30.093\",\n \"qemu-img-2.8.1-30.093\",\n \"qemu-kvm-2.8.1-30.093\",\n \"qemu-kvm-common-2.8.1-30.093\",\n \"qemu-kvm-tools-2.8.1-30.093\",\n \"qemu-seabios-2.8.1-30.093\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-kvm\");\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-03-21T05:50:16", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0761-1 advisory.\n\n - sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process. (CVE-2020-13253)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. (CVE-2020-14394)\n\n - A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host. (CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case. (CVE-2020-25085)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this. (CVE-2021-3409)\n\n - A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory. (CVE-2021-3507)\n\n - A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially, executing arbitrary code within the context of the QEMU process on the host. (CVE-2021-3929)\n\n - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. (CVE-2021-4206)\n\n - A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service. (CVE-2022-0216)\n\n - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition. (CVE-2022-1050)\n\n - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results.\n Affected QEMU versions <= 6.2.0. (CVE-2022-26354)\n\n - ** DISPUTED ** softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. NOTE: a third party states that the Non- virtualization Use Case in the qemu.org reference applies here, i.e., Bugs affecting the non- virtualization use case are not considered security bugs at this time. (CVE-2022-35414)\n\n - An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition. (CVE-2022-4144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-03-17T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : qemu (SUSE-SU-2023:0761-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 6.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 8.5, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13253", "CVE-2020-13754", "CVE-2020-14394", "CVE-2020-17380", "CVE-2020-25085", "CVE-2021-3409", "CVE-2021-3507", "CVE-2021-3750", "CVE-2021-3929", "CVE-2021-4206", "CVE-2022-0216", "CVE-2022-1050", "CVE-2022-26354", "CVE-2022-35414", "CVE-2022-4144"], "modified": "2023-03-17T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:12:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-block-curl:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-block-rbd:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-guest-agent:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-kvm:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-lang:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-s390:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-tools:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-x86:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-block-ssh:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-block-iscsi:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-audio-alsa:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-audio-oss:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-audio-pa:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-audio-sdl:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-ui-curses:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-ui-gtk:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-ui-sdl:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-arm:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-ppc:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-ipxe:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-seabios:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-sgabios:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:qemu-vgabios:*:*:*:*:*:*:*"], "id": "SUSE_SU-2023-0761-1.NASL", "href": "https://www.tenable.com/plugins/nessus/172642", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2023:0761-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(172642);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/17\");\n\n script_cve_id(\n \"CVE-2020-13253\",\n \"CVE-2020-13754\",\n \"CVE-2020-14394\",\n \"CVE-2020-17380\",\n \"CVE-2020-25085\",\n \"CVE-2021-3409\",\n \"CVE-2021-3507\",\n \"CVE-2021-3929\",\n \"CVE-2021-4206\",\n \"CVE-2022-0216\",\n \"CVE-2022-1050\",\n \"CVE-2022-4144\",\n \"CVE-2022-26354\",\n \"CVE-2022-35414\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2023:0761-1\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0026-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0057\");\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : qemu (SUSE-SU-2023:0761-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2023:0761-1 advisory.\n\n - sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read\n during sdhci_write() operations. A guest OS user can crash the QEMU process. (CVE-2020-13253)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of\n the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process\n on the host, resulting in a denial of service. (CVE-2020-14394)\n\n - A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It\n could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in\n hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host,\n resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the\n QEMU process on the host. (CVE-2020-17380)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c\n mishandles a write operation in the SDHC_BLKSIZE case. (CVE-2020-25085)\n\n - The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to\n the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This\n flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of\n service or potential code execution. QEMU up to (including) 5.2.0 is affected by this. (CVE-2021-3409)\n\n - A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could\n occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the\n floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on\n the host resulting in DoS scenario, or potential information leakage from the host memory. (CVE-2021-3507)\n\n - A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is\n similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function\n nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue. A malicious guest could\n use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or,\n potentially, executing arbitrary code within the context of the QEMU process on the host. (CVE-2021-3929)\n\n - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc()\n function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer\n overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or\n potentially execute arbitrary code within the context of the QEMU process. (CVE-2021-4206)\n\n - A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The\n flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout\n function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the\n host, resulting in a denial of service. (CVE-2022-0216)\n\n - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a\n crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading\n to a use-after-free condition. (CVE-2022-1050)\n\n - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached\n from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results.\n Affected QEMU versions <= 6.2.0. (CVE-2022-26354)\n\n - ** DISPUTED ** softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the\n translate_fail path, leading to an io_readx or io_writex crash. NOTE: a third party states that the Non-\n virtualization Use Case in the qemu.org reference applies here, i.e., Bugs affecting the non-\n virtualization use case are not considered security bugs at this time. (CVE-2022-35414)\n\n - An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt()\n function does not check the size of the structure pointed to by the guest physical address, potentially\n reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to\n crash the QEMU process on the host causing a denial of service condition. (CVE-2022-4144)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172033\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1175144\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180207\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182282\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1185000\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198035\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198038\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1205808\");\n # https://lists.suse.com/pipermail/sle-security-updates/2023-March/014067.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fc6e68d2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13253\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14394\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-17380\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-25085\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3507\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4206\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1050\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-35414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-4144\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35414\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-audio-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-audio-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-audio-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-audio-sdl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ipxe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ppc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ui-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ui-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-ui-sdl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-vgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'qemu-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-arm-3.1.1.1-66.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-audio-alsa-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-audio-oss-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-audio-pa-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-audio-sdl-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-block-curl-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-block-iscsi-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-block-rbd-3.1.1.1-66.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-block-rbd-3.1.1.1-66.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-block-ssh-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-guest-agent-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-ipxe-1.0.0+-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-kvm-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-lang-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-s390-3.1.1.1-66.1', 'sp':'5', 'cpu':'s390x', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-seabios-1.12.0_0_ga698c89-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-sgabios-8-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-tools-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-ui-curses-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-ui-gtk-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-ui-sdl-3.1.1.1-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-vgabios-1.12.0_0_ga698c89-66.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'qemu-x86-3.1.1.1-66.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc');\n}\n", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-01-11T14:43:09", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9034 advisory.\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. (CVE-2020-14364)\n\n - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c. (CVE-2020-16092)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. (CVE-2020-13362)\n\n - hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length. (CVE-2020-11102)\n\n - hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555.\n (CVE-2020-15863)\n\n - hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space. (CVE-2020-13791)\n\n - address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.\n (CVE-2020-13659)\n\n - sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process. (CVE-2020-13253)\n\n - A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU. (CVE-2020-10702)\n\n - hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space. (CVE-2019-15034)\n\n - In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service. (CVE-2020-12829)\n\n - oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. (CVE-2020-14415)\n\n - hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. (CVE-2020-25625)\n\n - QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked. (CVE-2020-25084)\n\n - ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process. (CVE-2020-27616)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver. (CVE-2020-25624)\n\n - hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.\n (CVE-2020-28916)\n\n - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator.\n This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1. (CVE-2020-10756)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service. (CVE-2020-25723)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-05T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : qemu (ELSA-2021-9034)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15034", "CVE-2020-10702", "CVE-2020-10756", "CVE-2020-11102", "CVE-2020-12829", "CVE-2020-13253", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754", "CVE-2020-13791", "CVE-2020-14364", "CVE-2020-14415", "CVE-2020-15863", "CVE-2020-16092", "CVE-2020-25084", "CVE-2020-25624", "CVE-2020-25625", "CVE-2020-25723", "CVE-2020-27616", "CVE-2020-28916", "CVE-2020-29129", "CVE-2020-29130"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:qemu", "p-cpe:/a:oracle:linux:qemu-block-gluster", "p-cpe:/a:oracle:linux:qemu-block-iscsi", "p-cpe:/a:oracle:linux:qemu-block-rbd", "p-cpe:/a:oracle:linux:qemu-common", "p-cpe:/a:oracle:linux:qemu-img", "p-cpe:/a:oracle:linux:qemu-kvm", "p-cpe:/a:oracle:linux:qemu-kvm-core", "p-cpe:/a:oracle:linux:qemu-system-x86", "p-cpe:/a:oracle:linux:qemu-system-x86-core"], "id": "ORACLELINUX_ELSA-2021-9034.NASL", "href": "https://www.tenable.com/plugins/nessus/146269", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-9034.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146269);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2019-15034\",\n \"CVE-2020-10702\",\n \"CVE-2020-10756\",\n \"CVE-2020-11102\",\n \"CVE-2020-12829\",\n \"CVE-2020-13253\",\n \"CVE-2020-13362\",\n \"CVE-2020-13659\",\n \"CVE-2020-13754\",\n \"CVE-2020-13791\",\n \"CVE-2020-14364\",\n \"CVE-2020-14415\",\n \"CVE-2020-15863\",\n \"CVE-2020-16092\",\n \"CVE-2020-25084\",\n \"CVE-2020-25624\",\n \"CVE-2020-25625\",\n \"CVE-2020-25723\",\n \"CVE-2020-27616\",\n \"CVE-2020-28916\",\n \"CVE-2020-29129\",\n \"CVE-2020-29130\"\n );\n\n script_name(english:\"Oracle Linux 7 : qemu (ELSA-2021-9034)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-9034 advisory.\n\n - An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before\n 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its\n 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the\n QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the\n privileges of the QEMU process on the host. (CVE-2020-14364)\n\n - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects\n the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the\n QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in\n hw/net/net_tx_pkt.c. (CVE-2020-16092)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a\n crafted reply_queue_head field from a guest OS user. (CVE-2020-13362)\n\n - hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame\n size is not validated against the r/w data length. (CVE-2020-11102)\n\n - hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This\n occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or\n process could use this flaw to crash the QEMU process on the host, resulting in a denial of service or\n potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555.\n (CVE-2020-15863)\n\n - hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an\n address near the end of the PCI configuration space. (CVE-2020-13791)\n\n - address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.\n (CVE-2020-13659)\n\n - sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read\n during sdhci_write() operations. A guest OS user can crash the QEMU process. (CVE-2020-13253)\n\n - A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM\n introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation\n process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could\n obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all\n programs running on QEMU. (CVE-2020-10702)\n\n - hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading\n to a buffer overflow involving the PCIe extended config space. (CVE-2019-15034)\n\n - In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw\n occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write()\n callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in\n hw/display/sm501.c on the host, resulting in a denial of service. (CVE-2020-12829)\n\n - oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. (CVE-2020-14415)\n\n - hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. (CVE-2020-25625)\n\n - QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not\n checked. (CVE-2020-25084)\n\n - ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a\n calculation. A guest can crash the QEMU process. (CVE-2020-27616)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29130)\n\n - hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host\n controller driver. (CVE-2020-25624)\n\n - hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.\n (CVE-2020-28916)\n\n - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator.\n This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known\n as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible\n information disclosure. This flaw affects versions of libslirp before 4.3.1. (CVE-2020-10756)\n\n - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while\n processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user\n within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host,\n resulting in a denial of service. (CVE-2020-25723)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-9034.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11102\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13754\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-system-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-system-x86-core\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'qemu-4.2.1-4.el7', 'cpu':'aarch64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-block-gluster-4.2.1-4.el7', 'cpu':'aarch64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-block-gluster-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-block-iscsi-4.2.1-4.el7', 'cpu':'aarch64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-block-iscsi-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-block-rbd-4.2.1-4.el7', 'cpu':'aarch64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-block-rbd-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-common-4.2.1-4.el7', 'cpu':'aarch64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-common-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-img-4.2.1-4.el7', 'cpu':'aarch64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-img-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.1-4.el7', 'cpu':'aarch64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-kvm-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.1-4.el7', 'cpu':'aarch64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-kvm-core-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-system-x86-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'},\n {'reference':'qemu-system-x86-core-4.2.1-4.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'15'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu / qemu-block-gluster / qemu-block-iscsi / etc');\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-10T19:14:53", "description": "According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null. (CVE-2019-12067)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case. (CVE-2020-25085)\n\n - pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer. (CVE-2020-25742)\n\n - hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. (CVE-2020-25743)\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.\n This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial of service. This flaw affects QEMU versions prior to 5.2.0. (CVE-2020-27821)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. (CVE-2020-29443)\n\n - A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-35504)\n\n - A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.\n The highest threat from this vulnerability is to system availability. (CVE-2020-35505)\n\n - A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability. (CVE-2021-20181)\n\n - An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.\n (CVE-2021-20203)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\n - A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected.\n (CVE-2021-3392)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-3416)\n\n - A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single, large transfer request, to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper validation. Since the total size is not bounded, a malicious guest could use this flaw to influence the array length and cause the QEMU process to perform an excessive allocation on the stack, resulting in a denial of service. (CVE-2021-3527)\n\n - Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user- gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime. (CVE-2021-3544)\n\n - An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost- user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the host. (CVE-2021-3545)\n\n - An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition, or potential code execution with the privileges of the QEMU process. (CVE-2021-3546)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0. (CVE-2021-3592)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0. (CVE-2021-3593)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0. (CVE-2021-3595)\n\n - A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host. (CVE-2021-3682)\n\n - An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked, which can lead to out-of- bounds access to the UASDevice->data3 and UASDevice->status3 fields. A malicious guest user could use this flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the host. (CVE-2021-3713)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : qemu (EulerOS-SA-2022-1014)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12067", "CVE-2020-13754", "CVE-2020-25085", "CVE-2020-25742", "CVE-2020-25743", "CVE-2020-27617", "CVE-2020-27821", "CVE-2020-29129", "CVE-2020-29443", "CVE-2020-35504", "CVE-2020-35505", "CVE-2021-20181", "CVE-2021-20203", "CVE-2021-20221", "CVE-2021-3392", "CVE-2021-3416", "CVE-2021-3527", "CVE-2021-3544", "CVE-2021-3545", "CVE-2021-3546", "CVE-2021-3592", "CVE-2021-3593", "CVE-2021-3595", "CVE-2021-3682", "CVE-2021-3713", "CVE-2021-3748"], "modified": "2023-01-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qemu-img", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1014.NASL", "href": "https://www.tenable.com/plugins/nessus/157171", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157171);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/09\");\n\n script_cve_id(\n \"CVE-2019-12067\",\n \"CVE-2020-13754\",\n \"CVE-2020-25085\",\n \"CVE-2020-25742\",\n \"CVE-2020-25743\",\n \"CVE-2020-27617\",\n \"CVE-2020-27821\",\n \"CVE-2020-29129\",\n \"CVE-2020-29443\",\n \"CVE-2020-35504\",\n \"CVE-2020-35505\",\n \"CVE-2021-3392\",\n \"CVE-2021-3416\",\n \"CVE-2021-3527\",\n \"CVE-2021-3544\",\n \"CVE-2021-3545\",\n \"CVE-2021-3546\",\n \"CVE-2021-3592\",\n \"CVE-2021-3593\",\n \"CVE-2021-3595\",\n \"CVE-2021-3682\",\n \"CVE-2021-3713\",\n \"CVE-2021-3748\",\n \"CVE-2021-20181\",\n \"CVE-2021-20203\",\n \"CVE-2021-20221\"\n );\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"EulerOS 2.0 SP9 : qemu (EulerOS-SA-2022-1014)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL\n dereference) when the command header 'ad->cur_cmd' is null. (CVE-2019-12067)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c\n mishandles a write operation in the SDHC_BLKSIZE case. (CVE-2020-25085)\n\n - pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because\n pci_get_bus() might not return a valid pointer. (CVE-2020-25742)\n\n - hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check\n before an ide_cancel_dma_sync call. (CVE-2020-25743)\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest\n can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.\n This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO\n operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial\n of service. This flaw affects QEMU versions prior to 5.2.0. (CVE-2020-27821)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer\n index is not validated. (CVE-2020-29443)\n\n - A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of\n service. The highest threat from this vulnerability is to system availability. (CVE-2020-35504)\n\n - A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in\n versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw\n allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.\n The highest threat from this vulnerability is to system availability. (CVE-2020-35505)\n\n - A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This\n flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges\n on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as\n system availability. (CVE-2021-20181)\n\n - An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It\n may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A\n privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.\n (CVE-2021-20203)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of\n QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an\n interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said\n issue while updating controller state fields and their subsequent processing. A privileged guest user may\n use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\n - A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI\n I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req'\n from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the\n host, resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected.\n (CVE-2021-3392)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions\n up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get\n bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the\n host resulting in DoS scenario. (CVE-2021-3416)\n\n - A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a\n single, large transfer request, to reduce the overhead and improve performance. The combined size of the\n bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper\n validation. Since the total size is not bounded, a malicious guest could use this flaw to influence the\n array length and cause the QEMU process to perform an excessive allocation on the stack, resulting in a\n denial of service. (CVE-2021-3527)\n\n - Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions\n up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-\n gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime. (CVE-2021-3544)\n\n - An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of\n QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-\n user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit\n this issue to leak memory from the host. (CVE-2021-3545)\n\n - An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of\n QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET'\n command from the guest. It could allow a privileged guest user to crash the QEMU process on the host,\n resulting in a denial of service condition, or potential code execution with the privileges of the QEMU\n process. (CVE-2021-3546)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw\n exists in the bootp_input() function and could occur while processing a udp packet that is smaller than\n the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of\n uninitialized heap memory from the host. The highest threat from this vulnerability is to data\n confidentiality. This flaw affects libslirp versions prior to 4.6.0. (CVE-2021-3592)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw\n exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the\n size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory\n disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw\n affects libslirp versions prior to 4.6.0. (CVE-2021-3593)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw\n exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the\n size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory\n disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw\n affects libslirp versions prior to 4.6.0. (CVE-2021-3595)\n\n - A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs\n when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A\n malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata,\n resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the\n host. (CVE-2021-3682)\n\n - An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions\n prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked, which can lead to out-of-\n bounds access to the UASDevice->data3 and UASDevice->status3 fields. A malicious guest user could use this\n flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the\n host. (CVE-2021-3713)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1014\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4ea5cba8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3748\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3682\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"qemu-img-4.1.0-16.h10.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-10T19:14:16", "description": "According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null. (CVE-2019-12067)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. (CVE-2020-13754)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case. (CVE-2020-25085)\n\n - pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer. (CVE-2020-25742)\n\n - hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. (CVE-2020-25743)\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.\n This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial of service. This flaw affects QEMU versions prior to 5.2.0. (CVE-2020-27821)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated. (CVE-2020-29443)\n\n - A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-35504)\n\n - A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.\n The highest threat from this vulnerability is to system availability. (CVE-2020-35505)\n\n - A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability. (CVE-2021-20181)\n\n - An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.\n (CVE-2021-20203)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\n - A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected.\n (CVE-2021-3392)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-3416)\n\n - A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single, large transfer request, to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper validation. Since the total size is not bounded, a malicious guest could use this flaw to influence the array length and cause the QEMU process to perform an excessive allocation on the stack, resulting in a denial of service. (CVE-2021-3527)\n\n - Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user- gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime. (CVE-2021-3544)\n\n - An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost- user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the host. (CVE-2021-3545)\n\n - An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition, or potential code execution with the privileges of the QEMU process. (CVE-2021-3546)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0. (CVE-2021-3592)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0. (CVE-2021-3593)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0. (CVE-2021-3595)\n\n - A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host. (CVE-2021-3682)\n\n - An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked, which can lead to out-of- bounds access to the UASDevice->data3 and UASDevice->status3 fields. A malicious guest user could use this flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the host. (CVE-2021-3713)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : qemu (EulerOS-SA-2022-1034)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12067", "CVE-2020-13754", "CVE-2020-25085", "CVE-2020-25742", "CVE-2020-25743", "CVE-2020-27617", "CVE-2020-27821", "CVE-2020-29129", "CVE-2020-29443", "CVE-2020-35504", "CVE-2020-35505", "CVE-2021-20181", "CVE-2021-20203", "CVE-2021-20221", "CVE-2021-3392", "CVE-2021-3416", "CVE-2021-3527", "CVE-2021-3544", "CVE-2021-3545", "CVE-2021-3546", "CVE-2021-3592", "CVE-2021-3593", "CVE-2021-3595", "CVE-2021-3682", "CVE-2021-3713", "CVE-2021-3748"], "modified": "2023-01-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qemu-img", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1034.NASL", "href": "https://www.tenable.com/plugins/nessus/157200", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157200);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/09\");\n\n script_cve_id(\n \"CVE-2019-12067\",\n \"CVE-2020-13754\",\n \"CVE-2020-25085\",\n \"CVE-2020-25742\",\n \"CVE-2020-25743\",\n \"CVE-2020-27617\",\n \"CVE-2020-27821\",\n \"CVE-2020-29129\",\n \"CVE-2020-29443\",\n \"CVE-2020-35504\",\n \"CVE-2020-35505\",\n \"CVE-2021-3392\",\n \"CVE-2021-3416\",\n \"CVE-2021-3527\",\n \"CVE-2021-3544\",\n \"CVE-2021-3545\",\n \"CVE-2021-3546\",\n \"CVE-2021-3592\",\n \"CVE-2021-3593\",\n \"CVE-2021-3595\",\n \"CVE-2021-3682\",\n \"CVE-2021-3713\",\n \"CVE-2021-3748\",\n \"CVE-2021-20181\",\n \"CVE-2021-20203\",\n \"CVE-2021-20221\"\n );\n script_xref(name:\"IAVB\", value:\"2020-B-0041-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0063-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0075-S\");\n\n script_name(english:\"EulerOS 2.0 SP9 : qemu (EulerOS-SA-2022-1034)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL\n dereference) when the command header 'ad->cur_cmd' is null. (CVE-2019-12067)\n\n - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address\n in an msi-x mmio operation. (CVE-2020-13754)\n\n - QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c\n mishandles a write operation in the SDHC_BLKSIZE case. (CVE-2020-25085)\n\n - pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because\n pci_get_bus() might not return a valid pointer. (CVE-2020-25742)\n\n - hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check\n before an ide_cancel_dma_sync call. (CVE-2020-25743)\n\n - eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest\n can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)\n\n - A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.\n This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO\n operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial\n of service. This flaw affects QEMU versions prior to 5.2.0. (CVE-2020-27821)\n\n - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of\n header data even if that exceeds the total packet length. (CVE-2020-29129)\n\n - ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer\n index is not validated. (CVE-2020-29443)\n\n - A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0.\n This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of\n service. The highest threat from this vulnerability is to system availability. (CVE-2020-35504)\n\n - A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in\n versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw\n allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.\n The highest threat from this vulnerability is to system availability. (CVE-2020-35505)\n\n - A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This\n flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges\n on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as\n system availability. (CVE-2021-20181)\n\n - An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It\n may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A\n privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.\n (CVE-2021-20203)\n\n - An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of\n QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an\n interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said\n issue while updating controller state fields and their subsequent processing. A privileged guest user may\n use this flaw to crash the QEMU process on the host resulting in DoS scenario. (CVE-2021-20221)\n\n - A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI\n I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req'\n from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the\n host, resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected.\n (CVE-2021-3392)\n\n - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions\n up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get\n bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the\n host resulting in DoS scenario. (CVE-2021-3416)\n\n - A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a\n single, large transfer request, to reduce the overhead and improve performance. The combined size of the\n bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper\n validation. Since the total size is not bounded, a malicious guest could use this flaw to influence the\n array length and cause the QEMU process to perform an excessive allocation on the stack, resulting in a\n denial of service. (CVE-2021-3527)\n\n - Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions\n up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-\n gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime. (CVE-2021-3544)\n\n - An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of\n QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-\n user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit\n this issue to leak memory from the host. (CVE-2021-3545)\n\n - An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of\n QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET'\n command from the guest. It could allow a privileged guest user to crash the QEMU process on the host,\n resulting in a denial of service condition, or potential code execution with the privileges of the QEMU\n process. (CVE-2021-3546)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw\n exists in the bootp_input() function and could occur while processing a udp packet that is smaller than\n the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of\n uninitialized heap memory from the host. The highest threat from this vulnerability is to data\n confidentiality. This flaw affects libslirp versions prior to 4.6.0. (CVE-2021-3592)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw\n exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the\n size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory\n disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw\n affects libslirp versions prior to 4.6.0. (CVE-2021-3593)\n\n - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw\n exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the\n size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory\n disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw\n affects libslirp versions prior to 4.6.0. (CVE-2021-3595)\n\n - A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs\n when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A\n malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata,\n resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the\n host. (CVE-2021-3682)\n\n - An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions\n prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked, which can lead to out-of-\n bounds access to the UASDevice->data3 and UASDevice->status3 fields. A malicious guest user could use this\n flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the\n host. (CVE-2021-3713)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1034\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?47e746c0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3748\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3682\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"qemu-img-4.1.0-16.h10.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-08-10T07:19:05", "description": "\nIt was discovered that incorrect memory handling in the SLIRP networking\nimplementation could result in denial of service or potentially the\nexecution of arbitrary code.\n\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1:3.1+dfsg-8+deb10u7. In addition this update fixes a regression\ncaused by the patch for [\\\nCVE-2020-13754](https://security-tracker.debian.org/tracker/CVE-2020-13754), which could lead to startup\nfailures in some Xen setups.\n\n\nWe recommend that you upgrade your qemu packages.\n\n\nFor the detailed security status of qemu please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/qemu](https://security-tracker.debian.org/tracker/qemu)\n\n\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-24T00:00:00", "type": "osv", "title": "qemu - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-8608"], "modified": "2022-08-10T07:19:03", "id": "OSV:DSA-4733-1", "href": "https://osv.dev/vulnerability/DSA-4733-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:19:04", "description": "\nMultiple security issues were discovered in QEMU, a fast processor\nemulator, which could result in denial of service.\n\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:3.1+dfsg-8+deb10u6.\n\n\nWe recommend that you upgrade your qemu packages.\n\n\nFor the detailed security status of qemu please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/qemu](https://security-tracker.debian.org/tracker/qemu)\n\n\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-19T00:00:00", "type": "osv", "title": "qemu - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-13659", "CVE-2020-13361", "CVE-2020-13765", "CVE-2020-10756", "CVE-2020-13362"], "modified": "2022-08-10T07:19:01", "id": "OSV:DSA-4728-1", "href": "https://osv.dev/vulnerability/DSA-4728-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T05:18:50", "description": "\nThe following CVE(s) were reported against src:qemu:\n\n\n* [CVE-2017-9503](https://security-tracker.debian.org/tracker/CVE-2017-9503)\nQEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2\n Host Bus Adapter emulation support, allows local guest OS\n privileged users to cause a denial of service (NULL pointer\n dereference and QEMU process crash) via vectors involving megasas\n command processing.\n* [CVE-2019-12068](https://security-tracker.debian.org/tracker/CVE-2019-12068)\nIn QEMU 1:4.1-1 (1:2.8+dfsg-6+deb9u8), when executing script in\n lsi\\_execute\\_script(), the LSI scsi adapter emulator advances\n 's->dsp' index to read next opcode. This can lead to an infinite\n loop if the next opcode is empty. Move the existing loop exit\n after 10k iterations so that it covers no-op opcodes as well.\n* [CVE-2019-20382](https://security-tracker.debian.org/tracker/CVE-2019-20382)\nQEMU 4.1.0 has a memory leak in zrle\\_compress\\_data in\n ui/vnc-enc-zrle.c during a VNC disconnect operation because libz\n is misused, resulting in a situation where memory allocated in\n deflateInit2 is not freed in deflateEnd.\n* [CVE-2020-1983](https://security-tracker.debian.org/tracker/CVE-2020-1983)\nA use after free vulnerability in ip\\_reass() in ip\\_input.c of\n libslirp 4.2.0 and prior releases allows crafted packets to cause\n a denial of service.\n* [CVE-2020-8608](https://security-tracker.debian.org/tracker/CVE-2020-8608)\nIn libslirp 4.1.0, as used in QEMU 4.2.0, tcp\\_subr.c misuses\n snprintf return values, leading to a buffer overflow in later\n code.\n* [CVE-2020-10756](https://security-tracker.debian.org/tracker/CVE-2020-10756)\nAn out-of-bounds read vulnerability was found in the SLiRP\n networking implementation of the QEMU emulator. This flaw occurs\n in the icmp6\\_send\\_echoreply() routine while replying to an ICMP\n echo request, also known as ping. This flaw allows a malicious\n guest to leak the contents of the host memory, resulting in\n possible information disclosure. This flaw affects versions of\n libslirp before 4.3.1.\n* [CVE-2020-13361](https://security-tracker.debian.org/tracker/CVE-2020-13361)\nIn QEMU 5.0.0 and earlier, es1370\\_transfer\\_audio in\n hw/audio/es1370.c does not properly validate the frame count,\n which allows guest OS users to trigger an out-of-bounds access\n during an es1370\\_write() operation.\n* [CVE-2020-13362](https://security-tracker.debian.org/tracker/CVE-2020-13362)\nIn QEMU 5.0.0 and earlier, megasas\\_lookup\\_frame in\n hw/scsi/megasas.c has an out-of-bounds read via a crafted\n reply\\_queue\\_head field from a guest OS user.\n* [CVE-2020-13659](https://security-tracker.debian.org/tracker/CVE-2020-13659)\naddress\\_space\\_map in exec.c in QEMU 4.2.0 can trigger a NULL\n pointer dereference related to BounceBuffer.\n* [CVE-2020-13754](https://security-tracker.debian.org/tracker/CVE-2020-13754)\nhw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger\n an out-of-bounds access via a crafted address in an msi-x mmio\n operation.\n* [CVE-2020-13765](https://security-tracker.debian.org/tracker/CVE-2020-13765)\nrom\\_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate\n the relationship between two addresses, which allows attackers\n to trigger an invalid memory copy operation.\n* [CVE-2020-15863](https://security-tracker.debian.org/tracker/CVE-2020-15863)\nStack-based overflow in xgmac\\_enet\\_send() in hw/net/xgmac.c.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:2.8+dfsg-6+deb9u10.\n\n\nWe recommend that you upgrade your qemu packages.\n\n\nFor the detailed security status of qemu please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/qemu>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-26T00:00:00", "type": "osv", "title": "qemu - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15863", "CVE-2017-9503", "CVE-2020-13754", "CVE-2020-13659", "CVE-2020-8608", "CVE-2020-13361", "CVE-2019-12068", "CVE-2019-20382", "CVE-2020-11947", "CVE-2020-13765", "CVE-2020-10756", "CVE-2020-1983", "CVE-2020-13362"], "modified": "2022-08-05T05:18:49", "id": "OSV:DLA-2288-1", "href": "https://osv.dev/vulnerability/DLA-2288-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2023-03-24T15:15:45", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4733-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJuly 24, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : qemu\nCVE ID : CVE-2020-8608\nDebian Bug : 964793\n\nIt was discovered that incorrect memory handling in the SLIRP networking\nimplementation could result in denial of service or potentially the\nexecution of arbitrary code.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1:3.1+dfsg-8+deb10u7. In addition this update fixes a regression\ncaused by the patch for CVE-2020-13754, which could lead to startup\nfailures in some Xen setups.\n\nWe recommend that you upgrade your qemu packages.\n\nFor the detailed security status of qemu please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/qemu\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-24T09:14:40", "type": "debian", "title": "[SECURITY] [DSA 4733-1] qemu security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-8608"], "modified": "2020-07-24T09:14:40", "id": "DEBIAN:DSA-4733-1:89986", "href": "https://lists.debian.org/debian-security-announce/2020/msg00139.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-24T15:16:06", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4728-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJuly 19, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : qemu\nCVE ID : CVE-2020-10756 CVE-2020-13361 CVE-2020-13362 \n CVE-2020-13754 CVE-2020-13659\nDebian Bug : 964247 961887 961887 961888\n\nMultiple security issues were discovered in QEMU, a fast processor\nemulator, which could result in denial of service.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:3.1+dfsg-8+deb10u6.\n\nWe recommend that you upgrade your qemu packages.\n\nFor the detailed security status of qemu please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/qemu\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-19T18:01:06", "type": "debian", "title": "[SECURITY] [DSA 4728-1] qemu security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10756", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754"], "modified": "2020-07-19T18:01:06", "id": "DEBIAN:DSA-4728-1:DBA83", "href": "https://lists.debian.org/debian-security-announce/2020/msg00134.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T11:19:56", "description": "- -----------------------------------------------------------------------\nDebian LTS Advisory DLA-2288-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Utkarsh Gupta\nJuly 25, 2020 https://wiki.debian.org/LTS\n- -----------------------------------------------------------------------\n\nPackage : qemu\nVersion : 1:2.8+dfsg-6+deb9u10\nCVE ID : CVE-2017-9503 CVE-2019-12068 CVE-2019-20382\n CVE-2020-1983 CVE-2020-8608 CVE-2020-10756\n CVE-2020-13361 CVE-2020-13362 CVE-2020-13659\n CVE-2020-13754 CVE-2020-13765 CVE-2020-15863\nDebian Bug : 865754 961887 961888 964793\n\nThe following CVE(s) were reported against src:qemu:\n\nCVE-2017-9503\n\n QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2\n Host Bus Adapter emulation support, allows local guest OS\n privileged users to cause a denial of service (NULL pointer\n dereference and QEMU process crash) via vectors involving megasas\n command processing.\n\nCVE-2019-12068\n\n In QEMU 1:4.1-1 (1:2.8+dfsg-6+deb9u8), when executing script in\n lsi_execute_script(), the LSI scsi adapter emulator advances\n &#x27;s-&gt;dsp&#x27; index to read next opcode. This can lead to an infinite\n loop if the next opcode is empty. Move the existing loop exit\n after 10k iterations so that it covers no-op opcodes as well.\n\nCVE-2019-20382\n\n QEMU 4.1.0 has a memory leak in zrle_compress_data in\n ui/vnc-enc-zrle.c during a VNC disconnect operation because libz\n is misused, resulting in a situation where memory allocated in\n deflateInit2 is not freed in deflateEnd.\n\nCVE-2020-1983\n\n A use after free vulnerability in ip_reass() in ip_input.c of\n libslirp 4.2.0 and prior releases allows crafted packets to cause\n a denial of service.\n\nCVE-2020-8608\n\n In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses\n snprintf return values, leading to a buffer overflow in later\n code.\n\nCVE-2020-10756\n\n An out-of-bounds read vulnerability was found in the SLiRP\n networking implementation of the QEMU emulator. This flaw occurs\n in the icmp6_send_echoreply() routine while replying to an ICMP\n echo request, also known as ping. This flaw allows a malicious\n guest to leak the contents of the host memory, resulting in\n possible information disclosure. This flaw affects versions of\n libslirp before 4.3.1.\n\nCVE-2020-13361\n\n In QEMU 5.0.0 and earlier, es1370_transfer_audio in\n hw/audio/es1370.c does not properly validate the frame count,\n which allows guest OS users to trigger an out-of-bounds access\n during an es1370_write() operation.\n\nCVE-2020-13362\n\n In QEMU 5.0.0 and earlier, megasas_lookup_frame in\n hw/scsi/megasas.c has an out-of-bounds read via a crafted\n reply_queue_head field from a guest OS user.\n\nCVE-2020-13659\n\n address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL\n pointer dereference related to BounceBuffer.\n\nCVE-2020-13754\n\n hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger\n an out-of-bounds access via a crafted address in an msi-x mmio\n operation.\n\nCVE-2020-13765\n\n rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate\n the relationship between two addresses, which allows attackers\n to trigger an invalid memory copy operation.\n\nCVE-2020-15863\n\n Stack-based overflow in xgmac_enet_send() in hw/net/xgmac.c.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:2.8+dfsg-6+deb9u10.\n\nWe recommend that you upgrade your qemu packages.\n\nFor the detailed security status of qemu please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/qemu\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-26T11:51:28", "type": "debian", "title": "[SECURITY] [DLA 2288-1] qemu security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9503", "CVE-2019-12068", "CVE-2019-20382", "CVE-2020-10756", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754", "CVE-2020-13765", "CVE-2020-15863", "CVE-2020-1983", "CVE-2020-8608"], "modified": "2020-07-26T11:51:28", "id": "DEBIAN:DLA-2288-1:30AC1", "href": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-05T21:18:09", "description": "- -----------------------------------------------------------------------\nDebian LTS Advisory DLA-2288-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Utkarsh Gupta\nJuly 25, 2020 https://wiki.debian.org/LTS\n- -----------------------------------------------------------------------\n\nPackage : qemu\nVersion : 1:2.8+dfsg-6+deb9u10\nCVE ID : CVE-2017-9503 CVE-2019-12068 CVE-2019-20382\n CVE-2020-1983 CVE-2020-8608 CVE-2020-10756\n CVE-2020-13361 CVE-2020-13362 CVE-2020-13659\n CVE-2020-13754 CVE-2020-13765 CVE-2020-15863\nDebian Bug : 865754 961887 961888 964793\n\nThe following CVE(s) were reported against src:qemu:\n\nCVE-2017-9503\n\n QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2\n Host Bus Adapter emulation support, allows local guest OS\n privileged users to cause a denial of service (NULL pointer\n dereference and QEMU process crash) via vectors involving megasas\n command processing.\n\nCVE-2019-12068\n\n In QEMU 1:4.1-1 (1:2.8+dfsg-6+deb9u8), when executing script in\n lsi_execute_script(), the LSI scsi adapter emulator advances\n &#x27;s-&gt;dsp&#x27; index to read next opcode. This can lead to an infinite\n loop if the next opcode is empty. Move the existing loop exit\n after 10k iterations so that it covers no-op opcodes as well.\n\nCVE-2019-20382\n\n QEMU 4.1.0 has a memory leak in zrle_compress_data in\n ui/vnc-enc-zrle.c during a VNC disconnect operation because libz\n is misused, resulting in a situation where memory allocated in\n deflateInit2 is not freed in deflateEnd.\n\nCVE-2020-1983\n\n A use after free vulnerability in ip_reass() in ip_input.c of\n libslirp 4.2.0 and prior releases allows crafted packets to cause\n a denial of service.\n\nCVE-2020-8608\n\n In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses\n snprintf return values, leading to a buffer overflow in later\n code.\n\nCVE-2020-10756\n\n An out-of-bounds read vulnerability was found in the SLiRP\n networking implementation of the QEMU emulator. This flaw occurs\n in the icmp6_send_echoreply() routine while replying to an ICMP\n echo request, also known as ping. This flaw allows a malicious\n guest to leak the contents of the host memory, resulting in\n possible information disclosure. This flaw affects versions of\n libslirp before 4.3.1.\n\nCVE-2020-13361\n\n In QEMU 5.0.0 and earlier, es1370_transfer_audio in\n hw/audio/es1370.c does not properly validate the frame count,\n which allows guest OS users to trigger an out-of-bounds access\n during an es1370_write() operation.\n\nCVE-2020-13362\n\n In QEMU 5.0.0 and earlier, megasas_lookup_frame in\n hw/scsi/megasas.c has an out-of-bounds read via a crafted\n reply_queue_head field from a guest OS user.\n\nCVE-2020-13659\n\n address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL\n pointer dereference related to BounceBuffer.\n\nCVE-2020-13754\n\n hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger\n an out-of-bounds access via a crafted address in an msi-x mmio\n operation.\n\nCVE-2020-13765\n\n rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate\n the relationship between two addresses, which allows attackers\n to trigger an invalid memory copy operation.\n\nCVE-2020-15863\n\n Stack-based overflow in xgmac_enet_send() in hw/net/xgmac.c.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:2.8+dfsg-6+deb9u10.\n\nWe recommend that you upgrade your qemu packages.\n\nFor the detailed security status of qemu please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/qemu\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n\nBest,\nUtkarsh", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-26T11:51:28", "type": "debian", "title": "[SECURITY] [DLA 2288-1] qemu security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9503", "CVE-2019-12068", "CVE-2019-20382", "CVE-2020-10756", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754", "CVE-2020-13765", "CVE-2020-15863", "CVE-2020-1983", "CVE-2020-8608"], "modified": "2020-07-26T11:51:28", "id": "DEBIAN:DLA-2288-1:E9E8F", "href": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "rocky": [{"lastseen": "2023-02-02T17:11:44", "description": "An update is available for libguestfs, libnbd, nbdkit, libguestfs-winsupport, supermin, libiscsi, hivex, libvirt, netcf, perl-Sys-Virt, seabios, qemu-kvm, sgabios, libvirt-dbus, libvirt-python.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nKernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n* hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504)\n\n* QEMU: net: an assert failure via eth_get_gso_type (CVE-2020-27617)\n\n* QEMU: net: infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n* qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* cannot restart default network and firewalld: iptables: No chain/target/match by that name. (BZ#1958301)\n\n* Rocky Linux8.4 Nightly[0322] - KVM guest fails to find zipl boot menu index (qemu-kvm) (BZ#1975679)", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-10T11:58:46", "type": "rocky", "title": "virt:rhel and virt-devel:rhel security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-27617", "CVE-2021-20221", "CVE-2021-3416", "CVE-2021-3504"], "modified": "2021-08-10T11:58:46", "id": "RLSA-2021:3061", "href": "https://errata.rockylinux.org/RLSA-2021:3061", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}], "almalinux": [{"lastseen": "2022-09-14T18:10:37", "description": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)\n\n* hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504)\n\n* QEMU: net: an assert failure via eth_get_gso_type (CVE-2020-27617)\n\n* QEMU: net: infinite loop in loopback mode may lead to stack overflow (CVE-2021-3416)\n\n* qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* cannot restart default network and firewalld: iptables: No chain/target/match by that name. (BZ#1958301)\n\n* RHEL8.4 Nightly[0322] - KVM guest fails to find zipl boot menu index (qemu-kvm) (BZ#1975679)", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-10T11:58:46", "type": "almalinux", "title": "Moderate: virt:rhel and virt-devel:rhel security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13754", "CVE-2020-27617", "CVE-2021-20221", "CVE-2021-3416", "CVE-2021-3504"], "modified": "2021-12-23T15:15:26", "id": "ALSA-2021:3061", "href": "https://errata.almalinux.org/8/ALSA-2021-3061.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}], "f5": [{"lastseen": "2022-02-10T00:00:00", "description": " * [CVE-2020-10761](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10761>)\n\nAn assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service.\n\n * [CVE-2020-13361](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361>)\n\nIn QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.\n\n * [CVE-2020-13362](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362>)\n\nIn QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.\n\n * [CVE-2020-13659](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659>)\n\naddress_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.\n\n * [CVE-2020-13754](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754>)\n\nhw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.\n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-05T16:12:00", "type": "f5", "title": "QEMU vulnerabilities CVE-2020-10761, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, and CVE-2020-13754", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10761", "CVE-2020-13361", "CVE-2020-13362", "CVE-2020-13659", "CVE-2020-13754"], "modified": "2020-08-05T16:12:00", "id": "F5:K61547155", "href": "https://support.f5.com/csp/article/K61547155", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-08-13T00:26:08", "description": "hivex\n[1.3.18-21]\n- Bounds check for block exceeding page length (CVE-2021-3504)\n resolves: rhbz#1950501\nlibvirt\n[6.0.0-35.1.0.1]\n- Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554]\n- Add runtime deps for pkg librbd1 >= 1:10.2.5 (Keshav Sharma)\n- Disable parallel builds (Karl Heubaum)\n[6.0.0-35.1.el8]\n- network: make it safe to call networkSetupPrivateChains() multiple times (rhbz#1958301)\n- network: force re-creation of iptables private chains on firewalld restart (rhbz#1958301)\nqemu-kvm\n[4.2.0-48.el8_4.3]\n- kvm-net-introduce-qemu_receive_packet.patch [bz#1932917]\n- kvm-e1000-switch-to-use-qemu_receive_packet-for-loopback.patch [bz#1932917]\n- kvm-dp8393x-switch-to-use-qemu_receive_packet-for-loopba.patch [bz#1932917]\n- kvm-sungem-switch-to-use-qemu_receive_packet-for-loopbac.patch [bz#1932917]\n- kvm-tx_pkt-switch-to-use-qemu_receive_packet_iov-for-loo.patch [bz#1932917]\n- kvm-rtl8139-switch-to-use-qemu_receive_packet-for-loopba.patch [bz#1932917]\n- kvm-pcnet-switch-to-use-qemu_receive_packet-for-loopback.patch [bz#1932917]\n- kvm-cadence_gem-switch-to-use-qemu_receive_packet-for-lo.patch [bz#1932917]\n- kvm-lan9118-switch-to-use-qemu_receive_packet-for-loopba.patch [bz#1932917]\n- Resolves: bz#1932917\n (CVE-2021-3416 virt:rhel/qemu-kvm: QEMU: net: infinite loop in loopback mode may lead to stack overflow [rhel-8.4.z])\n[4.2.0-48.el8_4.2]\n- kvm-pc-bios-s390-ccw-fix-off-by-one-error.patch [bz#1975679]\n- kvm-pc-bios-s390-ccw-break-loop-if-a-null-block-number-i.patch [bz#1975679]\n- kvm-pc-bios-s390-ccw-don-t-try-to-read-the-next-block-if.patch [bz#1975679]\n- Resolves: bz#1975679\n (RHEL8.4 Nightly[0322] - KVM guest fails to find zipl boot menu index (qemu-kvm) [rhel-8.4.0.z])\n[4.2.0-48.el8_4]\n- kvm-net-remove-an-assert-call-in-eth_get_gso_type.patch [bz#1939494]\n- kvm-libqos-usb-hcd-ehci-use-32-bit-write-for-config-regi.patch [bz#1944621]\n- kvm-libqos-pci-pc-use-32-bit-write-for-EJ-register.patch [bz#1944621]\n- kvm-memory-Revert-memory-accept-mismatching-sizes-in-mem.patch [bz#1944621]\n- kvm-acpi-accept-byte-and-word-access-to-core-ACPI-regist.patch [bz#1944621]\n- kvm-xhci-fix-valid.max_access_size-to-access-address-reg.patch [bz#1944621]\n- kvm-softmmu-memory-Log-invalid-memory-accesses.patch [bz#1944621]\n- kvm-hw-intc-arm_gic-Fix-interrupt-ID-in-GICD_SGIR-regist.patch [bz#1952986]\n- Resolves: bz#1939494\n (CVE-2020-27617 virt:rhel/qemu-kvm: QEMU: net: an assert failure via eth_get_gso_type [rhel-8.4.0.z])\n- Resolves: bz#1944621\n (CVE-2020-13754 virt:rhel/qemu-kvm: QEMU: msix: OOB access during mmio operations may lead to DoS [rhel-8.4.0.z])\n- Resolves: bz#1952986\n (CVE-2021-20221 virt:rhel/qemu-kvm: qemu: out-of-bound heap buffer access via an interrupt ID field [rhel-8.4.0.z])", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity&q