Vulnerabilities > CVE-2019-10161 - Missing Authorization vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

redhat

canonical

CWE-862

nessus

NVD

Published: 2019-07-30

Updated: 2024-11-21

Summary

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Libvirt 5.0.0 Redhat Libvirt 5.1.0 Redhat Libvirt 5.2.0 Redhat Libvirt 5.3.0 Redhat Libvirt 5.4.0 Redhat Libvirt - Redhat Libvirt 0.0.1 Redhat Libvirt 0.0.2 Redhat Libvirt 0.0.3 Redhat Libvirt 0.0.4 Redhat Libvirt 0.0.5 Redhat Libvirt 0.0.6 Redhat Libvirt 0.1.0 Redhat Libvirt 0.1.1 Redhat Libvirt 0.1.3 Redhat Libvirt 0.1.4 Redhat Libvirt 0.1.5 Redhat Libvirt 0.1.6 Redhat Libvirt 0.1.7 Redhat Libvirt 0.1.8 Redhat Libvirt 0.1.9 Redhat Libvirt 0.1.10 Redhat Libvirt 0.1.11 Redhat Libvirt 0.2.0 Redhat Libvirt 0.2.1 Redhat Libvirt 0.2.2 Redhat Libvirt 0.2.3 Redhat Libvirt 0.3.0 Redhat Libvirt 0.3.1 Redhat Libvirt 0.3.2 Redhat Libvirt 0.3.3 Redhat Libvirt 0.4.0 Redhat Libvirt 0.4.1 Redhat Libvirt 0.4.2 Redhat Libvirt 0.4.3 Redhat Libvirt 0.4.4 Redhat Libvirt 0.4.5 Redhat Libvirt 0.4.6 Redhat Libvirt 0.5.0 Redhat Libvirt 0.5.1 Redhat Libvirt 0.6.0 Redhat Libvirt 0.6.1 Redhat Libvirt 0.6.2 Redhat Libvirt 0.6.3 Redhat Libvirt 0.6.4 Redhat Libvirt 0.6.5 Redhat Libvirt 0.7.0 Redhat Libvirt 0.7.1 Redhat Libvirt 0.7.2 Redhat Libvirt 0.7.3 Redhat Libvirt 0.7.4 Redhat Libvirt 0.7.5 Redhat Libvirt 0.7.6 Redhat Libvirt 0.7.7 Redhat Libvirt 0.8.0 Redhat Libvirt 0.8.1 Redhat Libvirt 0.8.2 Redhat Libvirt 0.8.3 Redhat Libvirt 0.8.4 Redhat Libvirt 0.8.5 Redhat Libvirt 0.8.6 Redhat Libvirt 0.8.7 Redhat Libvirt 0.8.8 Redhat Libvirt 0.9.0 Redhat Libvirt 0.9.1 Redhat Libvirt 0.9.2 Redhat Libvirt 0.9.3 Redhat Libvirt 0.9.4 Redhat Libvirt 0.9.5 Redhat Libvirt 0.9.6 Redhat Libvirt 0.9.6.1 Redhat Libvirt 0.9.6.2 Redhat Libvirt 0.9.6.3 Redhat Libvirt 0.9.6.4 Redhat Libvirt 0.9.7 Redhat Libvirt 0.9.8 Redhat Libvirt 0.9.9 Redhat Libvirt 0.9.10 Redhat Libvirt 0.9.11 Redhat Libvirt 0.9.11.1 Redhat Libvirt 0.9.11.2 Redhat Libvirt 0.9.11.3 Redhat Libvirt 0.9.11.4 Redhat Libvirt 0.9.11.5 Redhat Libvirt 0.9.11.6 Redhat Libvirt 0.9.11.7 Redhat Libvirt 0.9.11.8 Redhat Libvirt 0.9.11.9 Redhat Libvirt 0.9.11.10 Redhat Libvirt 0.9.12 Redhat Libvirt 0.9.12.1 Redhat Libvirt 0.9.12.2 Redhat Libvirt 0.9.12.3 Redhat Libvirt 0.9.13 Redhat Libvirt 0.10.0 Redhat Libvirt 0.10.1 Redhat Libvirt 0.10.2 Redhat Libvirt 0.10.2.1 Redhat Libvirt 0.10.2.2 Redhat Libvirt 0.10.2.3 Redhat Libvirt 0.10.2.4 Redhat Libvirt 0.10.2.5 Redhat Libvirt 0.10.2.6 Redhat Libvirt 0.10.2.7 Redhat Libvirt 0.10.2.8 Redhat Libvirt 1.0.0 Redhat Libvirt 1.0.1 Redhat Libvirt 1.0.2 Redhat Libvirt 1.0.3 Redhat Libvirt 1.0.4 Redhat Libvirt 1.0.5 Redhat Libvirt 1.0.5.1 Redhat Libvirt 1.0.5.2 Redhat Libvirt 1.0.5.3 Redhat Libvirt 1.0.5.4 Redhat Libvirt 1.0.5.5 Redhat Libvirt 1.0.5.6 Redhat Libvirt 1.0.5.7 Redhat Libvirt 1.0.5.8 Redhat Libvirt 1.0.5.9 Redhat Libvirt 1.0.6 Redhat Libvirt 1.1.0 Redhat Libvirt 1.1.1 Redhat Libvirt 1.1.2 Redhat Libvirt 1.1.3 Redhat Libvirt 1.1.3.1 Redhat Libvirt 1.1.3.2 Redhat Libvirt 1.1.3.3 Redhat Libvirt 1.1.3.4 Redhat Libvirt 1.1.3.5 Redhat Libvirt 1.1.3.6 Redhat Libvirt 1.1.3.7 Redhat Libvirt 1.1.3.8 Redhat Libvirt 1.1.3.9 Redhat Libvirt 1.1.4 Redhat Libvirt 1.2.0 Redhat Libvirt 1.2.1 Redhat Libvirt 1.2.2 Redhat Libvirt 1.2.3 Redhat Libvirt 1.2.4 Redhat Libvirt 1.2.5 Redhat Libvirt 1.2.6 Redhat Libvirt 1.2.7 Redhat Libvirt 1.2.8 Redhat Libvirt 1.2.9 Redhat Libvirt 1.2.9.1 Redhat Libvirt 1.2.9.2 Redhat Libvirt 1.2.9.3 Redhat Libvirt 1.2.10 Redhat Libvirt 1.2.11 Redhat Libvirt 1.2.12 Redhat Libvirt 1.2.13 Redhat Libvirt 1.2.13.1 Redhat Libvirt 1.2.13.2 Redhat Libvirt 1.2.14 Redhat Libvirt 1.2.15 Redhat Libvirt 1.2.16 Redhat Libvirt 1.2.17 Redhat Libvirt 1.2.18 Redhat Libvirt 1.2.18.1 Redhat Libvirt 1.2.18.2 Redhat Libvirt 1.2.18.3 Redhat Libvirt 1.2.18.4 Redhat Libvirt 1.2.19 Redhat Libvirt 1.2.20 Redhat Libvirt 1.2.21 Redhat Libvirt 1.3.0 Redhat Libvirt 1.3.1 Redhat Libvirt 1.3.2 Redhat Libvirt 1.3.3 Redhat Libvirt 1.3.3.1 Redhat Libvirt 1.3.3.2 Redhat Libvirt 1.3.3.3 Redhat Libvirt 1.3.4 Redhat Libvirt 1.3.5 Redhat Libvirt 1.40.0 Redhat Libvirt 2.0.0 Redhat Libvirt 2.1.0 Redhat Libvirt 2.2.0 Redhat Libvirt 2.2.1 Redhat Libvirt 2.3.0 Redhat Libvirt 2.4.0 Redhat Libvirt 2.5.0 Redhat Libvirt 3.0.0 Redhat Libvirt 3.1.0 Redhat Libvirt 3.2.0 Redhat Libvirt 3.2.1 Redhat Libvirt 3.3.0 Redhat Libvirt 3.4.0 Redhat Libvirt 3.5.0 Redhat Libvirt 3.6.0 Redhat Libvirt 3.7.0 Redhat Libvirt 3.8.0 Redhat Libvirt 3.9.0 Redhat Libvirt 3.10.0 Redhat Libvirt 4.0.0 Redhat Libvirt 4.1.0 Redhat Libvirt 4.2.0 Redhat Libvirt 4.3.0 Redhat Libvirt 4.4.0 Redhat Libvirt 4.5.0 Redhat Libvirt 4.6.0 Redhat Libvirt 4.7.0 Redhat Libvirt 4.8.0 Redhat Libvirt 4.9.0 Redhat Libvirt 4.10.0 Redhat Virtualization 4.0 Redhat Virtualization Host 4.0	408
OS	Redhat Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 8.0	3
OS	Canonical Canonical Ubuntu Linux 14.04	1

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

Nessus

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-1686-1.NASL
description	This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	126237
published	2019-06-25
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126237
title	SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:1686-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2019:1686-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(126237); script_version("1.4"); script_cvs_date("Date: 2020/01/10"); script_cve_id("CVE-2019-10161", "CVE-2019-10167"); script_name(english:"SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:1686-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1138301" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1138303" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-10161/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-10167/" ); # https://www.suse.com/support/update/announcement/2019/suse-su-20191686-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ce05d41a" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch SUSE-SLE-SAP-12-SP1-2019-1686=1 SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2019-1686=1" ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/30"); script_set_attribute(attribute:"patch_publication_date", value:"2019/06/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/25"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S\|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"1", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", cpu:"x86_64", reference:"libvirt-daemon-xen-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-client-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-client-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-config-network-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-config-nwfilter-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-interface-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-interface-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-lxc-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-lxc-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-network-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-network-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-nodedev-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-nodedev-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-nwfilter-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-nwfilter-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-qemu-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-qemu-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-secret-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-secret-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-storage-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-driver-storage-debuginfo-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-lxc-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-daemon-qemu-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-debugsource-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-doc-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-lock-sanlock-1.2.18.4-22.13.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libvirt-lock-sanlock-debuginfo-1.2.18.4-22.13.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-1672.NASL
description	This update for libvirt fixes the following issues : Security issues fixed : - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). - CVE-2019-10166: Fixed an issue with virDomainManagedSaveDefineXML which could have been used to alter the domain
last seen	2020-06-01
modified	2020-06-02
plugin id	126372
published	2019-07-01
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126372
title	openSUSE Security Update : libvirt (openSUSE-2019-1672)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-1672. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(126372); script_version("1.3"); script_cvs_date("Date: 2020/01/08"); script_cve_id("CVE-2019-10161", "CVE-2019-10166", "CVE-2019-10167"); script_name(english:"openSUSE Security Update : libvirt (openSUSE-2019-1672)"); script_summary(english:"Check for the openSUSE-2019-1672 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for libvirt fixes the following issues : Security issues fixed : - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). - CVE-2019-10166: Fixed an issue with virDomainManagedSaveDefineXML which could have been used to alter the domain's config used for managedsave or execute arbitrary emulator binaries (bsc#1138302). - CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303). Other issue addressed : - spec: add systemd-container dependency to qemu and lxc drivers (bsc#1136109). This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1136109" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1138301" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1138302" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1138303" ); script_set_attribute( attribute:"solution", value:"Update the affected libvirt packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-admin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-admin-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-client-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-config-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-uml-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-vbox-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-hooks"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-lxc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-uml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-vbox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-daemon-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-libs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-nss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libvirt-nss-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/30"); script_set_attribute(attribute:"patch_publication_date", value:"2019/06/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-admin-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-admin-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-client-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-client-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-config-network-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-config-nwfilter-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-interface-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-interface-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-lxc-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-lxc-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-network-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-network-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-nodedev-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-nodedev-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-nwfilter-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-nwfilter-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-qemu-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-qemu-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-secret-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-secret-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-core-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-core-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-disk-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-disk-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-iscsi-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-iscsi-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-logical-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-logical-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-mpath-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-mpath-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-scsi-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-storage-scsi-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-uml-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-uml-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-vbox-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-driver-vbox-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-hooks-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-lxc-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-qemu-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-uml-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-daemon-vbox-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-debugsource-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-devel-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-libs-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-libs-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-lock-sanlock-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-lock-sanlock-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-nss-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libvirt-nss-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"wireshark-plugin-libvirt-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"wireshark-plugin-libvirt-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libvirt-client-32bit-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-rbd-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-rbd-debuginfo-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libvirt-daemon-xen-4.0.0-lp150.7.18.2") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libvirt-devel-32bit-4.0.0-lp150.7.18.2") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt / libvirt-admin / libvirt-admin-debuginfo / libvirt-client / etc"); }

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-1578.NASL
description	An update for libvirt is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	126086
published	2019-06-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126086
title	RHEL 6 : libvirt (RHSA-2019:1578)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:1578. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(126086); script_version("1.6"); script_cvs_date("Date: 2020/01/10"); script_cve_id("CVE-2019-10161"); script_xref(name:"RHSA", value:"2019:1578"); script_name(english:"RHEL 6 : libvirt (RHSA-2019:1578)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for libvirt is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:1578" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-10161" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-python"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/30"); script_set_attribute(attribute:"patch_publication_date", value:"2019/06/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/21"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2019:1578"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libvirt-0.10.2-64.el6_10.2")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libvirt-0.10.2-64.el6_10.2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libvirt-0.10.2-64.el6_10.2")) flag++; if (rpm_check(release:"RHEL6", reference:"libvirt-client-0.10.2-64.el6_10.2")) flag++; if (rpm_check(release:"RHEL6", reference:"libvirt-debuginfo-0.10.2-64.el6_10.2")) flag++; if (rpm_check(release:"RHEL6", reference:"libvirt-devel-0.10.2-64.el6_10.2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libvirt-lock-sanlock-0.10.2-64.el6_10.2")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libvirt-python-0.10.2-64.el6_10.2")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libvirt-python-0.10.2-64.el6_10.2")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libvirt-python-0.10.2-64.el6_10.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt / libvirt-client / libvirt-debuginfo / libvirt-devel / etc"); } }

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-4047-1.NASL
description	Matthias Gerstner and Jan Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitrary files, or execute arbitrary binaries. In the default installation, attackers would be isolated by the libvirt AppArmor profile. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	126563
published	2019-07-09
reporter	Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126563
title	Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : libvirt vulnerabilities (USN-4047-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-4047-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(126563); script_version("1.4"); script_cvs_date("Date: 2020/01/08"); script_cve_id("CVE-2019-10161", "CVE-2019-10166", "CVE-2019-10167", "CVE-2019-10168"); script_xref(name:"USN", value:"4047-1"); script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : libvirt vulnerabilities (USN-4047-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Matthias Gerstner and Jan Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitrary files, or execute arbitrary binaries. In the default installation, attackers would be isolated by the libvirt AppArmor profile. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/4047-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libvirt-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libvirt-clients"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libvirt-daemon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libvirt0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.04"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/30"); script_set_attribute(attribute:"patch_publication_date", value:"2019/07/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(16\.04\|18\.04\|18\.10\|19\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 18.04 / 18.10 / 19.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"16.04", pkgname:"libvirt-bin", pkgver:"1.3.1-1ubuntu10.27")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"libvirt0", pkgver:"1.3.1-1ubuntu10.27")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"libvirt-clients", pkgver:"4.0.0-1ubuntu8.12")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"libvirt-daemon", pkgver:"4.0.0-1ubuntu8.12")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"libvirt0", pkgver:"4.0.0-1ubuntu8.12")) flag++; if (ubuntu_check(osver:"18.10", pkgname:"libvirt-clients", pkgver:"4.6.0-2ubuntu3.8")) flag++; if (ubuntu_check(osver:"18.10", pkgname:"libvirt-daemon", pkgver:"4.6.0-2ubuntu3.8")) flag++; if (ubuntu_check(osver:"18.10", pkgname:"libvirt0", pkgver:"4.6.0-2ubuntu3.8")) flag++; if (ubuntu_check(osver:"19.04", pkgname:"libvirt-clients", pkgver:"5.0.0-1ubuntu2.4")) flag++; if (ubuntu_check(osver:"19.04", pkgname:"libvirt-daemon", pkgver:"5.0.0-1ubuntu2.4")) flag++; if (ubuntu_check(osver:"19.04", pkgname:"libvirt0", pkgver:"5.0.0-1ubuntu2.4")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt-bin / libvirt-clients / libvirt-daemon / libvirt0"); }

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1724.NASL
description	According to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) - libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) - libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function(CVE-2019-3840) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-06
modified	2019-07-22
plugin id	126852
published	2019-07-22
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126852
title	EulerOS 2.0 SP2 : libvirt (EulerOS-SA-2019-1724)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(126852); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04"); script_cve_id( "CVE-2019-10161", "CVE-2019-10167", "CVE-2019-3840" ); script_name(english:"EulerOS 2.0 SP2 : libvirt (EulerOS-SA-2019-1724)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) - libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) - libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function(CVE-2019-3840) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1724 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d1920901"); script_set_attribute(attribute:"solution", value: "Update the affected libvirt packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2019/07/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/22"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-config-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-config-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-interface"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-lxc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nodedev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-secret"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-driver-storage"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libvirt-daemon-kvm"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) \|\| release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D\|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) \|\| sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["libvirt-2.0.0-10.10.h3", "libvirt-client-2.0.0-10.10.h3", "libvirt-daemon-2.0.0-10.10.h3", "libvirt-daemon-config-network-2.0.0-10.10.h3", "libvirt-daemon-config-nwfilter-2.0.0-10.10.h3", "libvirt-daemon-driver-interface-2.0.0-10.10.h3", "libvirt-daemon-driver-lxc-2.0.0-10.10.h3", "libvirt-daemon-driver-network-2.0.0-10.10.h3", "libvirt-daemon-driver-nodedev-2.0.0-10.10.h3", "libvirt-daemon-driver-nwfilter-2.0.0-10.10.h3", "libvirt-daemon-driver-qemu-2.0.0-10.10.h3", "libvirt-daemon-driver-secret-2.0.0-10.10.h3", "libvirt-daemon-driver-storage-2.0.0-10.10.h3", "libvirt-daemon-kvm-2.0.0-10.10.h3"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt"); }

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-1578.NASL
description	From Red Hat Security Advisory 2019:1578 : An update for libvirt is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	126083
published	2019-06-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126083
title	Oracle Linux 6 : libvirt (ELSA-2019-1578)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:1578 and # Oracle Linux Security Advisory ELSA-2019-1578 respectively. # include("compat.inc"); if (description) { script_id(126083); script_version("1.4"); script_cvs_date("Date: 2020/01/10"); script_cve_id("CVE-2019-10161"); script_xref(name:"RHSA", value:"2019:1578"); script_name(english:"Oracle Linux 6 : libvirt (ELSA-2019-1578)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2019:1578 : An update for libvirt is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2019-June/008846.html" ); script_set_attribute( attribute:"solution", value:"Update the affected libvirt packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libvirt-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libvirt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libvirt-lock-sanlock"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libvirt-python"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/30"); script_set_attribute(attribute:"patch_publication_date", value:"2019/06/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/21"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| !pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL6", reference:"libvirt-0.10.2-64.0.1.el6_10.2")) flag++; if (rpm_check(release:"EL6", reference:"libvirt-client-0.10.2-64.0.1.el6_10.2")) flag++; if (rpm_check(release:"EL6", reference:"libvirt-devel-0.10.2-64.0.1.el6_10.2")) flag++; if (rpm_check(release:"EL6", cpu:"x86_64", reference:"libvirt-lock-sanlock-0.10.2-64.0.1.el6_10.2")) flag++; if (rpm_check(release:"EL6", reference:"libvirt-python-0.10.2-64.0.1.el6_10.2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt / libvirt-client / libvirt-devel / libvirt-lock-sanlock / etc"); }

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-4714.NASL
description	Description of changes: [5.0.0-9.el7] - qemu: remove cpuhostmask and cpuguestmask from virCaps structure (Wim ten Have) [Orabug: 29956508] [5.0.0-8.el7] - api: disallow virDomainSaveImageGetXMLDesc on read-only connections (J&aacute n Tomko) [Orabug: 29955742] {CVE-2019-10161} - domain: Define explicit flags for saved image xml (Eric Blake) [Orabug: 29955742] - api: disallow virDomainManagedSaveDefineXML on read-only connections (J&aacute n Tomko) [Orabug: 29955742] {CVE-2019-10166} - api: disallow virConnectGetDomainCapabilities on read-only connections (J&aacute n Tomko) [Orabug: 29955742] {CVE-2019-10167} - api: disallow virConnect*HypervisorCPU on read-only connections (J&aacute n Tomko) [Orabug: 29955742] {CVE-2019-10168} [5.0.0-7.el7] - cpu_map: Define md-clear CPUID bit (Jiri Denemark) [Orabug: 29874181] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091} [5.0.0-6.el7] - qemu: Driver change adding private lock to auto-tune hugepages (Wim ten Have) [Orabug: 29809943] [5.0.0-5.el7] - qemu: disable setmem change requests for vNUMA targets (Wim ten Have) [Orabug: 29797366] - domain: Disable memballoon memory configuration support for vNUMA guests (Wim ten Have) [Orabug: 29797366] - qemu: Driver change to target for vNUMA setmaxmem change request (Wim ten Have) [Orabug: 29749852] - domain: Add domain memory config support for vNUMA guests (Wim ten Have) [Orabug: 29749852] - logging: restrict sockets to mode 0600 (Daniel P. Berrang&eacute ) [Orabug: 29861433] {CVE-2019-10132} - locking: restrict sockets to mode 0600 (Daniel P. Berrang&eacute ) [Orabug: 29861433] {CVE-2019-10132} - admin: reject clients unless their UID matches the current UID (Daniel P. Berrang&eacute ) [Orabug: 29861433] {CVE-2019-10132}
last seen	2020-06-01
modified	2020-06-02
plugin id	126674
published	2019-07-15
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126674
title	Oracle Linux 7 : libvirt (ELSA-2019-4714) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

NASL family	Amazon Linux Local Security Checks
NASL id	AL2_ALAS-2019-1274.NASL
description	Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091) Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the
last seen	2020-06-01
modified	2020-06-02
plugin id	128288
published	2019-08-28
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128288
title	Amazon Linux 2 : libvirt (ALAS-2019-1274) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-1637-1.NASL
description	This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). CVE-2019-10166: Fixed an issue with virDomainManagedSaveDefineXML which could have been used to alter the domain
last seen	2020-06-01
modified	2020-06-02
plugin id	126165
published	2019-06-24
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126165
title	SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2019:1637-1)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-1643-1.NASL
description	This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). CVE-2019-10166: Fixed an issue with virDomainManagedSaveDefineXML which could have been used to alter the domain
last seen	2020-06-01
modified	2020-06-02
plugin id	126166
published	2019-06-24
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126166
title	SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2019:1643-1)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-1832.NASL
description	Two vulnerabilities were discovered in libvirt, an abstraction API for different underlying virtualisation mechanisms provided by the kernel, etc. - CVE-2019-10161: Prevent an vulnerability where readonly clients could use the API to specify an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause a denial of service or otherwise cause libvirtd to execute arbitrary programs. - CVE-2019-10167: Prevent an arbitrary code execution vulnerability via the API where a user-specified binary used to probe the domain
last seen	2020-06-01
modified	2020-06-02
plugin id	126220
published	2019-06-25
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126220
title	Debian DLA-1832-1 : libvirt security update

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-9210998AAA.NASL
description	- CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (bz #1722463, bz #1720115) - CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients (bz #1722462, bz #1720114) - CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API (bz #1722464, bz #1720117) - CVE-2019-10168: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (bz #1722466, bz #1720118) - CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode [fedora-rawhide - Failed to attache NEW rbd device to guest (bz #1672620) - PCI hostdev interface segfault (bz #1692053) ---- Fix systemd socket permissions (CVE-2019-10132) The virtlockd-admin.socket, virtlogd-admin.sock, virtlockd.socket & virtlogd.socket units must be restarted, if currently running. This can be done with a host reboot or systemctl commands. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	126531
published	2019-07-09
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126531
title	Fedora 29 : libvirt (2019-9210998aaa)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20190620_LIBVIRT_ON_SL6_X.NASL
description	Security Fix(es) : - libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) - libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) - libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) - libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)
last seen	2020-03-18
modified	2019-06-21
plugin id	126090
published	2019-06-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126090
title	Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20190620)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2105-1.NASL
description	This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303). Non-security issue fixed: qemu: Add support for overriding max threads per process limit (bsc#1133719) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	127789
published	2019-08-12
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127789
title	SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:2105-1)

NASL family	NewStart CGSL Local Security Checks
NASL id	NEWSTART_CGSL_NS-SA-2019-0173_LIBVIRT.NASL
description	The remote NewStart CGSL host, running version MAIN 4.06, has libvirt packages installed that are affected by a vulnerability: - It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. (CVE-2019-10161) Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-06-01
modified	2020-06-02
plugin id	128694
published	2019-09-11
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128694
title	NewStart CGSL MAIN 4.06 : libvirt Vulnerability (NS-SA-2019-0173)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20190620_LIBVIRT_ON_SL7_X.NASL
description	Security Fix(es) : - libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) - libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) - libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) - libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168) Bug Fix(es) : - Live migration fail with unsafe error when GPFS is used as shared filesystem
last seen	2020-03-18
modified	2019-06-21
plugin id	126091
published	2019-06-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126091
title	Scientific Linux Security Update : libvirt on SL7.x x86_64 (20190620)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2227-2.NASL
description	This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303). Non-security issues fixed: Fixed an issue with short bitmaps when setting vcpu affinity using the vcpupin (bsc#1138734). Added support for overriding max threads per process limit (bsc#1133719) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128752
published	2019-09-12
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128752
title	SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:2227-2)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-1762.NASL
description	An update for the virt:8.0.0 module is now available for Red Hat Enterprise Linux 8 Advanced Virtualization. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-05-23
modified	2019-07-15
plugin id	126679
published	2019-07-15
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126679
title	RHEL 8 : Virtualization Manager (RHSA-2019:1762)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-1599-1.NASL
description	This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). CVE-2019-10166: Fixed an issue with virDomainManagedSaveDefineXML which could have been used to alter the domain
last seen	2020-06-01
modified	2020-06-02
plugin id	126154
published	2019-06-24
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126154
title	SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2019:1599-1)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2019-1579.NASL
description	An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * Live migration fail with unsafe error when GPFS is used as shared filesystem (BZ#1715867)
last seen	2020-06-01
modified	2020-06-02
plugin id	126076
published	2019-06-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126076
title	CentOS 7 : libvirt (CESA-2019:1579)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-1579.NASL
description	From Red Hat Security Advisory 2019:1579 : An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * Live migration fail with unsafe error when GPFS is used as shared filesystem (BZ#1715867)
last seen	2020-06-01
modified	2020-06-02
plugin id	126141
published	2019-06-24
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126141
title	Oracle Linux 7 : libvirt (ELSA-2019-1579)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2227-1.NASL
description	This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303). Non-security issues fixed: Fixed an issue with short bitmaps when setting vcpu affinity using the vcpupin (bsc#1138734). Added support for overriding max threads per process limit (bsc#1133719) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128312
published	2019-08-29
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128312
title	SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:2227-1)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4469.NASL
description	Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the virDomainSaveImageGetXMLDesc API. Additionally the libvirt
last seen	2020-06-01
modified	2020-06-02
plugin id	126128
published	2019-06-24
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126128
title	Debian DSA-4469-1 : libvirt - security update

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-1580.NASL
description	An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-05-23
modified	2019-06-21
plugin id	126088
published	2019-06-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126088
title	RHEL 8 : virt:rhel (RHSA-2019:1580)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-1699.NASL
description	An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host
last seen	2020-06-01
modified	2020-06-02
plugin id	126559
published	2019-07-09
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126559
title	RHEL 7 : Virtualization Manager (RHSA-2019:1699) (SACK Panic) (SACK Slowness)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2019-1578.NASL
description	An update for libvirt is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	126075
published	2019-06-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126075
title	CentOS 6 : libvirt (CESA-2019:1578)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1774.NASL
description	According to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) - libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) - libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) - libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-03
modified	2019-07-25
plugin id	127011
published	2019-07-25
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127011
title	EulerOS 2.0 SP8 : libvirt (EulerOS-SA-2019-1774)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1957.NASL
description	According to the versions of the libvirt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - It was discovered that libvirtd would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. (CVE-2019-10161) - The virConnectGetDomainCapabilities() libvirt API accepts an
last seen	2020-06-01
modified	2020-06-02
plugin id	128960
published	2019-09-17
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128960
title	EulerOS Virtualization for ARM 64 3.0.2.0 : libvirt (EulerOS-SA-2019-1957)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-1753.NASL
description	This update for libvirt fixes the following issues : Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). - CVE-2019-10166: Fixed an issue with virDomainManagedSaveDefineXML which could have been used to alter the domain
last seen	2020-06-01
modified	2020-06-02
plugin id	126894
published	2019-07-22
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126894
title	openSUSE Security Update : libvirt (openSUSE-2019-1753)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-1579.NASL
description	An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * Live migration fail with unsafe error when GPFS is used as shared filesystem (BZ#1715867)
last seen	2020-06-01
modified	2020-06-02
plugin id	126087
published	2019-06-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126087
title	RHEL 7 : libvirt (RHSA-2019:1579)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-1690-1.NASL
description	This update for libvirt fixes the following issue : Security issue fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	126239
published	2019-06-25
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126239
title	SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:1690-1)

NASL family	Virtuozzo Local Security Checks
NASL id	VIRTUOZZO_VZLSA-2019-1578.NASL
description	An update for libvirt is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es) : * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	126243
published	2019-06-25
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126243
title	Virtuozzo 6 : libvirt / libvirt-client / libvirt-devel / etc (VZLSA-2019-1578)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2020.NASL
description	According to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) - libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) - libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function(CVE-2019-3840) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-09-24
plugin id	129213
published	2019-09-24
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/129213
title	EulerOS 2.0 SP3 : libvirt (EulerOS-SA-2019-2020)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-202003-18.NASL
description	The remote host is affected by the vulnerability described in GLSA-202003-18 (libvirt: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact : A local privileged attacker could execute arbitrary commands, escalate privileges or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
last seen	2020-03-19
modified	2020-03-16
plugin id	134595
published	2020-03-16
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134595
title	GLSA-202003-18 : libvirt: Multiple vulnerabilities

NASL family	NewStart CGSL Local Security Checks
NASL id	NEWSTART_CGSL_NS-SA-2019-0166_LIBVIRT.NASL
description	The remote NewStart CGSL host, running version MAIN 4.05, has libvirt packages installed that are affected by a vulnerability: - It was discovered that libvirtd would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. (CVE-2019-10161) Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-06-01
modified	2020-06-02
plugin id	127452
published	2019-08-12
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127452
title	NewStart CGSL MAIN 4.05 : libvirt Vulnerability (NS-SA-2019-0166)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1796.NASL
description	According to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) - libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) - libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-06
modified	2019-08-23
plugin id	128088
published	2019-08-23
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128088
title	EulerOS 2.0 SP5 : libvirt (EulerOS-SA-2019-1796)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-B2DFB13DAF.NASL
description	- CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (bz #1722463, bz #1720115) - CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients (bz #1722462, bz #1720114) - CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API (bz #1722464, bz #1720117) - CVE-2019-10168: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (bz #1722466, bz #1720118) - CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode [fedora-rawhide - Cannot start VM with a CBR 2.0 TPM device (bz #1712556) - libvirtd does not update VM .xml configurations after virsh snapshot/blockcommit (bz #1722348) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	126532
published	2019-07-09
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/126532
title	Fedora 30 : libvirt (2019-b2dfb13daf)

Redhat

advisories

bugzilla

id	1720115
title	CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND

comment libvirt-lock-sanlock is earlier than 0:0.10.2-64.el6_10.2
oval oval:com.redhat.rhsa:tst:20191578001
comment libvirt-lock-sanlock is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20131581002

AND

comment libvirt-python is earlier than 0:0.10.2-64.el6_10.2
oval oval:com.redhat.rhsa:tst:20191578003
comment libvirt-python is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20131581006

AND

comment libvirt-client is earlier than 0:0.10.2-64.el6_10.2
oval oval:com.redhat.rhsa:tst:20191578005
comment libvirt-client is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20131581008

AND

comment libvirt-devel is earlier than 0:0.10.2-64.el6_10.2
oval oval:com.redhat.rhsa:tst:20191578007
comment libvirt-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20131581004

AND
comment libvirt is earlier than 0:0.10.2-64.el6_10.2
oval oval:com.redhat.rhsa:tst:20191578009
comment libvirt is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20131581010

rhsa

id	RHSA-2019:1578
released	2019-06-20
severity	Moderate
title	RHSA-2019:1578: libvirt security update (Moderate)

rpms

libvirt-0:0.10.2-64.el6_10.2
libvirt-client-0:0.10.2-64.el6_10.2
libvirt-debuginfo-0:0.10.2-64.el6_10.2
libvirt-devel-0:0.10.2-64.el6_10.2
libvirt-lock-sanlock-0:0.10.2-64.el6_10.2
libvirt-python-0:0.10.2-64.el6_10.2
libvirt-0:4.5.0-10.el7_6.12
libvirt-admin-0:4.5.0-10.el7_6.12
libvirt-bash-completion-0:4.5.0-10.el7_6.12
libvirt-client-0:4.5.0-10.el7_6.12
libvirt-daemon-0:4.5.0-10.el7_6.12
libvirt-daemon-config-network-0:4.5.0-10.el7_6.12
libvirt-daemon-config-nwfilter-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-interface-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-lxc-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-network-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-nodedev-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-nwfilter-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-qemu-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-secret-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-storage-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-storage-core-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-storage-disk-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-storage-gluster-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-storage-iscsi-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-storage-logical-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-storage-mpath-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-storage-rbd-0:4.5.0-10.el7_6.12
libvirt-daemon-driver-storage-scsi-0:4.5.0-10.el7_6.12
libvirt-daemon-kvm-0:4.5.0-10.el7_6.12
libvirt-daemon-lxc-0:4.5.0-10.el7_6.12
libvirt-debuginfo-0:4.5.0-10.el7_6.12
libvirt-devel-0:4.5.0-10.el7_6.12
libvirt-docs-0:4.5.0-10.el7_6.12
libvirt-libs-0:4.5.0-10.el7_6.12
libvirt-lock-sanlock-0:4.5.0-10.el7_6.12
libvirt-login-shell-0:4.5.0-10.el7_6.12
libvirt-nss-0:4.5.0-10.el7_6.12
SLOF-0:20171214-5.gitfa98132.module+el8.0.0.z+3418+a72cf898
hivex-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
hivex-debuginfo-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
hivex-debugsource-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
hivex-devel-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
libguestfs-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-bash-completion-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-benchmarking-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-benchmarking-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-debugsource-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-devel-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-gfs2-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-gobject-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-gobject-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-gobject-devel-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-inspect-icons-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-java-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-java-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-java-devel-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-javadoc-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-man-pages-ja-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-man-pages-uk-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-rescue-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-rsync-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-tools-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-tools-c-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-tools-c-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libguestfs-winsupport-0:8.0-2.module+el8.0.0.z+3418+a72cf898
libguestfs-xfs-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
libiscsi-0:1.18.0-6.module+el8.0.0.z+3418+a72cf898
libiscsi-debuginfo-0:1.18.0-6.module+el8.0.0.z+3418+a72cf898
libiscsi-debugsource-0:1.18.0-6.module+el8.0.0.z+3418+a72cf898
libiscsi-devel-0:1.18.0-6.module+el8.0.0.z+3418+a72cf898
libiscsi-utils-0:1.18.0-6.module+el8.0.0.z+3418+a72cf898
libiscsi-utils-debuginfo-0:1.18.0-6.module+el8.0.0.z+3418+a72cf898
libssh2-0:1.8.0-7.module+el8.0.0.z+3418+a72cf898.1
libssh2-debuginfo-0:1.8.0-7.module+el8.0.0.z+3418+a72cf898.1
libssh2-debugsource-0:1.8.0-7.module+el8.0.0.z+3418+a72cf898.1
libvirt-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-admin-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-admin-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-bash-completion-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-client-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-client-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-config-network-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-config-nwfilter-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-interface-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-interface-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-network-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-network-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-nodedev-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-nodedev-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-nwfilter-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-nwfilter-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-qemu-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-qemu-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-secret-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-secret-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-core-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-core-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-disk-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-disk-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-gluster-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-gluster-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-iscsi-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-iscsi-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-logical-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-logical-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-mpath-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-mpath-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-rbd-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-rbd-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-scsi-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-driver-storage-scsi-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-daemon-kvm-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-dbus-0:1.2.0-2.module+el8.0.0.z+3418+a72cf898
libvirt-dbus-debuginfo-0:1.2.0-2.module+el8.0.0.z+3418+a72cf898
libvirt-dbus-debugsource-0:1.2.0-2.module+el8.0.0.z+3418+a72cf898
libvirt-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-debugsource-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-devel-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-docs-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-libs-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-libs-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-lock-sanlock-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-lock-sanlock-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-nss-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-nss-debuginfo-0:4.5.0-23.3.module+el8.0.0.z+3418+a72cf898
libvirt-python-debugsource-0:4.5.0-1.module+el8.0.0.z+3418+a72cf898
lua-guestfs-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
lua-guestfs-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
nbdkit-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-bash-completion-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-basic-plugins-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-basic-plugins-debuginfo-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-debuginfo-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-debugsource-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-devel-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-example-plugins-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-example-plugins-debuginfo-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-plugin-gzip-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-plugin-gzip-debuginfo-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-plugin-python-common-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-plugin-python3-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-plugin-python3-debuginfo-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-plugin-vddk-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-plugin-vddk-debuginfo-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-plugin-xz-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
nbdkit-plugin-xz-debuginfo-0:1.4.2-4.module+el8.0.0.z+3418+a72cf898
netcf-0:0.2.8-10.module+el8.0.0.z+3418+a72cf898
netcf-debuginfo-0:0.2.8-10.module+el8.0.0.z+3418+a72cf898
netcf-debugsource-0:0.2.8-10.module+el8.0.0.z+3418+a72cf898
netcf-devel-0:0.2.8-10.module+el8.0.0.z+3418+a72cf898
netcf-libs-0:0.2.8-10.module+el8.0.0.z+3418+a72cf898
netcf-libs-debuginfo-0:0.2.8-10.module+el8.0.0.z+3418+a72cf898
perl-Sys-Guestfs-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
perl-Sys-Guestfs-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
perl-Sys-Virt-0:4.5.0-4.module+el8.0.0.z+3418+a72cf898
perl-Sys-Virt-debuginfo-0:4.5.0-4.module+el8.0.0.z+3418+a72cf898
perl-Sys-Virt-debugsource-0:4.5.0-4.module+el8.0.0.z+3418+a72cf898
perl-hivex-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
perl-hivex-debuginfo-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
python3-hivex-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
python3-hivex-debuginfo-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
python3-libguestfs-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
python3-libguestfs-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
python3-libvirt-0:4.5.0-1.module+el8.0.0.z+3418+a72cf898
python3-libvirt-debuginfo-0:4.5.0-1.module+el8.0.0.z+3418+a72cf898
qemu-guest-agent-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-guest-agent-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-img-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-img-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-curl-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-curl-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-gluster-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-gluster-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-iscsi-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-iscsi-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-rbd-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-rbd-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-ssh-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-block-ssh-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-common-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-common-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-core-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-core-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-debuginfo-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
qemu-kvm-debugsource-15:2.12.0-64.module+el8.0.0.z+3418+a72cf898.2
ruby-hivex-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
ruby-hivex-debuginfo-0:1.3.15-6.module+el8.0.0.z+3418+a72cf898
ruby-libguestfs-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
ruby-libguestfs-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
seabios-0:1.11.1-3.module+el8.0.0.z+3418+a72cf898
seabios-bin-0:1.11.1-3.module+el8.0.0.z+3418+a72cf898
seavgabios-bin-0:1.11.1-3.module+el8.0.0.z+3418+a72cf898
sgabios-1:0.20170427git-2.module+el8.0.0.z+3418+a72cf898
sgabios-bin-1:0.20170427git-2.module+el8.0.0.z+3418+a72cf898
supermin-0:5.1.19-8.module+el8.0.0.z+3418+a72cf898
supermin-debuginfo-0:5.1.19-8.module+el8.0.0.z+3418+a72cf898
supermin-debugsource-0:5.1.19-8.module+el8.0.0.z+3418+a72cf898
supermin-devel-0:5.1.19-8.module+el8.0.0.z+3418+a72cf898
virt-dib-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
virt-dib-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
virt-p2v-maker-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
virt-v2v-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
virt-v2v-debuginfo-1:1.38.4-10.1.module+el8.0.0.z+3418+a72cf898
redhat-release-virtualization-host-0:4.3.4-1.el7ev
redhat-virtualization-host-image-update-0:4.3.4-20190620.3.el7_6
redhat-virtualization-host-image-update-placeholder-0:4.3.4-1.el7ev
SLOF-0:20180702-3.git9b7ab2f.module+el8.0.0.z+3438+2851622e
hivex-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
hivex-debuginfo-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
hivex-debugsource-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
hivex-devel-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
libguestfs-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-bash-completion-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-benchmarking-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-benchmarking-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-debugsource-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-devel-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-gfs2-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-gobject-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-gobject-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-gobject-devel-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-inspect-icons-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-java-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-java-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-java-devel-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-javadoc-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-man-pages-ja-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-man-pages-uk-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-rescue-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-rsync-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-tools-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-tools-c-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-tools-c-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libguestfs-winsupport-0:8.0-2.module+el8.0.0.z+3438+2851622e
libguestfs-xfs-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
libiscsi-0:1.18.0-6.module+el8.0.0.z+3438+2851622e
libiscsi-debuginfo-0:1.18.0-6.module+el8.0.0.z+3438+2851622e
libiscsi-debugsource-0:1.18.0-6.module+el8.0.0.z+3438+2851622e
libiscsi-devel-0:1.18.0-6.module+el8.0.0.z+3438+2851622e
libiscsi-utils-0:1.18.0-6.module+el8.0.0.z+3438+2851622e
libiscsi-utils-debuginfo-0:1.18.0-6.module+el8.0.0.z+3438+2851622e
libssh2-0:1.8.0-7.module+el8.0.0.z+3438+2851622e.1
libssh2-debuginfo-0:1.8.0-7.module+el8.0.0.z+3438+2851622e.1
libssh2-debugsource-0:1.8.0-7.module+el8.0.0.z+3438+2851622e.1
libvirt-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-admin-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-admin-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-bash-completion-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-client-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-client-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-config-network-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-config-nwfilter-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-interface-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-interface-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-network-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-network-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-nodedev-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-nodedev-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-nwfilter-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-nwfilter-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-qemu-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-qemu-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-secret-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-secret-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-core-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-core-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-disk-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-disk-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-gluster-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-gluster-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-iscsi-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-iscsi-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-iscsi-direct-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-iscsi-direct-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-logical-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-logical-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-mpath-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-mpath-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-rbd-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-rbd-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-scsi-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-driver-storage-scsi-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-daemon-kvm-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-dbus-0:1.3.0-1.module+el8.0.0.z+3438+2851622e
libvirt-dbus-debuginfo-0:1.3.0-1.module+el8.0.0.z+3438+2851622e
libvirt-dbus-debugsource-0:1.3.0-1.module+el8.0.0.z+3438+2851622e
libvirt-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-debugsource-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-devel-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-docs-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-libs-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-libs-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-lock-sanlock-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-lock-sanlock-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-nss-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-nss-debuginfo-0:5.0.0-7.2.module+el8.0.0.z+3438+2851622e
libvirt-python-debugsource-0:5.0.0-3.module+el8.0.0.z+3438+2851622e
lua-guestfs-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
lua-guestfs-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
nbdkit-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-bash-completion-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-basic-plugins-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-basic-plugins-debuginfo-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-debuginfo-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-debugsource-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-devel-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-example-plugins-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-example-plugins-debuginfo-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-plugin-gzip-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-plugin-gzip-debuginfo-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-plugin-python-common-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-plugin-python3-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-plugin-python3-debuginfo-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-plugin-vddk-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-plugin-vddk-debuginfo-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-plugin-xz-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
nbdkit-plugin-xz-debuginfo-0:1.4.2-4.module+el8.0.0.z+3438+2851622e
netcf-0:0.2.8-10.module+el8.0.0.z+3438+2851622e
netcf-debuginfo-0:0.2.8-10.module+el8.0.0.z+3438+2851622e
netcf-debugsource-0:0.2.8-10.module+el8.0.0.z+3438+2851622e
netcf-devel-0:0.2.8-10.module+el8.0.0.z+3438+2851622e
netcf-libs-0:0.2.8-10.module+el8.0.0.z+3438+2851622e
netcf-libs-debuginfo-0:0.2.8-10.module+el8.0.0.z+3438+2851622e
perl-Sys-Guestfs-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
perl-Sys-Guestfs-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
perl-Sys-Virt-0:5.0.0-1.module+el8.0.0.z+3438+2851622e
perl-Sys-Virt-debuginfo-0:5.0.0-1.module+el8.0.0.z+3438+2851622e
perl-Sys-Virt-debugsource-0:5.0.0-1.module+el8.0.0.z+3438+2851622e
perl-hivex-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
perl-hivex-debuginfo-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
python3-hivex-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
python3-hivex-debuginfo-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
python3-libguestfs-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
python3-libguestfs-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
python3-libvirt-0:5.0.0-3.module+el8.0.0.z+3438+2851622e
python3-libvirt-debuginfo-0:5.0.0-3.module+el8.0.0.z+3438+2851622e
qemu-guest-agent-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-guest-agent-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-img-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-img-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-curl-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-curl-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-gluster-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-gluster-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-iscsi-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-iscsi-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-rbd-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-rbd-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-ssh-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-block-ssh-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-common-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-common-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-core-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-core-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-debuginfo-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
qemu-kvm-debugsource-15:3.1.0-20.module+el8.0.0.z+3438+2851622e.1
ruby-hivex-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
ruby-hivex-debuginfo-0:1.3.15-6.module+el8.0.0.z+3438+2851622e
ruby-libguestfs-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
ruby-libguestfs-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
seabios-0:1.12.0-1.module+el8.0.0.z+3438+2851622e
seabios-bin-0:1.12.0-1.module+el8.0.0.z+3438+2851622e
seavgabios-bin-0:1.12.0-1.module+el8.0.0.z+3438+2851622e
sgabios-1:0.20170427git-2.module+el8.0.0.z+3438+2851622e
sgabios-bin-1:0.20170427git-2.module+el8.0.0.z+3438+2851622e
supermin-0:5.1.19-8.module+el8.0.0.z+3438+2851622e
supermin-debuginfo-0:5.1.19-8.module+el8.0.0.z+3438+2851622e
supermin-debugsource-0:5.1.19-8.module+el8.0.0.z+3438+2851622e
supermin-devel-0:5.1.19-8.module+el8.0.0.z+3438+2851622e
virt-dib-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
virt-dib-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
virt-p2v-maker-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
virt-v2v-1:1.40.2-1.module+el8.0.0.z+3438+2851622e
virt-v2v-debuginfo-1:1.40.2-1.module+el8.0.0.z+3438+2851622e

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Redhat

References