Vulnerabilities > CVE-2019-3886

047910
CVSS 5.4 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
LOW
low complexity
redhat
opensuse
fedoraproject
nessus
NVD
Published: 2019-04-04
Updated: 2024-11-21

Summary

An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.

Vulnerable Configurations

Part Description Count
Application
Redhat
19
OS
Opensuse
1
OS
Fedoraproject
2

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1438-1.NASL
    descriptionThis update for libvirt fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the libvirt adjustments, that pass through the new
    last seen2020-06-01
    modified2020-06-02
    plugin id125763
    published2019-06-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125763
    titleSUSE SLES12 Security Update : libvirt (SUSE-SU-2019:1438-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:1438-1.
# The text itself is copyright (C) SUSE.
#

include("compat.inc");

if (description)
{
  script_id(125763);
  script_version("1.3");
  script_cvs_date("Date: 2020/01/10");

  script_cve_id("CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2019-11091", "CVE-2019-3886");

  script_name(english:"SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:1438-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for libvirt fixes the following issues :

Four new speculative execution information leak issues have been
identified in Intel CPUs. (bsc#1111331)

CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)

CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)

CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS)

CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory
(MDSUM)

These updates contain the libvirt adjustments, that pass through the
new 'md-clear' CPU flag (bsc#1135273).

For more information on this set of vulnerabilities, check out
https://www.suse.com/support/kb/doc/?id=7023736

Other security issues fixed: CVE-2019-3886: Fixed an information leak
which allowed to retrieve the guest hostname under readonly mode
(bsc#1131595).

qemu: Add support for using AES secret for SCSI hotplug

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1111331"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1131595"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1135273"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-12126/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-12127/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-12130/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-11091/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-3886/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/support/kb/doc/?id=7023736"
  );
  # https://www.suse.com/support/update/announcement/2019/suse-su-20191438-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?75d74e5e"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE OpenStack Cloud 7:zypper in -t patch
SUSE-OpenStack-Cloud-7-2019-1438=1

SUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch
SUSE-SLE-SAP-12-SP2-2019-1438=1

SUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-2019-1438=1

SUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-BCL-2019-1438=1

SUSE Enterprise Storage 4:zypper in -t patch
SUSE-Storage-4-2019-1438=1"
  );
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3886");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-nss");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/06/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/07");
  script_set_attribute(attribute:"in_the_news", value:"true");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-xen-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-client-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-client-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-config-network-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-config-nwfilter-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-interface-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-interface-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-lxc-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-network-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-network-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-nodedev-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-nwfilter-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-qemu-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-secret-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-secret-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-hooks-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-lxc-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-qemu-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-daemon-xen-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-debugsource-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-doc-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-lock-sanlock-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-lock-sanlock-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-nss-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libvirt-nss-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-client-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-client-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-config-network-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-config-nwfilter-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-interface-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-interface-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-lxc-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-lxc-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-network-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-network-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-nodedev-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-nodedev-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-nwfilter-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-nwfilter-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-qemu-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-qemu-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-secret-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-secret-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-storage-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-driver-storage-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-hooks-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-lxc-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-daemon-qemu-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-debugsource-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-doc-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-lock-sanlock-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-lock-sanlock-debuginfo-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-nss-2.0.0-27.54.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"libvirt-nss-debuginfo-2.0.0-27.54.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt");
}
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-9210998AAA.NASL
    description - CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (bz #1722463, bz #1720115) - CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients (bz #1722462, bz #1720114) - CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API (bz #1722464, bz #1720117) - CVE-2019-10168: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (bz #1722466, bz #1720118) - CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode [fedora-rawhide - Failed to attache NEW rbd device to guest (bz #1672620) - PCI hostdev interface segfault (bz #1692053) ---- Fix systemd socket permissions (CVE-2019-10132) The virtlockd-admin.socket, virtlogd-admin.sock, virtlockd.socket & virtlogd.socket units must be restarted, if currently running. This can be done with a host reboot or systemctl commands. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126531
    published2019-07-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126531
    titleFedora 29 : libvirt (2019-9210998aaa)
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory FEDORA-2019-9210998aaa.
#

include("compat.inc");

if (description)
{
  script_id(126531);
  script_version("1.4");
  script_cvs_date("Date: 2020/01/08");

  script_cve_id("CVE-2019-10132", "CVE-2019-10161", "CVE-2019-10166", "CVE-2019-10167", "CVE-2019-10168", "CVE-2019-3886");
  script_xref(name:"FEDORA", value:"2019-9210998aaa");

  script_name(english:"Fedora 29 : libvirt (2019-9210998aaa)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - CVE-2019-10161: arbitrary file read/exec via
    virDomainSaveImageGetXMLDesc API (bz #1722463, bz
    #1720115)

  - CVE-2019-10166: virDomainManagedSaveDefineXML API
    exposed to readonly clients (bz #1722462, bz #1720114)

  - CVE-2019-10167: arbitrary command execution via
    virConnectGetDomainCapabilities API (bz #1722464, bz
    #1720117)

  - CVE-2019-10168: arbitrary command execution via
    virConnectBaselineHypervisorCPU and
    virConnectCompareHypervisorCPU APIs (bz #1722466, bz
    #1720118)

  - CVE-2019-3886: virsh domhostname command discloses guest
    hostname in readonly mode [fedora-rawhide

  - Failed to attache NEW rbd device to guest (bz #1672620)

  - PCI hostdev interface segfault (bz #1692053)

----

Fix systemd socket permissions (CVE-2019-10132) The
virtlockd-admin.socket, virtlogd-admin.sock, virtlockd.socket &
virtlogd.socket units must be restarted, if currently running. This
can be done with a host reboot or systemctl commands.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-9210998aaa"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected libvirt package."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-10161");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libvirt");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/07/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/09");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);


flag = 0;
if (rpm_check(release:"FC29", reference:"libvirt-4.7.0-5.fc29")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt");
}
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1285-1.NASL
    descriptionThis update for libvirt fixes the following issues : Security issue fixed : CVE-2019-3886: Fixed an information leak which allowed to retrieve the guest hostname under readonly mode (bsc#1131595). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125280
    published2019-05-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125280
    titleSUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2019:1285-1)
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:1285-1.
# The text itself is copyright (C) SUSE.
#

include("compat.inc");

if (description)
{
  script_id(125280);
  script_version("1.3");
  script_cvs_date("Date: 2020/01/15");

  script_cve_id("CVE-2019-3886");

  script_name(english:"SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2019:1285-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for libvirt fixes the following issues :

Security issue fixed :

CVE-2019-3886: Fixed an information leak which allowed to retrieve the
guest hostname under readonly mode (bsc#1131595).

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1131595"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-3886/"
  );
  # https://www.suse.com/support/update/announcement/2019/suse-su-20191285-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?cbb8c950"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Module for Server Applications 15:zypper in -t
patch SUSE-SLE-Module-Server-Applications-15-2019-1285=1

SUSE Linux Enterprise Module for Open Buildservice Development Tools
15:zypper in -t patch
SUSE-SLE-Module-Development-Tools-OBS-15-2019-1285=1

SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch
SUSE-SLE-Module-Basesystem-15-2019-1285=1"
  );
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-admin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-admin-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-libs-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-nss");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libvirt-nss-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-plugin-libvirt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-plugin-libvirt-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/20");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp);
if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-rbd-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libvirt-daemon-driver-storage-rbd-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libvirt-daemon-driver-libxl-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libvirt-daemon-xen-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-admin-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-admin-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-client-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-client-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-config-network-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-config-nwfilter-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-interface-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-interface-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-lxc-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-lxc-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-network-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-network-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-nodedev-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-nodedev-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-nwfilter-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-nwfilter-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-qemu-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-qemu-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-secret-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-secret-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-core-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-core-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-disk-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-disk-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-iscsi-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-iscsi-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-logical-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-logical-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-mpath-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-mpath-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-scsi-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-driver-storage-scsi-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-hooks-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-lxc-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-daemon-qemu-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-debugsource-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-devel-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-doc-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-lock-sanlock-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-lock-sanlock-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-nss-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-nss-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-debugsource-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"wireshark-plugin-libvirt-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"wireshark-plugin-libvirt-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-debugsource-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-libs-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libvirt-libs-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libvirt-debugsource-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"wireshark-plugin-libvirt-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"wireshark-plugin-libvirt-debuginfo-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libvirt-debugsource-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libvirt-libs-4.0.0-9.19.4")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libvirt-libs-debuginfo-4.0.0-9.19.4")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt");
}
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1634.NASL
    descriptionAccording to the version of the libvirt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.(CVE-2019-3886) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125586
    published2019-05-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125586
    titleEulerOS Virtualization for ARM 64 3.0.2.0 : libvirt (EulerOS-SA-2019-1634)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1294.NASL
    descriptionThis update for libvirt fixes the following issues : Security issues fixed : - CVE-2019-3840: Fixed a NULL pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent (bsc#1127458). - CVE-2019-3886: Fixed an information leak which allowed to retrieve the guest hostname under readonly mode (bsc#1131595). Other issue addressed : - cpu: add Skylake-Server and Skylake-Server-IBRS CPU models (FATE#327261, bsc#1131955) - libxl: save current memory value after successful balloon (bsc#1120813). - libxl: support Xen
    last seen2020-06-01
    modified2020-06-02
    plugin id124402
    published2019-04-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124402
    titleopenSUSE Security Update : libvirt (openSUSE-2019-1294)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0948-1.NASL
    descriptionThis update for libvirt fixes the following issues : Security issue fixed : CVE-2019-3840: Fixed a NULL pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent (bsc#1127458). CVE-2019-3886: Fixed an information leak which allowed to retrieve the guest hostname under readonly mode (bsc#1131595). Other issues addressed: libxl: support Xen
    last seen2020-06-01
    modified2020-06-02
    plugin id124082
    published2019-04-16
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124082
    titleSUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2019:0948-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2468.NASL
    descriptionAccording to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/docu ments/corporate-information/SA00233-microcode-update-gu idance_05132019.pdf(CVE-2018-12126) - Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/docu ments/corporate-information/SA00233-microcode-update-gu idance_05132019.pdf(CVE-2019-11091) - Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/docu ments/corporate-information/SA00233-microcode-update-gu idance_05132019.pdf(CVE-2018-12130) - Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/docu ments/corporate-information/SA00233-microcode-update-gu idance_05132019.pdf(CVE-2018-12127) - An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.(CVE-2019-3886) - libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.(CVE-2018-1064) - qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.(CVE-2018-5748) - Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.(CVE-2018-3639) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-12-04
    plugin id131621
    published2019-12-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131621
    titleEulerOS 2.0 SP2 : libvirt (EulerOS-SA-2019-2468)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1610.NASL
    descriptionAccording to the version of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.(CVE-2019-3886) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125562
    published2019-05-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125562
    titleEulerOS Virtualization 3.0.1.0 : libvirt (EulerOS-SA-2019-1610)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4021-1.NASL
    descriptionDaniel P. Berrange discovered that libvirt incorrectly handled socket permissions. A local attacker could possibly use this issue to access libvirt. (CVE-2019-10132) It was discovered that libvirt incorrectly performed certain permission checks. A remote attacker could possibly use this issue to access the guest agent and cause a denial of service. This issue only affected Ubuntu 19.04. (CVE-2019-3886). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126066
    published2019-06-20
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126066
    titleUbuntu 18.10 / 19.04 : libvirt vulnerabilities (USN-4021-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1042-1.NASL
    descriptionThis update for libvirt fixes the following issues : Security issues fixed : CVE-2019-3840: Fixed a NULL pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent (bsc#1127458). CVE-2019-3886: Fixed an information leak which allowed to retrieve the guest hostname under readonly mode (bsc#1131595). Other issue addressed: cpu: add Skylake-Server and Skylake-Server-IBRS CPU models (FATE#327261, bsc#1131955) libxl: save current memory value after successful balloon (bsc#1120813). libxl: support Xen
    last seen2020-06-01
    modified2020-06-02
    plugin id124361
    published2019-04-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124361
    titleSUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2019:1042-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-B2DFB13DAF.NASL
    description - CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (bz #1722463, bz #1720115) - CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients (bz #1722462, bz #1720114) - CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API (bz #1722464, bz #1720117) - CVE-2019-10168: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (bz #1722466, bz #1720118) - CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode [fedora-rawhide - Cannot start VM with a CBR 2.0 TPM device (bz #1712556) - libvirtd does not update VM .xml configurations after virsh snapshot/blockcommit (bz #1722348) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126532
    published2019-07-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126532
    titleFedora 30 : libvirt (2019-b2dfb13daf)

Redhat

advisories
rhsa
idRHBA-2019:3723
rpms
  • SLOF-0:20190703-1.gitba1ab360.module+el8.1.0+3730+7d905127
  • hivex-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • hivex-debuginfo-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • hivex-debugsource-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • hivex-devel-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • libguestfs-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-bash-completion-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-benchmarking-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-benchmarking-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-debugsource-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-devel-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-gfs2-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-gobject-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-gobject-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-gobject-devel-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-inspect-icons-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-java-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-java-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-java-devel-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-javadoc-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-man-pages-ja-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-man-pages-uk-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-rescue-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-rsync-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-tools-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-tools-c-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-tools-c-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libguestfs-winsupport-0:8.0-4.module+el8.1.0+3554+1a3a94a6
  • libguestfs-xfs-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • libiscsi-0:1.18.0-8.module+el8.1.0+3554+1a3a94a6
  • libiscsi-debuginfo-0:1.18.0-8.module+el8.1.0+3554+1a3a94a6
  • libiscsi-debugsource-0:1.18.0-8.module+el8.1.0+3554+1a3a94a6
  • libiscsi-devel-0:1.18.0-8.module+el8.1.0+3554+1a3a94a6
  • libiscsi-utils-0:1.18.0-8.module+el8.1.0+3554+1a3a94a6
  • libiscsi-utils-debuginfo-0:1.18.0-8.module+el8.1.0+3554+1a3a94a6
  • libtpms-0:0.6.1-0.20190121git9dc915572b.module+el8.1.0+3523+b348b848.2
  • libtpms-debuginfo-0:0.6.1-0.20190121git9dc915572b.module+el8.1.0+3523+b348b848.2
  • libtpms-debugsource-0:0.6.1-0.20190121git9dc915572b.module+el8.1.0+3523+b348b848.2
  • libtpms-devel-0:0.6.1-0.20190121git9dc915572b.module+el8.1.0+3523+b348b848.2
  • libvirt-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-admin-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-admin-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-bash-completion-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-client-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-client-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-config-network-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-config-nwfilter-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-interface-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-interface-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-network-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-network-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-nodedev-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-nodedev-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-nwfilter-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-nwfilter-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-qemu-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-qemu-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-secret-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-secret-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-core-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-core-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-disk-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-disk-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-gluster-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-gluster-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-iscsi-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-iscsi-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-iscsi-direct-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-iscsi-direct-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-logical-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-logical-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-mpath-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-mpath-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-rbd-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-rbd-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-scsi-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-driver-storage-scsi-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-daemon-kvm-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-dbus-0:1.3.0-2.module+el8.1.0+3554+1a3a94a6
  • libvirt-dbus-debuginfo-0:1.3.0-2.module+el8.1.0+3554+1a3a94a6
  • libvirt-dbus-debugsource-0:1.3.0-2.module+el8.1.0+3554+1a3a94a6
  • libvirt-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-debugsource-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-devel-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-docs-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-libs-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-libs-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-lock-sanlock-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-lock-sanlock-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-nss-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-nss-debuginfo-0:5.6.0-6.module+el8.1.0+4244+9aa4e6bb
  • libvirt-python-debugsource-0:5.6.0-2.module+el8.1.0+4286+bc7b622c
  • lua-guestfs-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • lua-guestfs-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • nbdkit-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-bash-completion-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-basic-filters-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-basic-filters-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-basic-plugins-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-basic-plugins-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-curl-plugin-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-curl-plugin-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-debugsource-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-devel-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-example-plugins-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-example-plugins-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-gzip-plugin-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-gzip-plugin-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-linuxdisk-plugin-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-linuxdisk-plugin-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-python-plugin-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-python-plugin-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-server-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-server-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-ssh-plugin-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-ssh-plugin-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-vddk-plugin-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-vddk-plugin-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-xz-filter-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • nbdkit-xz-filter-debuginfo-0:1.12.5-1.module+el8.1.0+3868+35f94834
  • netcf-0:0.2.8-12.module+el8.1.0+3921+a49f7d7b
  • netcf-debuginfo-0:0.2.8-12.module+el8.1.0+3921+a49f7d7b
  • netcf-debugsource-0:0.2.8-12.module+el8.1.0+3921+a49f7d7b
  • netcf-devel-0:0.2.8-12.module+el8.1.0+3921+a49f7d7b
  • netcf-libs-0:0.2.8-12.module+el8.1.0+3921+a49f7d7b
  • netcf-libs-debuginfo-0:0.2.8-12.module+el8.1.0+3921+a49f7d7b
  • ocaml-hivex-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • ocaml-hivex-debuginfo-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • ocaml-hivex-devel-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • ocaml-libguestfs-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • ocaml-libguestfs-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • ocaml-libguestfs-devel-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • perl-Sys-Guestfs-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • perl-Sys-Guestfs-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • perl-Sys-Virt-0:5.6.0-2.module+el8.1.0+4140+e3893fe6
  • perl-Sys-Virt-debuginfo-0:5.6.0-2.module+el8.1.0+4140+e3893fe6
  • perl-Sys-Virt-debugsource-0:5.6.0-2.module+el8.1.0+4140+e3893fe6
  • perl-hivex-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • perl-hivex-debuginfo-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • python3-hivex-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • python3-hivex-debuginfo-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • python3-libguestfs-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • python3-libguestfs-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • python3-libvirt-0:5.6.0-2.module+el8.1.0+4286+bc7b622c
  • python3-libvirt-debuginfo-0:5.6.0-2.module+el8.1.0+4286+bc7b622c
  • qemu-guest-agent-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-guest-agent-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-img-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-img-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-curl-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-curl-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-gluster-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-gluster-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-iscsi-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-iscsi-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-rbd-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-rbd-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-ssh-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-block-ssh-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-common-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-common-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-core-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-core-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-debugsource-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-tests-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • qemu-kvm-tests-debuginfo-15:4.1.0-13.module+el8.1.0+4313+ef76ec61
  • ruby-hivex-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • ruby-hivex-debuginfo-0:1.3.15-7.module+el8.1.0+3554+1a3a94a6
  • ruby-libguestfs-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • ruby-libguestfs-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • seabios-0:1.12.0-5.module+el8.1.0+4022+29a53beb
  • seabios-bin-0:1.12.0-5.module+el8.1.0+4022+29a53beb
  • seavgabios-bin-0:1.12.0-5.module+el8.1.0+4022+29a53beb
  • sgabios-1:0.20170427git-3.module+el8.1.0+3554+1a3a94a6
  • sgabios-bin-1:0.20170427git-3.module+el8.1.0+3554+1a3a94a6
  • supermin-0:5.1.19-10.module+el8.1.0+4076+b5e41ebc
  • supermin-debuginfo-0:5.1.19-10.module+el8.1.0+4076+b5e41ebc
  • supermin-debugsource-0:5.1.19-10.module+el8.1.0+4076+b5e41ebc
  • supermin-devel-0:5.1.19-10.module+el8.1.0+4076+b5e41ebc
  • swtpm-0:0.1.0-1.20190425gitca85606.module+el8.1.0+3966+4a23dca1.1
  • swtpm-debuginfo-0:0.1.0-1.20190425gitca85606.module+el8.1.0+3966+4a23dca1.1
  • swtpm-debugsource-0:0.1.0-1.20190425gitca85606.module+el8.1.0+3966+4a23dca1.1
  • swtpm-devel-0:0.1.0-1.20190425gitca85606.module+el8.1.0+3966+4a23dca1.1
  • swtpm-libs-0:0.1.0-1.20190425gitca85606.module+el8.1.0+3966+4a23dca1.1
  • swtpm-libs-debuginfo-0:0.1.0-1.20190425gitca85606.module+el8.1.0+3966+4a23dca1.1
  • swtpm-tools-0:0.1.0-1.20190425gitca85606.module+el8.1.0+3966+4a23dca1.1
  • swtpm-tools-debuginfo-0:0.1.0-1.20190425gitca85606.module+el8.1.0+3966+4a23dca1.1
  • virglrenderer-0:0.6.0-5.20180814git491d3b705.module+el8.1.0+3523+b348b848
  • virglrenderer-devel-0:0.6.0-5.20180814git491d3b705.module+el8.1.0+3523+b348b848
  • virglrenderer-test-server-0:0.6.0-5.20180814git491d3b705.module+el8.1.0+3523+b348b848
  • virt-dib-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • virt-dib-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • virt-p2v-maker-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • virt-v2v-1:1.40.2-14.module+el8.1.0+4230+0b6e3259
  • virt-v2v-debuginfo-1:1.40.2-14.module+el8.1.0+4230+0b6e3259

References