Vulnerabilities > CVE-2020-1711 - Out-of-bounds Write vulnerability in multiple products
Attack vector
NETWORK Attack complexity
HIGH Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
LOW Summary
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 56 | |
Application | 2 | |
OS | 2 | |
OS | 2 | |
OS | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0845-1.NASL description This update for qemu fixes the following issues : CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1161066). CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation (bsc#1166379). CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine which could have allowed a remote denial of service or arbitrary code with privileges of the QEMU process on the host (bsc#1166240). CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating the identification protocol and copying message data to a socket buffer (bsc#1123156). CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1163018). CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to exhaustion of the host memory leading to a potential Denial of service (bsc#1165776). Fixed live migration errors (bsc#1154790, bsc#1156794, bsc#1156642). Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729). Fixed an issue where booting up a guest system with mdev passthrough device as installation device was failing (bsc#1158880). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-04-07 modified 2020-04-02 plugin id 135169 published 2020-04-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135169 title SUSE SLES12 Security Update : qemu (SUSE-SU-2020:0845-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2020:0845-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(135169); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/21"); script_cve_id("CVE-2019-15034", "CVE-2019-20382", "CVE-2019-6778", "CVE-2020-1711", "CVE-2020-7039", "CVE-2020-8608"); script_name(english:"SUSE SLES12 Security Update : qemu (SUSE-SU-2020:0845-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for qemu fixes the following issues : CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1161066). CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation (bsc#1166379). CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine which could have allowed a remote denial of service or arbitrary code with privileges of the QEMU process on the host (bsc#1166240). CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating the identification protocol and copying message data to a socket buffer (bsc#1123156). CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1163018). CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to exhaustion of the host memory leading to a potential Denial of service (bsc#1165776). Fixed live migration errors (bsc#1154790, bsc#1156794, bsc#1156642). Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729). Fixed an issue where booting up a guest system with mdev passthrough device as installation device was failing (bsc#1158880). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1123156" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1154790" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1156642" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1156794" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158880" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161066" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162161" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162729" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163018" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165776" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166240" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166379" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-15034/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-20382/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-6778/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-1711/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7039/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8608/" ); # https://www.suse.com/support/update/announcement/2020/suse-su-20200845-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?0287d340" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Server 12-SP5:zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-845=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8608"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-audio-alsa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-audio-alsa-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-audio-oss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-audio-oss-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-audio-pa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-audio-pa-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-audio-sdl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-audio-sdl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-iscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-iscsi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-rbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-ssh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-guest-agent"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-kvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-s390"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-ui-curses"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-ui-curses-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-ui-gtk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-ui-gtk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-ui-sdl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-ui-sdl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:qemu-x86"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"5", cpu:"x86_64", reference:"qemu-block-rbd-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", cpu:"x86_64", reference:"qemu-block-rbd-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", cpu:"x86_64", reference:"qemu-x86-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", cpu:"s390x", reference:"qemu-s390-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", cpu:"s390x", reference:"qemu-s390-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-audio-alsa-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-audio-alsa-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-audio-oss-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-audio-oss-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-audio-pa-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-audio-pa-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-audio-sdl-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-audio-sdl-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-block-curl-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-block-curl-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-block-iscsi-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-block-iscsi-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-block-ssh-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-block-ssh-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-debugsource-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-guest-agent-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-guest-agent-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-lang-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-tools-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-tools-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-ui-curses-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-ui-curses-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-ui-gtk-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-ui-gtk-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-ui-sdl-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-ui-sdl-debuginfo-3.1.1.1-3.9.1")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"qemu-kvm-3.1.1.1-3.9.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-2472.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2472 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-12 modified 2020-06-10 plugin id 137306 published 2020-06-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137306 title RHEL 8 : virt:rhel (RHSA-2020:2472) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:2472. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(137306); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/20"); script_cve_id("CVE-2020-1711"); script_xref(name:"RHSA", value:"2020:2472"); script_name(english:"RHEL 8 : virt:rhel (RHSA-2020:2472)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing a security update."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2472 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:2472"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-1711"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1794290"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-1711"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(122); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/11"); script_set_attribute(attribute:"patch_publication_date", value:"2020/06/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/10"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_e4s:8.0"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_e4s:8.0::appstream"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:SLOF"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hivex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hivex-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hivex-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-java"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libiscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libiscsi-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-admin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-nss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-python-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:lua-guestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-plugin-gzip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-plugin-python-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-plugin-python3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-plugin-vddk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-plugin-xz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netcf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netcf-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netcf-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netcf-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-hivex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-hivex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-img"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-hivex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seabios-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sgabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sgabios-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:supermin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:supermin-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:supermin-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:virt-dib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:virt-p2v-maker"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:virt-v2v"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); module_ver = get_kb_item('Host/RedHat/appstream/virt'); if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:rhel'); if ('rhel' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt:' + module_ver); appstreams = { 'virt:rhel': [ {'reference':'hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'hivex-debugsource-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'hivex-debugsource-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'hivex-debugsource-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'hivex-devel-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'hivex-devel-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'hivex-devel-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-bash-completion-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-benchmarking-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-benchmarking-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-debugsource-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-debugsource-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-debugsource-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-devel-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-devel-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-devel-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gfs2-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gfs2-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gfs2-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-devel-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-devel-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-devel-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-inspect-icons-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-devel-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-devel-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-devel-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-javadoc-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-man-pages-ja-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-man-pages-uk-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rescue-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rescue-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rescue-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rsync-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rsync-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rsync-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-tools-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-tools-c-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-tools-c-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-tools-c-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-winsupport-8.0-3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libguestfs-winsupport-8.0-3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libguestfs-winsupport-8.0-3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libguestfs-xfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-xfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-xfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libiscsi-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libiscsi-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libiscsi-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libiscsi-debugsource-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libiscsi-debugsource-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libiscsi-debugsource-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libiscsi-devel-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libiscsi-devel-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libiscsi-devel-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libiscsi-utils-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libiscsi-utils-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libiscsi-utils-1.18.0-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libssh2-1.8.0-8.module+el8.0.0+4084+cceb9f44.1', 'cpu':'aarch64', 'release':'8'}, {'reference':'libssh2-1.8.0-8.module+el8.0.0+4084+cceb9f44.1', 'cpu':'s390x', 'release':'8'}, {'reference':'libssh2-1.8.0-8.module+el8.0.0+4084+cceb9f44.1', 'cpu':'x86_64', 'release':'8'}, {'reference':'libssh2-debugsource-1.8.0-8.module+el8.0.0+4084+cceb9f44.1', 'cpu':'aarch64', 'release':'8'}, {'reference':'libssh2-debugsource-1.8.0-8.module+el8.0.0+4084+cceb9f44.1', 'cpu':'s390x', 'release':'8'}, {'reference':'libssh2-debugsource-1.8.0-8.module+el8.0.0+4084+cceb9f44.1', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-admin-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-admin-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-admin-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-bash-completion-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-bash-completion-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-bash-completion-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-client-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-client-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-client-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-config-network-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-config-network-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-config-network-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-config-nwfilter-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-config-nwfilter-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-config-nwfilter-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-interface-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-interface-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-interface-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-network-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-network-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-network-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-nodedev-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-nodedev-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-nodedev-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-qemu-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-qemu-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-qemu-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-secret-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-secret-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-secret-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-core-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-core-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-core-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-kvm-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-kvm-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-kvm-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-dbus-1.2.0-3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-dbus-1.2.0-3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-dbus-1.2.0-3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-dbus-debugsource-1.2.0-3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-dbus-debugsource-1.2.0-3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-dbus-debugsource-1.2.0-3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-debugsource-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-debugsource-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-debugsource-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-devel-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-devel-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-devel-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-docs-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-docs-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-docs-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-libs-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-libs-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-libs-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-lock-sanlock-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-lock-sanlock-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-lock-sanlock-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-nss-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-nss-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-nss-4.5.0-24.3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-python-debugsource-4.5.0-2.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-python-debugsource-4.5.0-2.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-python-debugsource-4.5.0-2.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'lua-guestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'lua-guestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'lua-guestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'nbdkit-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-bash-completion-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'release':'8'}, {'reference':'nbdkit-basic-plugins-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-basic-plugins-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-basic-plugins-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-debugsource-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-debugsource-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-debugsource-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-devel-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-devel-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-devel-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-example-plugins-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-example-plugins-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-example-plugins-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-plugin-gzip-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-plugin-gzip-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-plugin-gzip-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-plugin-python-common-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-plugin-python-common-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-plugin-python-common-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-plugin-python3-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-plugin-python3-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-plugin-python3-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-plugin-vddk-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-plugin-xz-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-plugin-xz-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-plugin-xz-1.4.2-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'netcf-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'netcf-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'netcf-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'netcf-debugsource-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'netcf-debugsource-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'netcf-debugsource-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'netcf-devel-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'netcf-devel-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'netcf-devel-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'netcf-libs-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'netcf-libs-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'netcf-libs-0.2.8-11.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'perl-hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'perl-hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'perl-hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'perl-Sys-Guestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'perl-Sys-Guestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'perl-Sys-Guestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'perl-Sys-Virt-4.5.0-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'perl-Sys-Virt-4.5.0-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'perl-Sys-Virt-4.5.0-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'perl-Sys-Virt-debugsource-4.5.0-5.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'perl-Sys-Virt-debugsource-4.5.0-5.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'perl-Sys-Virt-debugsource-4.5.0-5.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'python3-hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'python3-hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'python3-hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'python3-libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'python3-libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'python3-libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'python3-libvirt-4.5.0-2.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'python3-libvirt-4.5.0-2.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'python3-libvirt-4.5.0-2.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'qemu-guest-agent-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-guest-agent-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-guest-agent-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-img-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-img-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-img-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-curl-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-curl-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-curl-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-gluster-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-iscsi-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-iscsi-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-iscsi-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-rbd-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-rbd-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-rbd-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-ssh-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-ssh-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-ssh-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-common-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-common-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-common-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-core-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-core-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-core-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-debugsource-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-debugsource-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-debugsource-2.12.0-65.module+el8.0.0+6140+ec5d8118.7', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'ruby-hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'ruby-hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'ruby-hivex-1.3.15-7.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'ruby-libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'ruby-libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'ruby-libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'seabios-1.11.1-4.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'seabios-bin-1.11.1-4.module+el8.0.0+4084+cceb9f44', 'release':'8'}, {'reference':'seavgabios-bin-1.11.1-4.module+el8.0.0+4084+cceb9f44', 'release':'8'}, {'reference':'sgabios-0.20170427git-3.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'sgabios-bin-0.20170427git-3.module+el8.0.0+4084+cceb9f44', 'release':'8', 'epoch':'1'}, {'reference':'SLOF-20171214-6.gitfa98132.module+el8.0.0+4084+cceb9f44', 'release':'8'}, {'reference':'supermin-5.1.19-9.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'supermin-5.1.19-9.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'supermin-5.1.19-9.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'supermin-debugsource-5.1.19-9.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'supermin-debugsource-5.1.19-9.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'supermin-debugsource-5.1.19-9.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'supermin-devel-5.1.19-9.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8'}, {'reference':'supermin-devel-5.1.19-9.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8'}, {'reference':'supermin-devel-5.1.19-9.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8'}, {'reference':'virt-dib-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'virt-dib-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'virt-dib-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'virt-p2v-maker-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'virt-v2v-1.38.4-11.1.module+el8.0.0+4084+cceb9f44', 'cpu':'x86_64', 'release':'8', 'epoch':'1'} ], }; flag = 0; appstreams_found = 0; foreach module (keys(appstreams)) { appstream = NULL; appstream_name = NULL; appstream_version = NULL; appstream_split = split(module, sep:':', keep:FALSE); if (!empty_or_null(appstream_split)) { appstream_name = appstream_split[0]; appstream_version = appstream_split[1]; if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name); } if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') { appstreams_found++; foreach package_array ( appstreams[module] ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; allowmaj = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj']; if (reference && release) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++; } } } } if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt:rhel'); if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-debugsource / etc'); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0730.NASL description An update for qemu-kvm-rhev is now available for Red Hat Virtualization Engine 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es) : * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * [Intel 7.6.z Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM qemu-kvm-rhev (BZ#1730601) * qemu-kvm-rhev: backport cpuidle-haltpoll support (BZ#1746281) Enhancement(s) : * [Intel 7.7 FEAT] MDS_NO exposure to guest - qemu-kvm-rhev (BZ#1743632) last seen 2020-03-18 modified 2020-03-09 plugin id 134344 published 2020-03-09 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134344 title RHEL 7 : Virtualization Manager (RHSA-2020:0730) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:0730. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(134344); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/11"); script_cve_id("CVE-2019-11135", "CVE-2020-1711"); script_xref(name:"RHSA", value:"2020:0730"); script_name(english:"RHEL 7 : Virtualization Manager (RHSA-2020:0730)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for qemu-kvm-rhev is now available for Red Hat Virtualization Engine 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es) : * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * [Intel 7.6.z Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM qemu-kvm-rhev (BZ#1730601) * qemu-kvm-rhev: backport cpuidle-haltpoll support (BZ#1746281) Enhancement(s) : * [Intel 7.7 FEAT] MDS_NO exposure to guest - qemu-kvm-rhev (BZ#1743632)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/solutions/tsx-asynchronousabort" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:0730" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-11135" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2020-1711" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-rhev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-rhev"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/11/14"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2020:0730"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-img-rhev-2.12.0-18.el7_6.9")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-kvm-common-rhev-2.12.0-18.el7_6.9")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-kvm-rhev-2.12.0-18.el7_6.9")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-kvm-rhev-debuginfo-2.12.0-18.el7_6.9")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"qemu-kvm-tools-rhev-2.12.0-18.el7_6.9")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu-img-rhev / qemu-kvm-common-rhev / qemu-kvm-rhev / etc"); } }
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-202005-02.NASL description The remote host is affected by the vulnerability described in GLSA-202005-02 (QEMU: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time. last seen 2020-05-16 modified 2020-05-13 plugin id 136539 published 2020-05-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136539 title GLSA-202005-02 : QEMU: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 202005-02. # # The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(136539); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/21"); script_cve_id("CVE-2020-11102", "CVE-2020-1711", "CVE-2020-7039"); script_xref(name:"GLSA", value:"202005-02"); script_name(english:"GLSA-202005-02 : QEMU: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-202005-02 (QEMU: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/202005-02" ); script_set_attribute( attribute:"solution", value: "All QEMU users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/qemu-4.2.0-r5'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7039"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:qemu"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/16"); script_set_attribute(attribute:"patch_publication_date", value:"2020/05/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-emulation/qemu", unaffected:make_list("ge 4.2.0-r5"), vulnerable:make_list("lt 4.2.0-r5"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "QEMU"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DLA-2144.NASL description Two out-of-bounds heap buffer accesses were found in QEMU, a fast processor emulator, which could result in denial of service or abitrary code execution. For Debian 8 last seen 2020-03-20 modified 2020-03-18 plugin id 134631 published 2020-03-18 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134631 title Debian DLA-2144-1 : qemu security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-2144-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(134631); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/21"); script_cve_id("CVE-2020-1711", "CVE-2020-8608"); script_name(english:"Debian DLA-2144-1 : qemu security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "Two out-of-bounds heap buffer accesses were found in QEMU, a fast processor emulator, which could result in denial of service or abitrary code execution. For Debian 8 'Jessie', these problems have been fixed in version 1:2.1+dfsg-12+deb8u14. We recommend that you upgrade your qemu packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/jessie/qemu" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8608"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-guest-agent"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-kvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-arm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-mips"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-misc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-ppc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-sparc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-system-x86"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-user"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-user-binfmt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-user-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/06"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/18"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"8.0", prefix:"qemu", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-guest-agent", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-kvm", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-system", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-system-arm", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-system-common", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-system-mips", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-system-misc", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-system-ppc", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-system-sparc", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-system-x86", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-user", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-user-binfmt", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-user-static", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (deb_check(release:"8.0", prefix:"qemu-utils", reference:"1:2.1+dfsg-12+deb8u14")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1216.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1216 advisory. - QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155) - QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378) - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-03-31 plugin id 135033 published 2020-03-31 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135033 title RHEL 7 : qemu-kvm-rhev (RHSA-2020:1216) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1216. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(135033); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/20"); script_cve_id("CVE-2019-12155", "CVE-2019-14378", "CVE-2020-1711"); script_bugtraq_id(108429); script_xref(name:"RHSA", value:"2020:1216"); script_name(english:"RHEL 7 : qemu-kvm-rhev (RHSA-2020:1216)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing one or more security updates."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1216 advisory. - QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155) - QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378) - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/476.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1216"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-12155"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-14378"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-1711"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1648622"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1665256"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1711643"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1721522"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1724048"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1734502"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1743365"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1746224"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1764120"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1775251"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14378"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(122, 476); script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/24"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/31"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhev_manager:4.3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7::hypervisor"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-rhev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-rhev"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'qemu-img-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'10'}, {'reference':'qemu-kvm-common-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'10'}, {'reference':'qemu-kvm-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'10'}, {'reference':'qemu-kvm-tools-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'10'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (reference && release) { if (rpm_spec_vers_cmp) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++; } else { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++; } } } if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu-img-rhev / qemu-kvm-common-rhev / qemu-kvm-rhev / etc'); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1296.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1296 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) - QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-04-02 plugin id 135176 published 2020-04-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135176 title RHEL 7 : qemu-kvm-rhev (RHSA-2020:1296) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1296. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(135176); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/20"); script_cve_id("CVE-2020-1711", "CVE-2020-7039"); script_xref(name:"RHSA", value:"2020:1296"); script_name(english:"RHEL 7 : qemu-kvm-rhev (RHSA-2020:1296)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing one or more security updates."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1296 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) - QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1296"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-1711"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-7039"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7039"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(122); script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/16"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/02"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:openstack:13"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:openstack:13::el7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-rhev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-rhev"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'qemu-img-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'10'}, {'reference':'qemu-kvm-common-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'10'}, {'reference':'qemu-kvm-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'10'}, {'reference':'qemu-kvm-tools-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'10'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (reference && release) { if (rpm_spec_vers_cmp) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++; } else { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++; } } } if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu-img-rhev / qemu-kvm-common-rhev / qemu-kvm-rhev / etc'); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1150.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1150 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) - QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-04-01 plugin id 135051 published 2020-04-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135051 title RHEL 7 : qemu-kvm-ma (RHSA-2020:1150) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1150. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(135051); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/20"); script_cve_id("CVE-2020-1711", "CVE-2020-7039"); script_xref(name:"RHSA", value:"2020:1150"); script_name(english:"RHEL 7 : qemu-kvm-ma (RHSA-2020:1150)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing one or more security updates."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1150 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) - QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1150"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-1711"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-7039"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7039"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(122); script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/16"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/01"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7::server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-img-ma"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-ma"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ma"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-ma"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'qemu-img-ma-2.12.0-44.el7', 'cpu':'s390x', 'release':'7', 'epoch':'10'}, {'reference':'qemu-kvm-common-ma-2.12.0-44.el7', 'cpu':'s390x', 'release':'7', 'epoch':'10'}, {'reference':'qemu-kvm-ma-2.12.0-44.el7', 'cpu':'s390x', 'release':'7', 'epoch':'10'}, {'reference':'qemu-kvm-tools-ma-2.12.0-44.el7', 'cpu':'s390x', 'release':'7', 'epoch':'10'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (reference && release) { if (rpm_spec_vers_cmp) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++; } else { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++; } } } if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu-img-ma / qemu-kvm-common-ma / qemu-kvm-ma / etc'); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0731.NASL description An update for the virt:8.1 and virt-devel:8.1 modules is now available for Advanced Virtualization for RHEL 8.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es) : * QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Enhancement(s) : * libnbd: new client library for nbd protocol implementation[rhel-8.1.1] (BZ# 1802711) * New package request for RHEL 8: python-pyvmomi[rhel-8.1.1] (BZ#1802712) last seen 2020-05-21 modified 2020-03-06 plugin id 134272 published 2020-03-06 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134272 title RHEL 8 : Virtualization Manager (RHSA-2020:0731) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:0731. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(134272); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/20"); script_cve_id("CVE-2020-1711"); script_xref(name:"RHSA", value:"2020:0731"); script_name(english:"RHEL 8 : Virtualization Manager (RHSA-2020:0731)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for the virt:8.1 and virt-devel:8.1 modules is now available for Advanced Virtualization for RHEL 8.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix(es) : * QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Enhancement(s) : * libnbd: new client library for nbd protocol implementation[rhel-8.1.1] (BZ# 1802711) * New package request for RHEL 8: python-pyvmomi[rhel-8.1.1] (BZ#1802712)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:0731" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2020-1711" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-1711"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:SLOF"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hivex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hivex-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hivex-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-benchmarking"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-java"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libiscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libiscsi-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libiscsi-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libiscsi-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnbd-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libnbd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libtpms"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libtpms-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libtpms-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-admin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-bash-completion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-dbus-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-nss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libvirt-python-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:lua-guestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netcf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netcf-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netcf-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netcf-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Guestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-Sys-Virt-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-hivex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-hivex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-libnbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-libvirt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-pyvmomi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-img"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-hivex"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seabios-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seavgabios-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sgabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sgabios-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:supermin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:supermin-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:supermin-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:swtpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:swtpm-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:swtpm-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:swtpm-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:swtpm-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:virglrenderer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:virglrenderer-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:virglrenderer-test-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:virt-dib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:virt-p2v-maker"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:virt-v2v"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:advanced_virtualization:8.1"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:advanced_virtualization:8.1::el8"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/11"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/06"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); appstreams = { 'virt:8.1': [ {'reference':'hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'hivex-debugsource-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'hivex-debugsource-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'hivex-debugsource-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'hivex-devel-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'hivex-devel-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'hivex-devel-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-bash-completion-1.40.2-16.module+el8.1.1+5309+6d656f05', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-benchmarking-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-benchmarking-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-debugsource-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-debugsource-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-debugsource-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gfs2-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gfs2-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gfs2-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-gobject-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-inspect-icons-1.40.2-16.module+el8.1.1+5309+6d656f05', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-java-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-javadoc-1.40.2-16.module+el8.1.1+5309+6d656f05', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-man-pages-ja-1.40.2-16.module+el8.1.1+5309+6d656f05', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-man-pages-uk-1.40.2-16.module+el8.1.1+5309+6d656f05', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rescue-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rescue-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rescue-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rsync-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rsync-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-rsync-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-tools-1.40.2-16.module+el8.1.1+5309+6d656f05', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-tools-c-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-tools-c-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-tools-c-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-winsupport-8.0-4.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libguestfs-winsupport-8.0-4.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libguestfs-winsupport-8.0-4.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libguestfs-xfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-xfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'libguestfs-xfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'libiscsi-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libiscsi-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libiscsi-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'aarch64', 'release':'8'}, {'reference':'libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'s390x', 'release':'8'}, {'reference':'libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'x86_64', 'release':'8'}, {'reference':'libnbd-debugsource-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'aarch64', 'release':'8'}, {'reference':'libnbd-debugsource-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'s390x', 'release':'8'}, {'reference':'libnbd-debugsource-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'x86_64', 'release':'8'}, {'reference':'libnbd-devel-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'aarch64', 'release':'8'}, {'reference':'libnbd-devel-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'s390x', 'release':'8'}, {'reference':'libnbd-devel-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'x86_64', 'release':'8'}, {'reference':'libtpms-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libtpms-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libtpms-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libtpms-debugsource-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libtpms-debugsource-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libtpms-debugsource-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libtpms-devel-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libtpms-devel-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libtpms-devel-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-admin-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-admin-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-admin-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-bash-completion-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-bash-completion-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-bash-completion-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-client-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-client-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-client-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-config-network-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-config-network-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-config-network-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-config-nwfilter-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-config-nwfilter-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-config-nwfilter-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-interface-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-interface-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-interface-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-network-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-network-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-network-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-nodedev-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-nodedev-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-nodedev-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-nwfilter-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-nwfilter-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-nwfilter-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-qemu-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-qemu-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-qemu-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-secret-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-secret-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-secret-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-core-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-core-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-core-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-disk-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-disk-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-disk-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-gluster-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-gluster-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-gluster-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-direct-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-direct-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-direct-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-logical-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-logical-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-logical-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-mpath-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-mpath-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-mpath-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-rbd-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-rbd-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-rbd-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-scsi-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-scsi-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-scsi-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-daemon-kvm-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-daemon-kvm-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-daemon-kvm-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-dbus-1.3.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-dbus-1.3.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-dbus-1.3.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-dbus-debugsource-1.3.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-dbus-debugsource-1.3.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-dbus-debugsource-1.3.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-debugsource-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-debugsource-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-debugsource-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-devel-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-devel-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-devel-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-docs-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-docs-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-docs-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-libs-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-libs-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-libs-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-lock-sanlock-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-lock-sanlock-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-lock-sanlock-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-nss-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-nss-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-nss-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'libvirt-python-debugsource-5.6.0-3.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'libvirt-python-debugsource-5.6.0-3.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'libvirt-python-debugsource-5.6.0-3.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'lua-guestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'lua-guestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'lua-guestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'nbdkit-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-bash-completion-1.12.5-2.module+el8.1.1+5309+6d656f05', 'release':'8'}, {'reference':'nbdkit-basic-filters-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-basic-filters-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-basic-filters-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-basic-plugins-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-basic-plugins-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-basic-plugins-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-curl-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-curl-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-curl-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-debugsource-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-debugsource-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-debugsource-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-devel-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-devel-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-devel-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-example-plugins-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-example-plugins-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-example-plugins-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-gzip-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-gzip-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-gzip-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-linuxdisk-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-linuxdisk-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-linuxdisk-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-python-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-python-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-python-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-server-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-server-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-server-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-ssh-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-ssh-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-ssh-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-vddk-plugin-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'nbdkit-xz-filter-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'nbdkit-xz-filter-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'nbdkit-xz-filter-1.12.5-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'netcf-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'netcf-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'netcf-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'netcf-debugsource-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'netcf-debugsource-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'netcf-debugsource-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'netcf-devel-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'netcf-devel-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'netcf-devel-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'netcf-libs-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'netcf-libs-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'netcf-libs-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'ocaml-libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'aarch64', 'release':'8'}, {'reference':'ocaml-libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'s390x', 'release':'8'}, {'reference':'ocaml-libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'x86_64', 'release':'8'}, {'reference':'ocaml-libnbd-devel-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'aarch64', 'release':'8'}, {'reference':'ocaml-libnbd-devel-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'s390x', 'release':'8'}, {'reference':'ocaml-libnbd-devel-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'x86_64', 'release':'8'}, {'reference':'perl-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'perl-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'perl-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'perl-Sys-Guestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'perl-Sys-Guestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'perl-Sys-Guestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'perl-Sys-Virt-5.6.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'perl-Sys-Virt-5.6.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'perl-Sys-Virt-5.6.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'perl-Sys-Virt-debugsource-5.6.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'perl-Sys-Virt-debugsource-5.6.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'perl-Sys-Virt-debugsource-5.6.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'python3-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'python3-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'python3-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'python3-libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'python3-libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'python3-libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'python3-libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'aarch64', 'release':'8'}, {'reference':'python3-libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'s390x', 'release':'8'}, {'reference':'python3-libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'x86_64', 'release':'8'}, {'reference':'python3-libvirt-5.6.0-3.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'python3-libvirt-5.6.0-3.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'python3-libvirt-5.6.0-3.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'python3-pyvmomi-6.7.1-7.module+el8.1.1+5668+2d43f0bb', 'release':'8'}, {'reference':'qemu-guest-agent-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-guest-agent-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-guest-agent-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-img-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-img-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-img-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-curl-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-curl-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-curl-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-gluster-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-iscsi-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-iscsi-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-iscsi-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-rbd-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-rbd-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-rbd-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-ssh-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-ssh-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-block-ssh-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-common-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-common-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-common-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-core-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-core-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-core-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-debugsource-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-debugsource-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-debugsource-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'ruby-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'ruby-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'ruby-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'ruby-libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'ruby-libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'ruby-libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'seabios-1.12.0-5.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'seabios-bin-1.12.0-5.module+el8.1.1+5309+6d656f05', 'release':'8'}, {'reference':'seavgabios-bin-1.12.0-5.module+el8.1.1+5309+6d656f05', 'release':'8'}, {'reference':'sgabios-0.20170427git-3.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'sgabios-bin-0.20170427git-3.module+el8.1.1+5309+6d656f05', 'release':'8', 'epoch':'1'}, {'reference':'SLOF-20190703-1.gitba1ab360.module+el8.1.1+5309+6d656f05', 'release':'8'}, {'reference':'supermin-5.1.19-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'supermin-5.1.19-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'supermin-5.1.19-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'supermin-debugsource-5.1.19-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'supermin-debugsource-5.1.19-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'supermin-debugsource-5.1.19-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'supermin-devel-5.1.19-10.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'supermin-devel-5.1.19-10.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'supermin-devel-5.1.19-10.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'swtpm-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'swtpm-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'swtpm-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'swtpm-debugsource-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'swtpm-debugsource-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'swtpm-debugsource-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'swtpm-devel-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'swtpm-devel-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'swtpm-devel-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'swtpm-libs-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'swtpm-libs-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'swtpm-libs-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'swtpm-tools-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'swtpm-tools-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'swtpm-tools-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'virglrenderer-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'virglrenderer-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'virglrenderer-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'virglrenderer-devel-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'virglrenderer-devel-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'virglrenderer-devel-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'virglrenderer-test-server-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'virglrenderer-test-server-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'virglrenderer-test-server-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'virt-dib-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'virt-dib-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'virt-dib-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'virt-p2v-maker-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'virt-v2v-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'} ], 'virt-devel:8.1': [ {'reference':'hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'hivex-debugsource-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'hivex-devel-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libguestfs-winsupport-8.0-4.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libiscsi-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libiscsi-debugsource-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libiscsi-devel-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libiscsi-utils-1.18.0-8.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'i686', 'release':'8'}, {'reference':'libnbd-debugsource-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'i686', 'release':'8'}, {'reference':'libnbd-devel-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'i686', 'release':'8'}, {'reference':'libtpms-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libtpms-debugsource-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libtpms-devel-0.7.0-1.20191018gitdc116933b7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-admin-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-bash-completion-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-client-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-config-network-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-config-nwfilter-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-interface-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-network-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-nodedev-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-nwfilter-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-secret-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-core-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-disk-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-iscsi-direct-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-logical-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-mpath-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-rbd-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-daemon-driver-storage-scsi-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-dbus-1.3.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-dbus-debugsource-1.3.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-debugsource-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-devel-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-docs-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-libs-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-nss-5.6.0-10.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'libvirt-python-debugsource-5.6.0-3.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'netcf-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'netcf-debugsource-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'netcf-devel-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'netcf-libs-0.2.8-12.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'ocaml-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'ocaml-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'ocaml-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'ocaml-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'ocaml-hivex-devel-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8'}, {'reference':'ocaml-hivex-devel-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'ocaml-hivex-devel-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8'}, {'reference':'ocaml-hivex-devel-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8'}, {'reference':'ocaml-libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'ocaml-libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'ocaml-libguestfs-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'ocaml-libguestfs-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'ocaml-libguestfs-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'ocaml-libguestfs-devel-1.40.2-16.module+el8.1.1+5309+6d656f05', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'ocaml-libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'i686', 'release':'8'}, {'reference':'ocaml-libnbd-devel-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'i686', 'release':'8'}, {'reference':'perl-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'perl-Sys-Virt-5.6.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'perl-Sys-Virt-debugsource-5.6.0-2.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'python3-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'python3-libnbd-1.0.3-1.module+el8.1.1+5659+15cacc69', 'cpu':'i686', 'release':'8'}, {'reference':'python3-libvirt-5.6.0-3.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'qemu-kvm-tests-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'aarch64', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-tests-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'s390x', 'release':'8', 'epoch':'15'}, {'reference':'qemu-kvm-tests-4.1.0-23.module+el8.1.1+5748+5fcc84a8.1', 'cpu':'x86_64', 'release':'8', 'epoch':'15'}, {'reference':'ruby-hivex-1.3.15-7.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'sgabios-0.20170427git-3.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8', 'epoch':'1'}, {'reference':'swtpm-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'swtpm-debugsource-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'swtpm-devel-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'swtpm-libs-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'swtpm-tools-0.2.0-1.20191018git9227cf4.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'virglrenderer-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'virglrenderer-devel-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'}, {'reference':'virglrenderer-test-server-0.6.0-5.20180814git491d3b705.module+el8.1.1+5309+6d656f05', 'cpu':'i686', 'release':'8'} ], }; flag = 0; appstreams_found = 0; foreach module (keys(appstreams)) { appstream = NULL; appstream_name = NULL; appstream_version = NULL; appstream_split = split(module, sep:':', keep:FALSE); if (!empty_or_null(appstream_split)) { appstream_name = appstream_split[0]; appstream_version = appstream_split[1]; appstream = get_kb_item('Host/RedHat/appstream/' + appstream_name); } if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') { appstreams_found++; foreach package_array ( appstreams[module] ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (reference && release) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++; } } } } if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:8.1 / virt:8.1'); if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-debugsource / etc'); }
NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-468.NASL description This update for qemu fixes the following issues : - CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1161066). - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation (bsc#1166379). - CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine which could have allowed a remote denial of service or arbitrary code with privileges of the QEMU process on the host (bsc#1166240). - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating the identification protocol and copying message data to a socket buffer (bsc#1123156). - CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1163018). - CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to exhaustion of the host memory leading to a potential Denial of service (bsc#1165776). - Fixed a live migration error (bsc#1154790). - Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729). This update was imported from the SUSE:SLE-15-SP1:Update update project. last seen 2020-04-12 modified 2020-04-07 plugin id 135265 published 2020-04-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135265 title openSUSE Security Update : qemu (openSUSE-2020-468) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2020-468. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(135265); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/21"); script_cve_id("CVE-2019-15034", "CVE-2019-20382", "CVE-2019-6778", "CVE-2020-1711", "CVE-2020-7039", "CVE-2020-8608"); script_name(english:"openSUSE Security Update : qemu (openSUSE-2020-468)"); script_summary(english:"Check for the openSUSE-2020-468 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for qemu fixes the following issues : - CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1161066). - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation (bsc#1166379). - CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine which could have allowed a remote denial of service or arbitrary code with privileges of the QEMU process on the host (bsc#1166240). - CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating the identification protocol and copying message data to a socket buffer (bsc#1123156). - CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1163018). - CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to exhaustion of the host memory leading to a potential Denial of service (bsc#1165776). - Fixed a live migration error (bsc#1154790). - Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729). This update was imported from the SUSE:SLE-15-SP1:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1123156" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1154790" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1161066" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1162729" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1163018" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1165776" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1166240" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1166379" ); script_set_attribute(attribute:"solution", value:"Update the affected qemu packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8608"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-alsa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-alsa-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-oss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-oss-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-pa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-pa-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-sdl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-audio-sdl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-gluster"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-gluster-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-nfs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-nfs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ipxe"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ksm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-kvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-seabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-sgabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-curses"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-curses-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-gtk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-gtk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-sdl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ui-sdl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-vgabios"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/07"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.1", reference:"qemu-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-arm-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-arm-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-audio-alsa-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-audio-alsa-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-audio-oss-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-audio-oss-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-audio-pa-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-audio-pa-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-audio-sdl-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-audio-sdl-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-curl-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-curl-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-dmg-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-dmg-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-gluster-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-gluster-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-iscsi-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-iscsi-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-nfs-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-nfs-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-rbd-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-rbd-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-ssh-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-block-ssh-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-debugsource-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-extra-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-extra-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-guest-agent-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-guest-agent-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ipxe-1.0.0+-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ksm-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-kvm-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-lang-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-linux-user-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-linux-user-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-linux-user-debugsource-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ppc-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ppc-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-s390-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-s390-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-seabios-1.12.0-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-sgabios-8-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-tools-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-tools-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ui-curses-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ui-curses-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ui-gtk-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ui-gtk-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ui-sdl-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-ui-sdl-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-vgabios-1.12.0-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-x86-3.1.1.1-lp151.7.12.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"qemu-x86-debuginfo-3.1.1.1-lp151.7.12.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu-linux-user / qemu-linux-user-debuginfo / etc"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1505.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1505 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-30 modified 2020-04-21 plugin id 135774 published 2020-04-21 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135774 title RHEL 7 : qemu-kvm-ma (RHSA-2020:1505) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1505. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(135774); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/20"); script_cve_id("CVE-2020-1711"); script_xref(name:"RHSA", value:"2020:1505"); script_name(english:"RHEL 7 : qemu-kvm-ma (RHSA-2020:1505)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing a security update."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1505 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1505"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-1711"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-1711"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(122); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/11"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/21"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:rhel_eus:7.5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:rhel_eus:7.5::server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-img-ma"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-ma"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ma"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-ma"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^7\.5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.5', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'qemu-img-ma-2.10.0-21.el7_5.5', 'sp':'5', 'cpu':'s390x', 'release':'7', 'el_string':'el7_5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10'}, {'reference':'qemu-kvm-common-ma-2.10.0-21.el7_5.5', 'sp':'5', 'cpu':'s390x', 'release':'7', 'el_string':'el7_5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10'}, {'reference':'qemu-kvm-ma-2.10.0-21.el7_5.5', 'sp':'5', 'cpu':'s390x', 'release':'7', 'el_string':'el7_5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10'}, {'reference':'qemu-kvm-tools-ma-2.10.0-21.el7_5.5', 'sp':'5', 'cpu':'s390x', 'release':'7', 'el_string':'el7_5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (reference && release) { if (rpm_spec_vers_cmp) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++; } else { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++; } } } if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu-img-ma / qemu-kvm-common-ma / qemu-kvm-ma / etc'); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4616.NASL description Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service. last seen 2020-06-01 modified 2020-06-02 plugin id 133419 published 2020-02-03 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133419 title Debian DSA-4616-1 : qemu - security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-4616. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(133419); script_version("1.2"); script_cvs_date("Date: 2020/02/05"); script_cve_id("CVE-2019-15890", "CVE-2020-1711", "CVE-2020-7039"); script_xref(name:"DSA", value:"4616"); script_name(english:"Debian DSA-4616-1 : qemu - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/qemu" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/stretch/qemu" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/buster/qemu" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2020/dsa-4616" ); script_set_attribute( attribute:"solution", value: "Upgrade the qemu packages. For the oldstable distribution (stretch), these problems have been fixed in version 1:2.8+dfsg-6+deb9u9. For the stable distribution (buster), these problems have been fixed in version 1:3.1+dfsg-8+deb10u4." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:qemu"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/06"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"10.0", prefix:"qemu", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-block-extra", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-guest-agent", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-kvm", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system-arm", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system-common", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system-data", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system-gui", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system-mips", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system-misc", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system-ppc", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system-sparc", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-system-x86", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-user", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-user-binfmt", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-user-static", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"10.0", prefix:"qemu-utils", reference:"1:3.1+dfsg-8+deb10u4")) flag++; if (deb_check(release:"9.0", prefix:"qemu", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-block-extra", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-guest-agent", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-kvm", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-system", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-system-arm", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-system-common", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-system-mips", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-system-misc", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-system-ppc", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-system-sparc", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-system-x86", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-user", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-user-binfmt", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-user-static", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (deb_check(release:"9.0", prefix:"qemu-utils", reference:"1:2.8+dfsg-6+deb9u9")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1300.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1300 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) - QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) - QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-04-02 plugin id 135173 published 2020-04-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135173 title RHEL 7 : qemu-kvm-rhev (RHSA-2020:1300) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0669.NASL description An update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Security Fix(es) : * QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-03-18 modified 2020-03-06 plugin id 134264 published 2020-03-06 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134264 title RHEL 7 : qemu-kvm-ma (RHSA-2020:0669) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-1358.NASL description Description of changes: qemu-kvm [2.12.0-88.0.1.el8_1_0.3] - Added bug30251155-remove-upstream-reference [Orabug: 30251155] [2.12.0-88.el8_1_0.3] - kvm-tcp_emu-Fix-oob-access.patch [bz#1791565] - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791565] - kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791565] - kvm-iscsi-Avoid-potential-for-get_status-overflow.patch [bz#1794500] - kvm-iscsi-Cap-block-count-from-GET-LBA-STATUS-CVE-2020-1.patch [bz#1794500] - Resolves: bz#1791565   (CVE-2020-7039 virt:rhel/qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-8.1.0.z]) - Resolves: bz#1794500   (CVE-2020-1711 qemu-kvm: QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server [rhel-8.1.0.z]) libvirt [4.5.0-35.3.0.1] - added librbd1 as dependency (Keshav Sharma) [4.5.0-35.3.el8] - qemu: Translate features in virQEMUCapsGetCPUFeatures (rhbz#1809510) last seen 2020-06-06 modified 2020-04-16 plugin id 135664 published 2020-04-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135664 title Oracle Linux 8 : virt:ol (ELSA-2020-1358) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1352.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1352 advisory. - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711) - QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) - QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-04-07 plugin id 135249 published 2020-04-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135249 title RHEL 7 : qemu-kvm-ma (RHSA-2020:1352) NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0844-1.NASL description This update for qemu fixes the following issues : CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1161066). CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation (bsc#1166379). CVE-2020-1711: Fixed an out of bounds heap buffer access iscsi_co_block_status() routine which could have allowed a remote denial of service or arbitrary code with privileges of the QEMU process on the host (bsc#1166240). CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() routine while emulating the identification protocol and copying message data to a socket buffer (bsc#1123156). CVE-2020-8608: Fixed a heap buffer overflow in tcp_emu() routine while emulating IRC and other protocols (bsc#1163018). CVE-2019-20382: Fixed a memory leak in the VNC display driver which could have led to exhaustion of the host memory leading to a potential Denial of service (bsc#1165776). Fixed a live migration error (bsc#1154790). Fixed an issue where migrating VMs on KVM gets missing features:ospke error (bsc#1162729). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-04-07 modified 2020-04-02 plugin id 135168 published 2020-04-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135168 title SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:0844-1) NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2020-1407.NASL description tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. (CVE-2020-7039) An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host. (CVE-2020-1711) last seen 2020-03-30 modified 2020-03-26 plugin id 134898 published 2020-03-26 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134898 title Amazon Linux 2 : qemu (ALAS-2020-1407) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4283-1.NASL description Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that QEMU incorrectly handled iSCSI server responses. A remote attacker in control of the iSCSI server could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2020-1711) It was discovered that the QEMU libslirp component incorrectly handled memory. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-7039, CVE-2020-8608). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-18 modified 2020-02-19 plugin id 133796 published 2020-02-19 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133796 title Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : qemu vulnerabilities (USN-4283-1)
Redhat
advisories |
| ||||||||||||||||
rpms |
|
References
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
- https://access.redhat.com/errata/RHSA-2020:0669
- https://access.redhat.com/errata/RHSA-2020:0669
- https://access.redhat.com/errata/RHSA-2020:0730
- https://access.redhat.com/errata/RHSA-2020:0730
- https://access.redhat.com/errata/RHSA-2020:0731
- https://access.redhat.com/errata/RHSA-2020:0731
- https://access.redhat.com/errata/RHSA-2020:0773
- https://access.redhat.com/errata/RHSA-2020:0773
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1711
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1711
- https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html
- https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html
- https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html
- https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html
- https://lists.gnu.org/archive/html/qemu-devel/2020-01/msg05535.html
- https://lists.gnu.org/archive/html/qemu-devel/2020-01/msg05535.html
- https://security.gentoo.org/glsa/202005-02
- https://security.gentoo.org/glsa/202005-02
- https://usn.ubuntu.com/4283-1/
- https://usn.ubuntu.com/4283-1/
- https://www.openwall.com/lists/oss-security/2020/01/23/3
- https://www.openwall.com/lists/oss-security/2020/01/23/3