ID CVE-2018-6764
Summary util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
References
Vulnerable Configurations
  • Red Hat libvirt
    cpe:2.3:a:redhat:libvirt
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • cpe:2.3:a:redhat:virtualization:4.0
    cpe:2.3:a:redhat:virtualization:4.0
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 17.10
    cpe:2.3:o:canonical:ubuntu_linux:17.10
CVSS
Base: 4.6
Impact:
Exploitability:
CWE CWE-284
CAPEC
  • Embedding Scripts within Scripts
    An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
  • Signature Spoofing by Key Theft
    An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-358.NASL
    description This update for libvirt and virt-manager fixes the following issues : Security issues fixed : - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' (var2) (bsc#1079869). - CVE-2018-6764: Fixed guest executable code injection via libnss_dns.so loaded by libvirt_lxc before init (bsc#1080042). - CVE-2018-1064: Fixed denial of service when reading from guest agent (bsc#1083625). Non-security issues fixed in libvirt : - bsc#1070615: Fixed TPM device passthrough failure on kernels >= 4.0. - bsc#1082041: SUSE Linux Enterprise 11 SP4 hvm converted to pvhvm. Unless vm memory is on gig boundary, vm won't boot. - bsc#1082161: Unable to change RTC basis or adjustment for Xen HVM guests using libvirt. Non-security issues fixed in virt-manager : - bsc#1086038: VM guests cannot be properly installed with virt-install - bsc#1067018: KVM Guest creation failed - Property .cmt not found - bsc#1054986: Fix openSUSE 15.0 detection. It has no content file or .treeinfo file - bsc#1085757: Fallback to latest version of openSUSE when opensuse-unknown is detected for the ISO This update was imported from the SUSE:SLE-12-SP3:Update update project.
    last seen 2019-02-21
    modified 2018-04-25
    plugin id 109020
    published 2018-04-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109020
    title openSUSE Security Update : libvirt (openSUSE-2018-358) (Spectre)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3576-1.NASL
    description Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5008) Daniel P. Berrange discovered that libvirt incorrectly handled validating SSL/TLS certificates. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 17.10. (CVE-2017-1000256) Daniel P. Berrange and Peter Krempa discovered that libvirt incorrectly handled large QEMU replies. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2018-5748) Pedro Sampaio discovered that libvirt incorrectly handled the libnss_dns.so module. An attacker in a libvirt_lxc session could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2018-6764). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 106928
    published 2018-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106928
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : libvirt vulnerabilities (USN-3576-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201804-07.NASL
    description The remote host is affected by the vulnerability described in GLSA-201804-07 (libvirt: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact : A local privileged attacker could execute arbitrary commands or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-06-07
    plugin id 108928
    published 2018-04-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108928
    title GLSA-201804-07 : libvirt: Multiple vulnerabilities
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1277.NASL
    description According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.(CVE-2018-6764) - qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.(CVE-2018-5748) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 117585
    published 2018-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117585
    title EulerOS Virtualization 2.5.0 : libvirt (EulerOS-SA-2018-1277)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1253.NASL
    description According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU guest agent.(CVE-2018-1064) - util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.(CVE-2018-6764) - qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.(CVE-2018-5748) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 117562
    published 2018-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117562
    title EulerOS Virtualization 2.5.1 : libvirt (EulerOS-SA-2018-1253)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20181030_LIBVIRT_ON_SL7_X.NASL
    description Security Fix(es) : - libvirt: guest could inject executable code via libnss_dns.so loaded by libvirt_lxc before init (CVE-2018-6764)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 119193
    published 2018-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119193
    title Scientific Linux Security Update : libvirt on SL7.x x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0920-1.NASL
    description This update for libvirt and virt-manager fixes the following issues: Security issues fixed : - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' (var2) (bsc#1079869). - CVE-2018-6764: Fixed guest executable code injection via libnss_dns.so loaded by libvirt_lxc before init (bsc#1080042). - CVE-2018-1064: Fixed denial of service when reading from guest agent (bsc#1083625). Non-security issues fixed in libvirt : - bsc#1070615: Fixed TPM device passthrough failure on kernels >= 4.0. - bsc#1082041: SUSE Linux Enterprise 11 SP4 hvm converted to pvhvm. Unless vm memory is on gig boundary, vm won't boot. - bsc#1082161: Unable to change RTC basis or adjustment for Xen HVM guests using libvirt. Non-security issues fixed in virt-manager : - bsc#1086038: VM guests cannot be properly installed with virt-install - bsc#1067018: KVM Guest creation failed - Property .cmt not found - bsc#1054986: Fix openSUSE 15.0 detection. It has no content file or .treeinfo file - bsc#1085757: Fallback to latest version of openSUSE when opensuse-unknown is detected for the ISO Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 109012
    published 2018-04-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109012
    title SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2018:0920-1) (Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3113.NASL
    description An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following packages have been upgraded to a later upstream version: libvirt (4.5.0). (BZ#1563169) Security Fix(es) : * libvirt: guest could inject executable code via libnss_dns.so loaded by libvirt_lxc before init (CVE-2018-6764) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 118530
    published 2018-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118530
    title RHEL 7 : libvirt (RHSA-2018:3113)
  • NASL family Amazon Linux Local Security Checks
    NASL id AL2_ALAS-2018-1134.NASL
    description util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.(CVE-2018-6764)
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 119788
    published 2018-12-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119788
    title Amazon Linux 2 : libvirt (ALAS-2018-1134)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-3113.NASL
    description An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following packages have been upgraded to a later upstream version: libvirt (4.5.0). (BZ#1563169) Security Fix(es) : * libvirt: guest could inject executable code via libnss_dns.so loaded by libvirt_lxc before init (CVE-2018-6764) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
    last seen 2019-02-21
    modified 2018-12-17
    plugin id 119692
    published 2018-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119692
    title CentOS 7 : libvirt (CESA-2018:3113)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-3113.NASL
    description From Red Hat Security Advisory 2018:3113 : An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following packages have been upgraded to a later upstream version: libvirt (4.5.0). (BZ#1563169) Security Fix(es) : * libvirt: guest could inject executable code via libnss_dns.so loaded by libvirt_lxc before init (CVE-2018-6764) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
    last seen 2019-02-21
    modified 2018-11-07
    plugin id 118773
    published 2018-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118773
    title Oracle Linux 7 : libvirt (ELSA-2018-3113)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4137.NASL
    description Several vulnerabilities were discovered in Libvirt, a virtualisation abstraction library : - CVE-2018-1064 Daniel Berrange discovered that the QEMU guest agent performed insufficient validation of incoming data, which allows a privileged user in the guest to exhaust resources on the virtualisation host, resulting in denial of service. - CVE-2018-5748 Daniel Berrange and Peter Krempa discovered that the QEMU monitor was susceptible to denial of service by memory exhaustion. This was already fixed in Debian stretch and only affects Debian jessie. - CVE-2018-6764 Pedro Sampaio discovered that LXC containers detected the hostname insecurely. This only affects Debian stretch.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 108346
    published 2018-03-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108346
    title Debian DSA-4137-1 : libvirt - security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0861-1.NASL
    description This update for libvirt fixes the following issues: Security issues fixed : - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' (var2) (bsc#1079869). - CVE-2018-6764: Fixed guest executable code injection via libnss_dns.so loaded by libvirt_lxc before init (bsc#1080042). - CVE-2018-1064: Fixed denial of service when reading from guest agent (bsc#1083625). Non-security issues fixed : - Error starting domain: internal error: No usable sysfs TPM cancel file could be found (bsc#1078808). - SUSE Linux Enterprise 11 SP4 hvm converted to pvhvm. Unless vm memory is on gig boundary, vm won't boot (bsc#1082041). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 108827
    published 2018-04-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108827
    title SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2018:0861-1) (Spectre)
redhat via4
advisories
bugzilla
id 1624735
title libvirt refuses to start a guest with vfio-ccw on s390 because of missing 'display' attribute
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhba:tst:20150364001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhba:tst:20150364002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhba:tst:20150364003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20150364004
  • OR
    • AND
      • comment libvirt is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113019
      • comment libvirt is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20131581006
    • AND
      • comment libvirt-admin is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113061
      • comment libvirt-admin is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029062
    • AND
      • comment libvirt-bash-completion is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113021
      • comment libvirt-bash-completion is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20183113022
    • AND
      • comment libvirt-client is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113015
      • comment libvirt-client is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20131581008
    • AND
      • comment libvirt-daemon is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113035
      • comment libvirt-daemon is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914016
    • AND
      • comment libvirt-daemon-config-network is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113029
      • comment libvirt-daemon-config-network is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914008
    • AND
      • comment libvirt-daemon-config-nwfilter is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113009
      • comment libvirt-daemon-config-nwfilter is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914022
    • AND
      • comment libvirt-daemon-driver-interface is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113037
      • comment libvirt-daemon-driver-interface is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914028
    • AND
      • comment libvirt-daemon-driver-lxc is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113033
      • comment libvirt-daemon-driver-lxc is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914026
    • AND
      • comment libvirt-daemon-driver-network is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113013
      • comment libvirt-daemon-driver-network is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914010
    • AND
      • comment libvirt-daemon-driver-nodedev is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113045
      • comment libvirt-daemon-driver-nodedev is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914020
    • AND
      • comment libvirt-daemon-driver-nwfilter is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113053
      • comment libvirt-daemon-driver-nwfilter is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914038
    • AND
      • comment libvirt-daemon-driver-qemu is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113057
      • comment libvirt-daemon-driver-qemu is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914040
    • AND
      • comment libvirt-daemon-driver-secret is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113005
      • comment libvirt-daemon-driver-secret is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914012
    • AND
      • comment libvirt-daemon-driver-storage is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113049
      • comment libvirt-daemon-driver-storage is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914018
    • AND
      • comment libvirt-daemon-driver-storage-core is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113011
      • comment libvirt-daemon-driver-storage-core is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029050
    • AND
      • comment libvirt-daemon-driver-storage-disk is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113039
      • comment libvirt-daemon-driver-storage-disk is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029056
    • AND
      • comment libvirt-daemon-driver-storage-gluster is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113063
      • comment libvirt-daemon-driver-storage-gluster is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029008
    • AND
      • comment libvirt-daemon-driver-storage-iscsi is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113055
      • comment libvirt-daemon-driver-storage-iscsi is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029026
    • AND
      • comment libvirt-daemon-driver-storage-logical is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113041
      • comment libvirt-daemon-driver-storage-logical is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029036
    • AND
      • comment libvirt-daemon-driver-storage-mpath is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113017
      • comment libvirt-daemon-driver-storage-mpath is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029058
    • AND
      • comment libvirt-daemon-driver-storage-rbd is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113065
      • comment libvirt-daemon-driver-storage-rbd is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029046
    • AND
      • comment libvirt-daemon-driver-storage-scsi is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113047
      • comment libvirt-daemon-driver-storage-scsi is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029042
    • AND
      • comment libvirt-daemon-kvm is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113025
      • comment libvirt-daemon-kvm is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914044
    • AND
      • comment libvirt-daemon-lxc is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113023
      • comment libvirt-daemon-lxc is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914030
    • AND
      • comment libvirt-devel is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113031
      • comment libvirt-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20131581010
    • AND
      • comment libvirt-docs is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113007
      • comment libvirt-docs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914032
    • AND
      • comment libvirt-libs is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113027
      • comment libvirt-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20180029054
    • AND
      • comment libvirt-lock-sanlock is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113043
      • comment libvirt-lock-sanlock is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20131581014
    • AND
      • comment libvirt-login-shell is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113051
      • comment libvirt-login-shell is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20140914014
    • AND
      • comment libvirt-nss is earlier than 0:4.5.0-10.el7
        oval oval:com.redhat.rhsa:tst:20183113059
      • comment libvirt-nss is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20162577024
rhsa
id RHSA-2018:3113
released 2018-10-30
severity Moderate
title RHSA-2018:3113: libvirt security, bug fix, and enhancement update (Moderate)
rpms
  • libvirt-0:4.5.0-10.el7
  • libvirt-admin-0:4.5.0-10.el7
  • libvirt-bash-completion-0:4.5.0-10.el7
  • libvirt-client-0:4.5.0-10.el7
  • libvirt-daemon-0:4.5.0-10.el7
  • libvirt-daemon-config-network-0:4.5.0-10.el7
  • libvirt-daemon-config-nwfilter-0:4.5.0-10.el7
  • libvirt-daemon-driver-interface-0:4.5.0-10.el7
  • libvirt-daemon-driver-lxc-0:4.5.0-10.el7
  • libvirt-daemon-driver-network-0:4.5.0-10.el7
  • libvirt-daemon-driver-nodedev-0:4.5.0-10.el7
  • libvirt-daemon-driver-nwfilter-0:4.5.0-10.el7
  • libvirt-daemon-driver-qemu-0:4.5.0-10.el7
  • libvirt-daemon-driver-secret-0:4.5.0-10.el7
  • libvirt-daemon-driver-storage-0:4.5.0-10.el7
  • libvirt-daemon-driver-storage-core-0:4.5.0-10.el7
  • libvirt-daemon-driver-storage-disk-0:4.5.0-10.el7
  • libvirt-daemon-driver-storage-gluster-0:4.5.0-10.el7
  • libvirt-daemon-driver-storage-iscsi-0:4.5.0-10.el7
  • libvirt-daemon-driver-storage-logical-0:4.5.0-10.el7
  • libvirt-daemon-driver-storage-mpath-0:4.5.0-10.el7
  • libvirt-daemon-driver-storage-rbd-0:4.5.0-10.el7
  • libvirt-daemon-driver-storage-scsi-0:4.5.0-10.el7
  • libvirt-daemon-kvm-0:4.5.0-10.el7
  • libvirt-daemon-lxc-0:4.5.0-10.el7
  • libvirt-devel-0:4.5.0-10.el7
  • libvirt-docs-0:4.5.0-10.el7
  • libvirt-libs-0:4.5.0-10.el7
  • libvirt-lock-sanlock-0:4.5.0-10.el7
  • libvirt-login-shell-0:4.5.0-10.el7
  • libvirt-nss-0:4.5.0-10.el7
refmap via4
debian DSA-4137
mlist [libvirt] 20180205 [PATCH] virlog: determine the hostname on startup CVE-2018-XXX
ubuntu USN-3576-1
Last major update 23-02-2018 - 12:29
Published 23-02-2018 - 12:29
Last modified 26-03-2019 - 14:40
Back to Top