Scientific Linux Security Update : libvirt on SL7.x x86_64

Medium Nessus Plugin ID 109853

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

Security Fix(es) :

- libvirt: Resource exhaustion via qemuMonitorIORead() method (CVE-2018-5748)

- libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent (CVE-2018-1064)

The CVE-2018-1064 issue was discovered by Daniel P. Berrang (Red Hat) and the CVE-2018-5748 issue was discovered by Daniel P. Berrange (Red Hat) and Peter Krempa (Red Hat).

Bug Fix(es) :

- Previously, the check for a non-unique device boot order did not properly handle updates of existing devices when a new device was attached to a guest. Consequently, updating any device with a specified boot order failed.
With this update, the duplicity check detects correctly handles updates and ignores the original device, which avoids reporting false conflicts. As a result, updating a device with a boot order succeeds.

- In Scientific Linux 7.5, guests with SCSI passthrough enabled failed to boot because of changes in kernel CGroup detection. With this update, libvirt fetches dependencies and adds them to the device CGroup. As a result, and the affected guests now start as expected.

- The VMX parser in libvirt did not parse more than four network interfaces. As a consequence, the esx driver did not expose more than four network interface cards (NICs) for guests running ESXi. With this update, the VMX parser parses all the available NICs in .vmx files. As a result, libvirt reports all the NICs of guests running ESXi.

- Previously, user aliases for PTY devices that were longer than 32 characters were not supported.
Consequently, if a domain included a PTY device with a user alias longer than 32 characters, the domain would not start. With this update, a static buffer was replaced with a dynamic buffer. As a result, the domain starts even if the length of the user alias for a PTY device is longer than 32 characters.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?7a267740

Plugin Details

Severity: Medium

ID: 109853

File Name: sl_20180515_libvirt_on_SL7_x.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2018/05/16

Modified: 2018/05/16

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2018/05/15

Reference Information

CVE: CVE-2018-1064, CVE-2018-5748