Detections
Analytics
Alibaba Cloud Linux 3 : 0222: virt:rhel (ALINUX3-SA-2024:0222)
medium Nessus Plugin ID 236344
Synopsis
The remote Alibaba Cloud Linux host is missing one or more security updates.Description
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0222 advisory.Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities:
CVE-2020-14301:
An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.
CVE-2024-3446:
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio- crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.
CVE-2024-4418:
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's stack frame was concurrently being freed when returning from virNetClientIOEventLoop(). The 'virtproxyd' daemon can be used to trigger requests. If libvirt is configured with fine-grained access control, this issue, in theory, allows a user to escape their otherwise limited access. This flaw allows a local, unprivileged user to access virtproxyd without authenticating. Remote users would need to authenticate before they could access it.
CVE-2024-4467:
A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.
CVE-2024-7383:
A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.
CVE-2024-7409:
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.
Tenable has extracted the preceding description block directly from the Alibaba Cloud Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
http://mirrors.aliyun.com/alinux/3/cve/alinux3-sa-20240222.xml
Plugin Details
Severity: Medium
ID: 236344
File Name: alinux3_sa_2024-0222.nasl
Version: 1.1
Type: local
Published: 5/14/2025
Updated: 5/14/2025
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.1
CVSS v2
Risk Factor: Medium
Base Score: 4
Temporal Score: 3
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS Score Source: CVE-2020-14301
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-wireshark-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-img, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-iscsi-direct-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-img-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ocaml-libnbd-devel, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libnbd-bash-completion, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-libs-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-iscsi-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-nss-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:nbdfuse-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-ui-spice, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-rbd-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-ui-spice-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-qemu-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-core-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-rbd, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-guest-agent, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-curl, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-libs, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-guest-agent-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ocaml-libnbd, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-scsi-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-client, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-devel, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-nodedev-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-secret-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-nwfilter-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-docs, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-core-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-ui-opengl, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-scsi, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-iscsi, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-hw-usbredir-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-user-static-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-core, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-ssh, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-logical-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-config-nwfilter, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-iscsi-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-ui-opengl-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-kvm, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-secret, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-qemu, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:python3-libnbd-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-curl-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-docs, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-nss, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-network, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-disk, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-core, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-gluster-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-user-static, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-client-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-ssh-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libnbd-devel, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-rbd-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-interface, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libnbd-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-config-network, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libnbd-debuginfo, cpe:/o:alibabacloud:alibaba_cloud_linux_3, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-gluster, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-common-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-logical, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-lock-sanlock-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-iscsi-direct, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-rbd, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-nodedev, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-network-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-hw-usbredir, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-disk-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-lock-sanlock, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-interface-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-gluster-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-nwfilter, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:python3-libnbd, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-mpath-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-tests, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libnbd, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-mpath, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:nbdfuse, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-daemon-driver-storage-gluster, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-block-iscsi, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:ocaml-libnbd-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:libvirt-wireshark, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:qemu-kvm-common
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Alibaba/release, Host/Alibaba/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 9/30/2024
Vulnerability Publication Date: 11/4/2020
Reference Information
CVE: CVE-2020-14301, CVE-2024-3446, CVE-2024-4418, CVE-2024-4467, CVE-2024-7383, CVE-2024-7409