Detections
Analytics

MiracleLinux 4 : libvirt-0.10.2-18.5.0.1.AXS4 (AXSA:2013-450:06)

high Nessus Plugin ID 289739

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-450:06 advisory.

 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support.
 Security issues fixed with this release:
 CVE-2013-1962 No information available at the time of writing, please refer to the CVE link below.
 Fixed bugs:
 Previously, libvirt made cgroup requests on some files that should have not received such requests and the newer kernels would log warnings and failure messages to the libvirtd and audit logs. This has been fixed.
 Previously, because libvirt used the wrong variable when constructing audit messages, ausearch formatted tcertain entries as having path=(null) instead of the correct path. This has been fixed.
 Previously IPv6 was not handled properly during migration. This has been fixed.
 Previously, a race condition in the libvirt client library could make applications using libvirt crash with a segmentation fault. This was due to one thread trying to free the connection to an object when another thread executed the connection close callback. This has been fixed.
 Fixed the client crashing when the server drops connection.
 Previously, using the virsh vol-create-from command to clone a storage volume not in RAW format from a directory, systemor NFS pool failed with an unknown file format error message. This has been fixed.
 Previously, guests set to be automatically destroyed when a connection was closed failed to be destroyed and the libvirtd daemon would crash. This has been fixed.
 Previously, on machines under heavy load, the libvirt test suite, run during RPM build, sometimes ended up in a deadlock and the build never finished. This has been fixed.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/4117

Plugin Details

Severity: High

ID: 289739

File Name: miracle_linux_AXSA-2013-450.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2013-1962

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:libvirt, p-cpe:/a:miracle:linux:libvirt-client, cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:libvirt-devel, p-cpe:/a:miracle:linux:libvirt-python

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/21/2013

Vulnerability Publication Date: 5/16/2013

Reference Information

CVE: CVE-2013-1962