Description of changes:

[5.0.0-9.el7]
- qemu: remove cpuhostmask and cpuguestmask from virCaps structure (Wim ten Have) [Orabug: 29956508]

[5.0.0-8.el7]
- api: disallow virDomainSaveImageGetXMLDesc on read-only connections (J&aacute n Tomko) [Orabug: 29955742] {CVE-2019-10161}
- domain: Define explicit flags for saved image xml (Eric Blake) [Orabug: 29955742]
- api: disallow virDomainManagedSaveDefineXML on read-only connections (J&aacute n Tomko) [Orabug: 29955742] {CVE-2019-10166}
- api: disallow virConnectGetDomainCapabilities on read-only connections (J&aacute n Tomko) [Orabug: 29955742] {CVE-2019-10167}
- api: disallow virConnect*HypervisorCPU on read-only connections (J&aacute n Tomko) [Orabug: 29955742] {CVE-2019-10168}

[5.0.0-7.el7]
- cpu_map: Define md-clear CPUID bit (Jiri Denemark) [Orabug: 29874181] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}

[5.0.0-6.el7]
- qemu: Driver change adding private lock to auto-tune hugepages (Wim ten Have) [Orabug: 29809943]

[5.0.0-5.el7]
- qemu: disable setmem change requests for vNUMA targets (Wim ten Have) [Orabug: 29797366]
- domain: Disable memballoon memory configuration support for vNUMA guests (Wim ten Have) [Orabug: 29797366]
- qemu: Driver change to target for vNUMA setmaxmem change request (Wim ten Have) [Orabug: 29749852]
- domain: Add domain memory config support for vNUMA guests (Wim ten Have) [Orabug: 29749852]
- logging: restrict sockets to mode 0600 (Daniel P. Berrang&eacute ) [Orabug: 29861433] {CVE-2019-10132}
- locking: restrict sockets to mode 0600 (Daniel P. Berrang&eacute ) [Orabug: 29861433] {CVE-2019-10132}
- admin: reject clients unless their UID matches the current UID (Daniel P. Berrang&eacute ) [Orabug: 29861433] {CVE-2019-10132}

Detections

Analytics

Oracle Linux 7 : libvirt (ELSA-2019-4714) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

high Nessus Plugin ID 126674

Version 1.7

Version 1.6

Version 1.7 May 27, 2024, 11:42 AM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202405271142
Version 1.6 Dec 6, 2022, 6:51 PM Reference Plugin Feed: 202212061851