Detections
Analytics

SuSE 11.3 Security Update : libvirt (SAT Patch Number 8421)

medium Nessus Plugin ID 70797

Language:

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

libvirt has been updated to the 1.0.5.6 stable release that fixes bugs and security issues :

 - Fix crash in remoteDispatchDomainMemoryStats.
 (CVE-2013-4296)

 - virBitmapParse out-of-bounds read access Libvirt on SLES 11 SP3 is not affected:. (CVE-2013-5651)

 - Add support for using 3-arg pkcheck syntax for process (). (CVE-2013-4311)

 - security: provide supplemental groups even when parsing label () Changes in this version:. (CVE-2013-4291)

 - virsh: fix change-media bug on disk block type

 - Include process start time when doing polkit checks

 - qemuDomainChangeGraphics: Check listen address change by listen type

 - python: return dictionary without value in case of no blockjob

 - virbitmap: Refactor virBitmapParse to avoid access beyond bounds of array Also the following bug has been fixed :

 - Fix retrieval of SRIOV VF info, which prevented using some SRIOV virtual functions in guest domains with '' (bnc#837329)

Solution

Apply SAT patch number 8421.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=836931

https://bugzilla.novell.com/show_bug.cgi?id=837329

https://bugzilla.novell.com/show_bug.cgi?id=837530

https://bugzilla.novell.com/show_bug.cgi?id=837999

https://bugzilla.novell.com/show_bug.cgi?id=838638

http://support.novell.com/security/cve/CVE-2013-4291.html

http://support.novell.com/security/cve/CVE-2013-4296.html

http://support.novell.com/security/cve/CVE-2013-4311.html

http://support.novell.com/security/cve/CVE-2013-5651.html

Plugin Details

Severity: Medium

ID: 70797

File Name: suse_11_libvirt-131004.nasl

Version: 1.3

Type: local

Agent: unix

Published: 11/9/2013

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:libvirt, p-cpe:/a:novell:suse_linux:11:libvirt-client, p-cpe:/a:novell:suse_linux:11:libvirt-client-32bit, p-cpe:/a:novell:suse_linux:11:libvirt-doc, p-cpe:/a:novell:suse_linux:11:libvirt-lock-sanlock, p-cpe:/a:novell:suse_linux:11:libvirt-python, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 10/4/2013

Reference Information

CVE: CVE-2013-4291, CVE-2013-4296, CVE-2013-4311, CVE-2013-5651