Lucene search
This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2021-0B784A4D02.NASLHistoryMar 29, 2021 - 12:00 a.m.
Fedora 33 : xen (2021-0b784a4d02)
2021-03-2900:00:00
This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
12.6%
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-0b784a4d02 advisory.
-
HVM soft-reset crashes toolstack (XSA-368) (CVE-2021-28687)
-
HVM soft-reset crashes toolstack (XSA-368) [fedora-all] (CVE-2021-28687)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable Network Security, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2021-0b784a4d02
#
include('compat.inc');
if (description)
{
script_id(148202);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/01/21");
script_cve_id("CVE-2021-28687");
script_xref(name:"FEDORA", value:"2021-0b784a4d02");
script_name(english:"Fedora 33 : xen (2021-0b784a4d02)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the
FEDORA-2021-0b784a4d02 advisory.
- HVM soft-reset crashes toolstack (XSA-368) (CVE-2021-28687)
- HVM soft-reset crashes toolstack (XSA-368) [fedora-all] (CVE-2021-28687)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2021-0b784a4d02");
script_set_attribute(attribute:"solution", value:
"Update the affected xen package.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-28687");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/03/18");
script_set_attribute(attribute:"patch_publication_date", value:"2021/03/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/03/29");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:33");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xen");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include('audit.inc');
include('global_settings.inc');
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item('Host/RedHat/release');
if (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
os_ver = os_ver[1];
if (! preg(pattern:"^33([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 33', 'Fedora ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);
pkgs = [
{'reference':'xen-4.14.1-7.fc33', 'release':'FC33', 'rpm_spec_vers_cmp':TRUE}
];
flag = 0;
foreach package_array ( pkgs ) {
reference = NULL;
release = NULL;
sp = NULL;
cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && release) {
if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'xen');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | 33 | cpe:/o:fedoraproject:fedora:33 |
| fedoraproject | fedora | xen | p-cpe:/a:fedoraproject:fedora:xen |
Related
cve
cve
CVE-2021-28687
2021-06-11 15:15:11
ubuntucve
ubuntucve
CVE-2021-28687
2021-06-11 00:00:00
openvas
openvas
Fedora: Security Advisory for xen (FEDORA-2021-0b784a4d02)
2021-03-27 00:00:00
Fedora: Security Advisory for xen (FEDORA-2021-7b4dcfcb6d)
2021-03-31 00:00:00
Fedora: Security Advisory for xen (FEDORA-2021-7b4dcfcb6d)
2021-03-31 00:00:00
osv
osv
CVE-2021-28687
2021-06-11 15:15:11
fedora
fedora
[SECURITY] Fedora 34 Update: xen-4.14.1-7.fc34
2021-03-31 00:17:47
[SECURITY] Fedora 32 Update: xen-4.13.2-8.fc32
2021-03-27 01:24:07
[SECURITY] Fedora 33 Update: xen-4.14.1-7.fc33
2021-03-27 01:11:53
veracode
veracode
Denial Of Service(DoS)
2021-04-01 18:23:00
alpinelinux
alpinelinux
CVE-2021-28687
2021-06-11 15:15:00
xen
xen
HVM soft-reset crashes toolstack
2021-03-18 11:57:00
nessus
nessus
Fedora 32 : xen (2021-a468f36bbe)
2021-03-29 00:00:00
openSUSE Security Update : xen (openSUSE-2021-514)
2021-04-08 00:00:00
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2021:1028-1)
2021-04-07 00:00:00
debiancve
debiancve
CVE-2021-28687
2021-06-11 15:15:11
nvd
nvd
CVE-2021-28687
2021-06-11 15:15:11
prion
prion
Design/Logic Flaw
2021-06-11 15:15:00
cvelist
cvelist
CVE-2021-28687
2021-06-11 14:54:14
gentoo
gentoo
Xen: Multiple vulnerabilities
2021-07-12 00:00:00
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
12.6%
Related for FEDORA_2021-0B784A4D02.NASL