Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2024 Greenbone AGOPENVAS:1361412562311920241011005461013543
HistorySep 10, 2024 - 12:00 a.m.

Fedora: Security Advisory (FEDORA-2024-ed546e3543)

2024-09-1000:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
1
fedora
security advisory
xen
package
error handling
pci device pass-through
vulnerability
update
fedora 39

AI Score

6.7

Confidence

Low

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.9.2024.1011005461013543");
  script_cve_id("CVE-2024-31145", "CVE-2024-31146");
  script_tag(name:"creation_date", value:"2024-09-10 12:54:26 +0000 (Tue, 10 Sep 2024)");
  script_version("2024-09-13T05:05:46+0000");
  script_tag(name:"last_modification", value:"2024-09-13 05:05:46 +0000 (Fri, 13 Sep 2024)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");

  script_name("Fedora: Security Advisory (FEDORA-2024-ed546e3543)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2024 Greenbone AG");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC39");

  script_xref(name:"Advisory-ID", value:"FEDORA-2024-ed546e3543");
  script_xref(name:"URL", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2024-ed546e3543");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'xen' package(s) announced via the FEDORA-2024-ed546e3543 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"error handling in x86 IOMMU identity mapping [XSA-460, CVE-2024-31145]
PCI device pass-through with shared resources [XSA-461, CVE-2024-31146]");

  script_tag(name:"affected", value:"'xen' package(s) on Fedora 39.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "FC39") {

  if(!isnull(res = isrpmvuln(pkg:"xen", rpm:"xen~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-debuginfo", rpm:"xen-debuginfo~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-debugsource", rpm:"xen-debugsource~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-devel", rpm:"xen-devel~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-doc", rpm:"xen-doc~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-hypervisor", rpm:"xen-hypervisor~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-libs", rpm:"xen-libs~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-libs-debuginfo", rpm:"xen-libs-debuginfo~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-licenses", rpm:"xen-licenses~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-ocaml", rpm:"xen-ocaml~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-ocaml-debuginfo", rpm:"xen-ocaml-debuginfo~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-ocaml-devel", rpm:"xen-ocaml-devel~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-runtime", rpm:"xen-runtime~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"xen-runtime-debuginfo", rpm:"xen-runtime-debuginfo~4.17.4~3.fc39", rls:"FC39"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

nessus 7
osv 6
openvas 6
redos 1
fedora 2
debiancve 2
ubuntucve 2
xen 2
nessus
nessus
Fedora 40 : xen (2024-91ddad6c8b)
2024-08-31 00:00:00
Fedora 39 : xen (2024-ed546e3543)
2024-08-31 00:00:00
SUSE SLES15 Security Update : xen (SUSE-SU-2024:3001-1)
2024-08-25 00:00:00
osv
osv
Security update for xen
2024-08-23 08:15:47
Security update for xen
2024-09-02 14:41:08
xen-4.19.0_02-1.1 on GA media
2024-08-20 00:00:00
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-91ddad6c8b)
2024-09-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2994-1)
2024-08-22 00:00:00
openSUSE: Security Advisory for xen (SUSE-SU-2024:3113-1)
2024-09-06 00:00:00
redos
redos
ROS-20240917-07
2024-09-17 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: xen-4.18.2-5.fc40
2024-08-31 02:04:04
[SECURITY] Fedora 39 Update: xen-4.17.4-3.fc39
2024-08-31 01:59:30
debiancve
debiancve
CVE-2024-31145
2024-08-14 13:36:56
CVE-2024-31146
2024-08-14 13:36:56
ubuntucve
ubuntucve
CVE-2024-31145
2024-08-15 00:00:00
CVE-2024-31146
2024-08-15 00:00:00
xen
xen
error handling in x86 IOMMU identity mapping
2024-08-13 12:00:00
PCI device pass-through with shared resources
2024-08-13 12:00:00

AI Score

6.7

Confidence

Low

JSON
Related for OPENVAS:1361412562311920241011005461013543
nessus7osv6openvas6redos1fedora2debiancve2ubuntucve2xen2