Lucene search
OracleLinuxELSA-2023-5264HistorySep 21, 2023 - 12:00 a.m.
virt:ol and virt-devel:rhel security and bug fix update
2023-09-2100:00:00
linux.oracle.com
6
virt
rhel
security
bug fix
update
hivex
libguestfs
libguestfs-winsupport
libiscsi
libnbd
libtpms
libvirt
libvirt-dbus
libvirt-python
nbdkit
netcf
perl-sys-virt
qemu-kvm
seabios
sgabios
supermin
swtpm
virt-v2v
unix
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
19.3%
hivex
libguestfs
libguestfs-winsupport
[8.8-2]
- Rebase to ntfs-3g 2022.10.3
- Fixes: CVE-2022-40284
- resolves: rhbz#2236373
libiscsi
libnbd
libtpms
libvirt
libvirt-dbus
libvirt-python
nbdkit
netcf
perl-Sys-Virt
qemu-kvm
[6.2.0-33] - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service
seabios
[1.16.0-4] - seabios-malloc-use-variable-for-ZoneHigh-size.patch [bz#2227373]
- seabios-malloc-use-large-ZoneHigh-when-there-is-enough-memor.patch [bz#2227373]
- Resolves: bz#2227373
(“No bootable device” with OS boot disk interface VirtIO-SCSI and with more than 9 VirtIO disks.)
sgabios
supermin
swtpm
virt-v2v
Related
redhat
redhat
(RHSA-2023:5796) Important: virt:rhel security update
2023-10-17 15:00:10
(RHSA-2023:5239) Important: virt:rhel and virt-devel:rhel security update
2023-09-19 12:23:30
nessus
nessus
RHEL 8 : virt:rhel (RHSA-2023:5587)
2023-10-10 00:00:00
Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2023-5264)
2023-09-21 00:00:00
AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2023:5264)
2023-09-22 00:00:00
almalinux
almalinux
Important: virt:rhel and virt-devel:rhel security and bug fix update
2023-09-19 00:00:00
Low: libguestfs-winsupport security update
2023-10-30 00:00:00
Important: qemu-kvm security and bug fix update
2023-09-12 00:00:00
osv
osv
Important: virt:rhel and virt-devel:rhel security and bug fix update
2023-09-19 00:00:00
ntfs-3g - security update
2022-11-04 00:00:00
ntfs-3g - security update
2022-11-22 00:00:00
redos
redos
ROS-20221103-05
2022-11-03 00:00:00
ROS-20230825-05
2023-08-25 00:00:00
debian
debian
[SECURITY] [DLA 3201-1] ntfs-3g security update
2022-11-21 23:30:30
[SECURITY] [DSA 5270-1] ntfs-3g security update
2022-11-04 08:49:21
[SECURITY] [DLA 3759-1] qemu security update
2024-03-11 17:27:27
openvas
openvas
Ubuntu: Security Advisory (USN-5711-2)
2022-11-04 00:00:00
Ubuntu: Security Advisory (USN-5711-1)
2022-11-03 00:00:00
Fedora: Security Advisory for ntfs-3g (FEDORA-2022-4915124227)
2022-12-02 00:00:00
oraclelinux
oraclelinux
libguestfs-winsupport security update
2023-10-30 00:00:00
qemu-kvm security and bug fix update
2023-09-13 00:00:00
kvm_utils3 security update
2023-10-07 00:00:00
redhatcve
redhatcve
CVE-2022-40284
2023-08-30 14:16:24
CVE-2023-3354
2023-06-28 11:17:06
prion
prion
Buffer overflow
2022-11-06 23:15:00
Null pointer dereference
2023-07-11 17:15:00
ubuntu
ubuntu
NTFS-3G vulnerability
2022-11-03 00:00:00
NTFS-3G vulnerability
2022-11-02 00:00:00
QEMU vulnerabilities
2024-01-08 00:00:00
alpinelinux
alpinelinux
CVE-2022-40284
2022-11-06 23:15:00
CVE-2023-3354
2023-07-11 17:15:13
fedora
fedora
[SECURITY] Fedora 35 Update: ntfs-3g-2022.10.3-1.fc35
2022-12-02 06:21:56
[SECURITY] Fedora 37 Update: ntfs-3g-2022.10.3-1.fc37
2022-12-23 01:20:07
[SECURITY] Fedora 36 Update: ntfs-3g-2022.10.3-1.fc36
2022-12-02 01:37:23
ubuntucve
ubuntucve
CVE-2022-40284
2022-10-31 00:00:00
CVE-2023-3354
2023-07-11 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-11-02 18:24:39
Denial Of Service (DoS)
2023-08-13 19:55:03
suse
suse
Security update for ntfs-3g_ntfsprogs (important)
2022-11-03 00:00:00
debiancve
debiancve
CVE-2022-40284
2022-11-06 23:15:00
CVE-2023-3354
2023-07-11 17:15:13
cbl_mariner
cbl_mariner
CVE-2022-40284 affecting package ntfs-3g for versions less than 2022.10.3-1
2022-12-09 00:19:52
CVE-2023-3354 affecting package qemu for versions less than 6.2.0-19
2023-11-28 22:14:06
CVE-2023-3354 affecting package qemu for versions less than 8.2.0-1
2024-03-19 17:21:46
cve
cve
CVE-2022-40284
2022-11-06 23:15:00
CVE-2023-3354
2023-07-11 17:15:13
mageia
mageia
Updated ntfs-3g packages fix security vulnerability
2022-11-05 00:16:03
cvelist
cvelist
CVE-2022-40284
2022-11-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package ntfs-3g version 2:2021.8.22-alt2
2023-04-21 00:00:00
slackware
slackware
[slackware-security] ntfs-3g
2023-05-25 19:14:57
gentoo
gentoo
NTFS-3G: Multiple Vulnerabilities
2023-01-11 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
19.3%
Related for ELSA-2023-5264