8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
73.6%
The redhat-virtualization-host packages provide the Red Hat Virtualization Host.
These packages include redhat-release-virtualization-host. Red Hat
Virtualization Hosts (RHVH) are installed using a special build of Red Hat
Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and
performing administrative tasks.
Security Fix(es):
glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
hw: vt-d related privilege escalation (CVE-2020-24489)
dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | noarch | redhat-virtualization-host-image-update | < 4.3.16-20210615.0.el7_9 | redhat-virtualization-host-image-update-4.3.16-20210615.0.el7_9.noarch.rpm |
RedHat | 7 | x86_64 | redhat-release-virtualization-host | < 4.3.16-1.el7ev | redhat-release-virtualization-host-4.3.16-1.el7ev.x86_64.rpm |
RedHat | 7 | noarch | redhat-virtualization-host-image-update-placeholder | < 4.3.16-1.el7ev | redhat-virtualization-host-image-update-placeholder-4.3.16-1.el7ev.noarch.rpm |
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
73.6%