(RHSA-2021:2521) Moderate: virt:8.2 and virt-devel:8.2 security update

2021-06-2213:35:00

access.redhat.com

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

13.3%

JSON

The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

Security Fix(es):

QEMU: msix: OOB access during mmio operations may lead to DoS (CVE-2020-13754)
qemu: out-of-bound heap buffer access via an interrupt ID field (CVE-2021-20221)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHatanyppc64lelibvirt-daemon-driver-nodedev< 6.0.0-25.5.module+el8.2.1+8680+ea98947blibvirt-daemon-driver-nodedev-6.0.0-25.5.module+el8.2.1+8680+ea98947b.ppc64le.rpm
RedHatanys390xnbdkit-gzip-plugin< 1.16.2-4.module+el8.2.1+6710+effcb1dfnbdkit-gzip-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df.s390x.rpm
RedHatanyaarch64hivex< 1.3.18-20.module+el8.2.0+5588+63a201c3hivex-1.3.18-20.module+el8.2.0+5588+63a201c3.aarch64.rpm
RedHatanys390xlibnbd-debugsource< 1.2.2-1.module+el8.2.0+5644+32ac38d4libnbd-debugsource-1.2.2-1.module+el8.2.0+5644+32ac38d4.s390x.rpm
RedHatanys390xqemu-kvm-core< 4.2.0-29.module+el8.2.1+11280+70ae3d73.8qemu-kvm-core-4.2.0-29.module+el8.2.1+11280+70ae3d73.8.s390x.rpm
RedHatanys390xpython3-hivex< 1.3.18-20.module+el8.2.0+5588+63a201c3python3-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3.s390x.rpm
RedHatanys390xvirglrenderer< 0.8.2-1.module+el8.2.0+5777+d9c2af8cvirglrenderer-0.8.2-1.module+el8.2.0+5777+d9c2af8c.s390x.rpm
RedHatanyppc64lelibvirt-nss< 6.0.0-25.5.module+el8.2.1+8680+ea98947blibvirt-nss-6.0.0-25.5.module+el8.2.1+8680+ea98947b.ppc64le.rpm
RedHatanyx86_64virt-dib< 1.40.2-24.module+el8.2.1+7154+47ffd890virt-dib-1.40.2-24.module+el8.2.1+7154+47ffd890.x86_64.rpm
RedHatanyx86_64nbdkit-vddk-plugin-debuginfo< 1.16.2-4.module+el8.2.1+6710+effcb1dfnbdkit-vddk-plugin-debuginfo-1.16.2-4.module+el8.2.1+6710+effcb1df.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ppc64le	libvirt-daemon-driver-nodedev	< 6.0.0-25.5.module+el8.2.1+8680+ea98947b	libvirt-daemon-driver-nodedev-6.0.0-25.5.module+el8.2.1+8680+ea98947b.ppc64le.rpm
RedHat	any	s390x	nbdkit-gzip-plugin	< 1.16.2-4.module+el8.2.1+6710+effcb1df	nbdkit-gzip-plugin-1.16.2-4.module+el8.2.1+6710+effcb1df.s390x.rpm
RedHat	any	aarch64	hivex	< 1.3.18-20.module+el8.2.0+5588+63a201c3	hivex-1.3.18-20.module+el8.2.0+5588+63a201c3.aarch64.rpm
RedHat	any	s390x	libnbd-debugsource	< 1.2.2-1.module+el8.2.0+5644+32ac38d4	libnbd-debugsource-1.2.2-1.module+el8.2.0+5644+32ac38d4.s390x.rpm
RedHat	any	s390x	qemu-kvm-core	< 4.2.0-29.module+el8.2.1+11280+70ae3d73.8	qemu-kvm-core-4.2.0-29.module+el8.2.1+11280+70ae3d73.8.s390x.rpm
RedHat	any	s390x	python3-hivex	< 1.3.18-20.module+el8.2.0+5588+63a201c3	python3-hivex-1.3.18-20.module+el8.2.0+5588+63a201c3.s390x.rpm
RedHat	any	s390x	virglrenderer	< 0.8.2-1.module+el8.2.0+5777+d9c2af8c	virglrenderer-0.8.2-1.module+el8.2.0+5777+d9c2af8c.s390x.rpm
RedHat	any	ppc64le	libvirt-nss	< 6.0.0-25.5.module+el8.2.1+8680+ea98947b	libvirt-nss-6.0.0-25.5.module+el8.2.1+8680+ea98947b.ppc64le.rpm
RedHat	any	x86_64	virt-dib	< 1.40.2-24.module+el8.2.1+7154+47ffd890	virt-dib-1.40.2-24.module+el8.2.1+7154+47ffd890.x86_64.rpm
RedHat	any	x86_64	nbdkit-vddk-plugin-debuginfo	< 1.16.2-4.module+el8.2.1+6710+effcb1df	nbdkit-vddk-plugin-debuginfo-1.16.2-4.module+el8.2.1+6710+effcb1df.x86_64.rpm