(RHSA-2021:5036) Moderate: virt:8.2 and virt-devel:8.2 security update

2021-12-0818:36:58

access.redhat.com

7.5 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

13.3%

JSON

The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

Security Fix(es):

QEMU: virtio-net: heap use-after-free in virtio_net_receive_rcu (CVE-2021-3748)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHatanyx86_64virt-dib-debuginfo< 1.40.2-24.module+el8.2.1+7154+47ffd890virt-dib-debuginfo-1.40.2-24.module+el8.2.1+7154+47ffd890.x86_64.rpm
RedHatanyaarch64qemu-kvm< 4.2.0-29.module+el8.2.1+13346+415e44e8.10qemu-kvm-4.2.0-29.module+el8.2.1+13346+415e44e8.10.aarch64.rpm
RedHatanyaarch64libvirt-nss< 6.0.0-25.6.module+el8.2.1+12457+868e9540libvirt-nss-6.0.0-25.6.module+el8.2.1+12457+868e9540.aarch64.rpm
RedHatanys390xlibguestfs-tools-c< 1.40.2-24.module+el8.2.1+7154+47ffd890libguestfs-tools-c-1.40.2-24.module+el8.2.1+7154+47ffd890.s390x.rpm
RedHatanynoarchlibguestfs-javadoc< 1.40.2-24.module+el8.2.1+7154+47ffd890libguestfs-javadoc-1.40.2-24.module+el8.2.1+7154+47ffd890.noarch.rpm
RedHatanyi686libvirt-client< 6.0.0-25.6.module+el8.2.1+12457+868e9540libvirt-client-6.0.0-25.6.module+el8.2.1+12457+868e9540.i686.rpm
RedHatanys390xlibvirt-devel< 6.0.0-25.6.module+el8.2.1+12457+868e9540libvirt-devel-6.0.0-25.6.module+el8.2.1+12457+868e9540.s390x.rpm
RedHatanyppc64lelibvirt-daemon-driver-storage-disk< 6.0.0-25.6.module+el8.2.1+12457+868e9540libvirt-daemon-driver-storage-disk-6.0.0-25.6.module+el8.2.1+12457+868e9540.ppc64le.rpm
RedHatanyi686swtpm-devel< 0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0swtpm-devel-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0.i686.rpm
RedHatanyaarch64qemu-kvm-tests< 4.2.0-29.module+el8.2.1+13346+415e44e8.10qemu-kvm-tests-4.2.0-29.module+el8.2.1+13346+415e44e8.10.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	x86_64	virt-dib-debuginfo	< 1.40.2-24.module+el8.2.1+7154+47ffd890	virt-dib-debuginfo-1.40.2-24.module+el8.2.1+7154+47ffd890.x86_64.rpm
RedHat	any	aarch64	qemu-kvm	< 4.2.0-29.module+el8.2.1+13346+415e44e8.10	qemu-kvm-4.2.0-29.module+el8.2.1+13346+415e44e8.10.aarch64.rpm
RedHat	any	aarch64	libvirt-nss	< 6.0.0-25.6.module+el8.2.1+12457+868e9540	libvirt-nss-6.0.0-25.6.module+el8.2.1+12457+868e9540.aarch64.rpm
RedHat	any	s390x	libguestfs-tools-c	< 1.40.2-24.module+el8.2.1+7154+47ffd890	libguestfs-tools-c-1.40.2-24.module+el8.2.1+7154+47ffd890.s390x.rpm
RedHat	any	noarch	libguestfs-javadoc	< 1.40.2-24.module+el8.2.1+7154+47ffd890	libguestfs-javadoc-1.40.2-24.module+el8.2.1+7154+47ffd890.noarch.rpm
RedHat	any	i686	libvirt-client	< 6.0.0-25.6.module+el8.2.1+12457+868e9540	libvirt-client-6.0.0-25.6.module+el8.2.1+12457+868e9540.i686.rpm
RedHat	any	s390x	libvirt-devel	< 6.0.0-25.6.module+el8.2.1+12457+868e9540	libvirt-devel-6.0.0-25.6.module+el8.2.1+12457+868e9540.s390x.rpm
RedHat	any	ppc64le	libvirt-daemon-driver-storage-disk	< 6.0.0-25.6.module+el8.2.1+12457+868e9540	libvirt-daemon-driver-storage-disk-6.0.0-25.6.module+el8.2.1+12457+868e9540.ppc64le.rpm
RedHat	any	i686	swtpm-devel	< 0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0	swtpm-devel-0.2.0-2.20200127gitff5a83b.module+el8.2.0+5579+d71178e0.i686.rpm
RedHat	any	aarch64	qemu-kvm-tests	< 4.2.0-29.module+el8.2.1+13346+415e44e8.10	qemu-kvm-tests-4.2.0-29.module+el8.2.1+13346+415e44e8.10.aarch64.rpm