Lucene search

K
redhatRedHatRHSA-2022:0759
HistoryMar 07, 2022 - 2:27 p.m.

(RHSA-2022:0759) Moderate: virt:rhel and virt-devel:rhel security and bug fix update

2022-03-0714:27:59
access.redhat.com
25

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

0.4%

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

Security Fix(es):

  • QEMU: virtiofsd: potential privilege escalation via CVE-2018-13405 (CVE-2022-0358)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Incompatibilities between 8.5 virsh and libvirtd from virt:av (BZ#2053520)
OSVersionArchitecturePackageVersionFilename
RedHatanys390xnetcf-devel< 0.2.8-12.module+el8.1.0+4066+0f1aadabnetcf-devel-0.2.8-12.module+el8.1.0+4066+0f1aadab.s390x.rpm
RedHatanys390xlibvirt-daemon-driver-storage-gluster-debuginfo< 6.0.0-35.2.module+el8.4.0+14226+d39fa4ablibvirt-daemon-driver-storage-gluster-debuginfo-6.0.0-35.2.module+el8.4.0+14226+d39fa4ab.s390x.rpm
RedHatanyx86_64libvirt-daemon-config-nwfilter< 6.0.0-35.2.module+el8.4.0+14226+d39fa4ablibvirt-daemon-config-nwfilter-6.0.0-35.2.module+el8.4.0+14226+d39fa4ab.x86_64.rpm
RedHatanyx86_64nbdkit-basic-filters-debuginfo< 1.16.2-4.module+el8.3.0+6922+fd575af8nbdkit-basic-filters-debuginfo-1.16.2-4.module+el8.3.0+6922+fd575af8.x86_64.rpm
RedHatanyaarch64libvirt-daemon-driver-storage-mpath-debuginfo< 6.0.0-35.2.module+el8.4.0+14226+d39fa4ablibvirt-daemon-driver-storage-mpath-debuginfo-6.0.0-35.2.module+el8.4.0+14226+d39fa4ab.aarch64.rpm
RedHatanyaarch64libiscsi< 1.18.0-8.module+el8.1.0+4066+0f1aadablibiscsi-1.18.0-8.module+el8.1.0+4066+0f1aadab.aarch64.rpm
RedHatanyppc64leqemu-kvm-tests-debuginfo< 4.2.0-48.module+el8.4.0+14171+d59d4af6.4qemu-kvm-tests-debuginfo-4.2.0-48.module+el8.4.0+14171+d59d4af6.4.ppc64le.rpm
RedHatanyaarch64perl-sys-guestfs< 1.40.2-27.module+el8.4.0+9282+0bdec052perl-Sys-Guestfs-1.40.2-27.module+el8.4.0+9282+0bdec052.aarch64.rpm
RedHatanyppc64leqemu-guest-agent< 4.2.0-48.module+el8.4.0+14171+d59d4af6.4qemu-guest-agent-4.2.0-48.module+el8.4.0+14171+d59d4af6.4.ppc64le.rpm
RedHatanynoarchlibguestfs-inspect-icons< 1.40.2-27.module+el8.4.0+9282+0bdec052libguestfs-inspect-icons-1.40.2-27.module+el8.4.0+9282+0bdec052.noarch.rpm
Rows per page:
1-10 of 8191

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

0.4%