Lucene search

K
redhatRedHatRHSA-2023:0432
HistoryJan 24, 2023 - 2:01 p.m.

(RHSA-2023:0432) Moderate: virt:rhel and virt-devel:rhel security and bug fix update

2023-01-2414:01:01
access.redhat.com
39
kvm full virtualization
linux
virt:rhel
virt-devel:rhel
qemu
cve-2022-4144
vms
vnc_clipboard_send
qemuagentgetdisks
vtpm
libvirt-client

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS

0

Percentile

14.2%

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

Security Fix(es):

  • QEMU: QXL: qxl_phys2virt unsafe address translation can lead to out-of-bounds read (CVE-2022-4144)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • VMs hung on vnc_clipboard_send (BZ#2148505)

  • qemuAgentGetDisks cannot parse response from a guest agent running in Windows VM (BZ#2152080)

  • VMs requiring vTPM fails to create (BZ#2154413)

  • Bad permissions for files shipped by libvirt-client (BZ#2157092)

OSVersionArchitecturePackageVersionFilename
RedHatanys390xruby-libguestfs-debuginfo< 1.44.0-5.module+el8.6.0+14480+c0a3aa0fruby-libguestfs-debuginfo-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.s390x.rpm
RedHatanyaarch64libvirt-daemon-driver-storage-disk-debuginfo< 8.0.0-5.6.module+el8.6.0+17751+d6559882libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-5.6.module+el8.6.0+17751+d6559882.aarch64.rpm
RedHatanyx86_64seabios< 1.15.0-2.module+el8.6.0+14757+c25ee005seabios-1.15.0-2.module+el8.6.0+14757+c25ee005.x86_64.rpm
RedHatanys390xlibvirt-daemon-driver-storage< 8.0.0-5.6.module+el8.6.0+17751+d6559882libvirt-daemon-driver-storage-8.0.0-5.6.module+el8.6.0+17751+d6559882.s390x.rpm
RedHatanyaarch64python3-libguestfs< 1.44.0-5.module+el8.6.0+14480+c0a3aa0fpython3-libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.aarch64.rpm
RedHatanyppc64lenetcf-debugsource< 0.2.8-12.module+el8.6.0+14480+c0a3aa0fnetcf-debugsource-0.2.8-12.module+el8.6.0+14480+c0a3aa0f.ppc64le.rpm
RedHatanyi686libvirt-daemon-driver-network-debuginfo< 8.0.0-5.6.module+el8.6.0+17751+d6559882libvirt-daemon-driver-network-debuginfo-8.0.0-5.6.module+el8.6.0+17751+d6559882.i686.rpm
RedHatanyppc64lenbdkit-tar-plugin< 1.24.0-4.module+el8.6.0+14480+c0a3aa0fnbdkit-tar-plugin-1.24.0-4.module+el8.6.0+14480+c0a3aa0f.ppc64le.rpm
RedHatanys390xperl-sys-virt-debuginfo< 8.0.0-1.module+el8.6.0+14480+c0a3aa0fperl-Sys-Virt-debuginfo-8.0.0-1.module+el8.6.0+14480+c0a3aa0f.s390x.rpm
RedHatanyppc64lelibvirt-daemon-driver-qemu-debuginfo< 8.0.0-5.6.module+el8.6.0+17751+d6559882libvirt-daemon-driver-qemu-debuginfo-8.0.0-5.6.module+el8.6.0+17751+d6559882.ppc64le.rpm
Rows per page:
1-10 of 9151

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS

0

Percentile

14.2%