18 matches found
MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2021-1660:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1660:01 advisory. QEMU: Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm CVE-2021-20295 Tenable has extracted the preceding description block directly from the...
EUVD-2021-7720
Malicious code in bioql PyPI...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:1064)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1064 advisory. - It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Re...
CVE-2021-20295 affecting package qemu-kvm 4.2.0-38
CVE-2021-20295 affecting package qemu-kvm 4.2.0-38. A patched version of the package is available...
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756 which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756 refer to bug 1835986 or the CVE page: https://access.redhat.com/security/cve/CVE-2020-10756.
...
CVE-2021-20295
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
CVE-2021-20295
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
Security feature bypass
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
CVE-2021-20295
CVE-2021-20295 is a Red Hat–specific regression assigned to the absence of the previously delivered fix for CVE-2020-10756 in virt:rhel/qemu-kvm when updating RHSA-2020:4676 for RHEL 8.3. The issue arose because the update failed to include the fix that had been applied earlier via RHSA-2020:4059...
CVE-2021-20295
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2021:1064)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1064 advisory. QEMU: Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm in AlmaLinux CVE-2021-20295 Tenable has extracted the preceding description block directly from the...
Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2021-1064)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1064 advisory. libvirt 6.0.0-28.1.0.1 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma qemu-kvm 4.2.0-34.el83.5 - kvm-Drop-bogus-IPv6-messages.patch bz1939493 -...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:1064)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1064 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packag...
CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:1064)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1064 advisory. - QEMU: Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm in Red Hat Enterprise Linux 8.3 CVE-2021-20295 Note that Nessus has not tested for this issue but...
Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
QEMU: Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm in Red Hat Enterprise Linux 8.3
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 https://access.redhat.com/errata/RHSA-2020:4676 erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in...
Moderate: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
ALSA-2021:1064 Moderate: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...