14 matches found
Alibaba Cloud Linux 3 : 0027: virt:rhel and virt-devel:rhel (ALINUX3-SA-2021:0027)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0027 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-35517: A flaw was found in qemu. A host...
Linux Distros Unpatched Vulnerability : CVE-2020-35517
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:0711)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:0711 advisory. - A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to creat...
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
libvirt 6.0.0-35.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma - Disable parallel builds Karl Heubaum libvirt-dbus 1.3.0 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release libvirt-python...
Important: Red Hat Security Advisory: virt:8.2 and virt-devel:8.2 security update
An update for the virt:8.2 and virt-devel:8.2 modules is now available for Advanced Virtualization for RHEL 8.2.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:0743)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0743 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat...
virt:ol and virt-devel:rhel security update
qemu-kvm 4.2.0-34.el83.4 - kvm-virtiofsd-extract-lodoopen-from-loopen.patch bz1919109 - kvm-virtiofsd-optionally-return-inode-pointer-from-lodo.patch bz1919109 - kvm-virtiofsd-prevent-opening-of-special-files-CVE-2020-.patch bz1919109 - Resolves: bz1919109 CVE-2020-35517 virt:rhel/qemu-kvm: QEMU:...
Important: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
ALSA-2021:0711 Important: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
RLSA-2021:0711 Important: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...
CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:0711)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:0711 advisory. - QEMU: virtiofsd: potential privileged host device access from guest CVE-2020-35517 Note that Nessus has not tested for this issue but has instead relied only ...
CVE-2020-35517
A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...
CVE-2020-35517
CVE-2020-35517 affects the QEMU virtiofsd (virtio-fs shared file system daemon). A privileged guest user can create a device special file in the shared directory and use it to read/write host devices, enabling host access escalation. The issue is documented across multiple advisories ( MiracleLin...