virt:ol and virt-devel:ol security and bug fix update

hivex libguestfs libguestfs-winsupport 8.8-2 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-33 - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshak...

MiracleLinux 9 : swtpm-0.7.0-3.20211109gitb79fd91.el9 (AXSA:2023-4729:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4729:01 advisory. swtpm: Unchecked header size indicator against expected size CVE-2022-23645 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2022-4435:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4435:01 advisory. QEMU: fdc: heap buffer overflow in DMA read data transfers CVE-2021-3507 libvirt: missing locking in nwfilterConnectNumOfNWFilters can lead to denia...

TencentOS Server 3: swtpm (TSSA-2022:0267)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0267 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2020-20866

Malware in sbrugna...

AZL-63702 CVE-2025-49133 affecting package libtpms for versions less than 0.9.6-8

Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds OOB read vulnerability. The...

swtpm bug fix and enhancement update

An update is available for swtpm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list SWTPM is a TPM emulator built on libtpms providing TPM functionality for QEMU...

Linux Distros Unpatched Vulnerability : CVE-2022-23645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to...

rhel bug fix and enhancement update

An update is available for libnbd, qemu-kvm, module.libvirt-python, module.swtpm, module.supermin, libvirt, module.qemu-kvm, module.sgabios, module.nbdkit, swtpm, libtpms, libguestfs, seabios, sgabios, module.libguestfs-winsupport, module.libguestfs, netcf, module.perl-Sys-Virt, module.virt-v2v,...

RHSA-2022:8100 Red Hat Security Advisory: swtpm security and bug fix update

Bulletin has no description...

virt:rhel and virt-devel:rhel security and bug fix update

An update is available for libnbd, qemu-kvm, module.libvirt-python, module.swtpm, module.supermin, libvirt, module.qemu-kvm, module.sgabios, module.nbdkit, swtpm, libtpms, libguestfs, seabios, sgabios, module.libguestfs-winsupport, module.libguestfs, netcf, module.perl-Sys-Virt, module.virt-v2v,...

Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2024-4351)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4351 advisory. hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 8.0.0-23.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps f...

virt:ol and virt-devel:rhel security and bug fix update

hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 8.0.0-23.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-23.2 - util: Fix error return for virProcessKillPainfullyDelay RHEL-36064 - rpc: ensure...

OPENSUSE-SU-2024:11870-1 swtpm-0.7.1-1.1 on GA media

These are all security issues fixed in the swtpm-0.7.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11416-1 swtpm-0.6.1-1.1 on GA media

These are all security issues fixed in the swtpm-0.6.1-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 8 : 8.2_swtpm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - swtpm: symlink issue may lead to privilege escalation CVE-2020-28407 Note that Nessus has not tested for this issue...

RHEL 8 : swtpm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - swtpm: symlink issue may lead to privilege escalation CVE-2020-28407 - swtpm: Unchecked header size...

Advisory ROSA-SA-2024-2401

Software: swtpm 0.7.0 OS: ROSA Virtualization 2.1 packageevrstring: swtpm-0.7.0-4.20211109gitb79fd91.module+el8.7.0+16689+53d59bc2.src.rpm CVE-ID: CVE-2022-23645 BDU-ID: 2022-06088 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the swtpm emulator TPM is related to reading beyond buffer boundaries...

CentOS 9 : swtpm-0.8.0-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the swtpm-0.8.0-1.el9 build changelog. - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are...

CentOS 9 : swtpm-0.7.0-2.20211109gitb79fd91.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the swtpm-0.7.0-2.20211109gitb79fd91.el9 build changelog. - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, an...