virt:ol and virt-devel:ol security update

hivex 1.3.18-23 - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 libguestfs-winsupport 8.10-1 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi...

virt:ol and virt-devel:ol security and bug fix update

hivex libguestfs libguestfs-winsupport 8.8-2 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-33 - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshak...

MiracleLinux 9 : libguestfs-winsupport-9.2-2.el9 (AXSA:2023-6554:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6554:02 advisory. NTFS-3G: buffer overflow issue in NTFS-3G can cause code execution via crafted metadata in an NTFS image CVE-2022-40284 Tenable has extracted the preceding...

MiracleLinux 9 : libguestfs-winsupport-9.2-1.el9 (AXSA:2023-5849:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5849:01 advisory. ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfsgetattributevalue...

RHSA-2019:2308 Red Hat Security Advisory: libguestfs-winsupport security update

Bulletin has no description...

RHSA-2023:6168 Red Hat Security Advisory: libguestfs-winsupport security update

Bulletin has no description...

RHSA-2023:6167 Red Hat Security Advisory: libguestfs-winsupport security update

Bulletin has no description...

RHSA-2023:2179 Red Hat Security Advisory: libguestfs-winsupport security update

Bulletin has no description...

virt:rhel and virt-devel:rhel security and bug fix update

An update is available for libnbd, qemu-kvm, module.libvirt-python, module.swtpm, module.supermin, libvirt, module.qemu-kvm, module.sgabios, module.nbdkit, swtpm, libtpms, libguestfs, seabios, sgabios, module.libguestfs-winsupport, module.libguestfs, netcf, module.perl-Sys-Virt, module.virt-v2v,...

virt:ol and virt-devel:rhel security and bug fix update

hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 8.0.0-23.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-23.2 - util: Fix error return for virProcessKillPainfullyDelay RHEL-36064 - rpc: ensure...

RHEL 8 : libguestfs-winsupport (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfschecklogclientarray...

RHEL 6 : libguestfs-winsupport (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ntfs-3g: heap-based buffer overflow leads to local root privilege escalation CVE-2019-9755 Note that Nessus has not...

Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2024-3253)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3253 advisory. - remote: check for negative array lengths before allocation CVE-2024-2494 libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm - Resolves: RHEL-1962...

virt:ol and virt-devel:rhel security and enhancement update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix...

CentOS 9 : libguestfs-winsupport-9.3-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the libguestfs-winsupport-9.3-1.el9 build changelog. - A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local...

CentOS 9 : libguestfs-winsupport-9.2-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the libguestfs-winsupport-9.2-1.el9 build changelog. - ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. NOTE: the upstream position is...

virt:ol and virt-devel:rhel security, bug fix, and enhancement update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix...

Amazon Linux 2 : libguestfs-winsupport (ALAS-2023-2332)

The version of libguestfs-winsupport installed on the remote host is prior to 7.2-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2332 advisory. An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G...

Medium: libguestfs-winsupport

Issue Overview: An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. CVE-2022-30783 A crafted NTFS image can cause heap exhaustion in ntfsgetattributevalue in NTFS-3G...

Low: Red Hat Security Advisory: libguestfs-winsupport security update

An update for libguestfs-winsupport is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...