ELSA-2022-10062

Опубликовано: 06 дек. 2022

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2022-10062: libvirt security update (IMPORTANT)

libvirt [5.7.0-38.el7]

qemu: Don't report spurious errors from vCPU tid validation on hotunplug timeout (Shaleen Bathla) [Orabug: 34826758]
security: fix SELinux label generation logic (Daniel P. Berrange) [Orabug: 34773029] {CVE-2021-3631}
spec: Require iproute-tc dependency for OL7 also (Shaleen Bathla) [Orabug: 34724925]
qemu: Set default qdisc before setting bandwidth (Michal Privoznik) [Orabug: 34724925]
qemu: Taint cpu host-passthrough only after migration (Cole Robinson) [Orabug: 34724925]

libvirt-python [5.7.0-38.el7]

Bump version number to 5.7.0-38 to match libvirt. (Wim ten Have)

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

libvirt

5.7.0-38.el7

libvirt-admin

5.7.0-38.el7

libvirt-bash-completion

5.7.0-38.el7

libvirt-client

5.7.0-38.el7

libvirt-daemon

5.7.0-38.el7

libvirt-daemon-config-network

5.7.0-38.el7

libvirt-daemon-config-nwfilter

5.7.0-38.el7

libvirt-daemon-driver-interface

5.7.0-38.el7

libvirt-daemon-driver-lxc

5.7.0-38.el7

libvirt-daemon-driver-network

5.7.0-38.el7

libvirt-daemon-driver-nodedev

5.7.0-38.el7

libvirt-daemon-driver-nwfilter

5.7.0-38.el7

libvirt-daemon-driver-qemu

5.7.0-38.el7

libvirt-daemon-driver-secret

5.7.0-38.el7

libvirt-daemon-driver-storage

5.7.0-38.el7

libvirt-daemon-driver-storage-core

5.7.0-38.el7

libvirt-daemon-driver-storage-disk

5.7.0-38.el7

libvirt-daemon-driver-storage-gluster

5.7.0-38.el7

libvirt-daemon-driver-storage-iscsi

5.7.0-38.el7

libvirt-daemon-driver-storage-logical

5.7.0-38.el7

libvirt-daemon-driver-storage-mpath

5.7.0-38.el7

libvirt-daemon-driver-storage-rbd

5.7.0-38.el7

libvirt-daemon-driver-storage-scsi

5.7.0-38.el7

libvirt-daemon-kvm

5.7.0-38.el7

libvirt-daemon-lxc

5.7.0-38.el7

libvirt-daemon-qemu

5.7.0-38.el7

libvirt-devel

5.7.0-38.el7

libvirt-docs

5.7.0-38.el7

libvirt-libs

5.7.0-38.el7

libvirt-lock-sanlock

5.7.0-38.el7

libvirt-login-shell

5.7.0-38.el7

libvirt-nss

5.7.0-38.el7

python2-libvirt

5.7.0-38.el7

Oracle Linux x86_64

libvirt

5.7.0-38.el7

libvirt-admin

5.7.0-38.el7

libvirt-bash-completion

5.7.0-38.el7

libvirt-client

5.7.0-38.el7

libvirt-daemon

5.7.0-38.el7

libvirt-daemon-config-network

5.7.0-38.el7

libvirt-daemon-config-nwfilter

5.7.0-38.el7

libvirt-daemon-driver-interface

5.7.0-38.el7

libvirt-daemon-driver-lxc

5.7.0-38.el7

libvirt-daemon-driver-network

5.7.0-38.el7

libvirt-daemon-driver-nodedev

5.7.0-38.el7

libvirt-daemon-driver-nwfilter

5.7.0-38.el7

libvirt-daemon-driver-qemu

5.7.0-38.el7

libvirt-daemon-driver-secret

5.7.0-38.el7

libvirt-daemon-driver-storage

5.7.0-38.el7

libvirt-daemon-driver-storage-core

5.7.0-38.el7

libvirt-daemon-driver-storage-disk

5.7.0-38.el7

libvirt-daemon-driver-storage-gluster

5.7.0-38.el7

libvirt-daemon-driver-storage-iscsi

5.7.0-38.el7

libvirt-daemon-driver-storage-logical

5.7.0-38.el7

libvirt-daemon-driver-storage-mpath

5.7.0-38.el7

libvirt-daemon-driver-storage-rbd

5.7.0-38.el7

libvirt-daemon-driver-storage-scsi

5.7.0-38.el7

libvirt-daemon-kvm

5.7.0-38.el7

libvirt-daemon-lxc

5.7.0-38.el7

libvirt-daemon-qemu

5.7.0-38.el7

libvirt-devel

5.7.0-38.el7

libvirt-docs

5.7.0-38.el7

libvirt-libs

5.7.0-38.el7

libvirt-lock-sanlock

5.7.0-38.el7

libvirt-login-shell

5.7.0-38.el7

libvirt-nss

5.7.0-38.el7

python2-libvirt

5.7.0-38.el7

Связанные CVE

CVE-2021-3631

Ссылки на источники

Связанные уязвимости

CVE-2021-3631

CVSS3: 6.3

ubuntu

больше 3 лет назад

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.