ELSA-2022-9433

Опубликовано: 26 мая 2022

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2022-9433: libvirt libvirt-python security update (IMPORTANT)

libvirt [5.7.0-33.el7]

qemu: refresh vNUMA/SMT pinning. (Wim ten Have) [Orabug: 34083505]
qemu driver: Check exadataConfig and packCPUs whenever vNUMA/SMT applies (Wim ten Have) [Orabug: 34023508]
nwfilter: fix crash when counting number of network filters (Daniel P. Berrange) [Orabug: 33973639] {CVE-2022-0897}

libvirt-python [5.7.0-33.el7]

bump and rebuild

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

libvirt

5.7.0-33.el7

libvirt-admin

5.7.0-33.el7

libvirt-bash-completion

5.7.0-33.el7

libvirt-client

5.7.0-33.el7

libvirt-daemon

5.7.0-33.el7

libvirt-daemon-config-network

5.7.0-33.el7

libvirt-daemon-config-nwfilter

5.7.0-33.el7

libvirt-daemon-driver-interface

5.7.0-33.el7

libvirt-daemon-driver-lxc

5.7.0-33.el7

libvirt-daemon-driver-network

5.7.0-33.el7

libvirt-daemon-driver-nodedev

5.7.0-33.el7

libvirt-daemon-driver-nwfilter

5.7.0-33.el7

libvirt-daemon-driver-qemu

5.7.0-33.el7

libvirt-daemon-driver-secret

5.7.0-33.el7

libvirt-daemon-driver-storage

5.7.0-33.el7

libvirt-daemon-driver-storage-core

5.7.0-33.el7

libvirt-daemon-driver-storage-disk

5.7.0-33.el7

libvirt-daemon-driver-storage-gluster

5.7.0-33.el7

libvirt-daemon-driver-storage-iscsi

5.7.0-33.el7

libvirt-daemon-driver-storage-logical

5.7.0-33.el7

libvirt-daemon-driver-storage-mpath

5.7.0-33.el7

libvirt-daemon-driver-storage-rbd

5.7.0-33.el7

libvirt-daemon-driver-storage-scsi

5.7.0-33.el7

libvirt-daemon-kvm

5.7.0-33.el7

libvirt-daemon-lxc

5.7.0-33.el7

libvirt-daemon-qemu

5.7.0-33.el7

libvirt-devel

5.7.0-33.el7

libvirt-docs

5.7.0-33.el7

libvirt-libs

5.7.0-33.el7

libvirt-lock-sanlock

5.7.0-33.el7

libvirt-login-shell

5.7.0-33.el7

libvirt-nss

5.7.0-33.el7

python2-libvirt

5.7.0-33.el7

Oracle Linux x86_64

libvirt

5.7.0-33.el7

libvirt-admin

5.7.0-33.el7

libvirt-bash-completion

5.7.0-33.el7

libvirt-client

5.7.0-33.el7

libvirt-daemon

5.7.0-33.el7

libvirt-daemon-config-network

5.7.0-33.el7

libvirt-daemon-config-nwfilter

5.7.0-33.el7

libvirt-daemon-driver-interface

5.7.0-33.el7

libvirt-daemon-driver-lxc

5.7.0-33.el7

libvirt-daemon-driver-network

5.7.0-33.el7

libvirt-daemon-driver-nodedev

5.7.0-33.el7

libvirt-daemon-driver-nwfilter

5.7.0-33.el7

libvirt-daemon-driver-qemu

5.7.0-33.el7

libvirt-daemon-driver-secret

5.7.0-33.el7

libvirt-daemon-driver-storage

5.7.0-33.el7

libvirt-daemon-driver-storage-core

5.7.0-33.el7

libvirt-daemon-driver-storage-disk

5.7.0-33.el7

libvirt-daemon-driver-storage-gluster

5.7.0-33.el7

libvirt-daemon-driver-storage-iscsi

5.7.0-33.el7

libvirt-daemon-driver-storage-logical

5.7.0-33.el7

libvirt-daemon-driver-storage-mpath

5.7.0-33.el7

libvirt-daemon-driver-storage-rbd

5.7.0-33.el7

libvirt-daemon-driver-storage-scsi

5.7.0-33.el7

libvirt-daemon-kvm

5.7.0-33.el7

libvirt-daemon-lxc

5.7.0-33.el7

libvirt-daemon-qemu

5.7.0-33.el7

libvirt-devel

5.7.0-33.el7

libvirt-docs

5.7.0-33.el7

libvirt-libs

5.7.0-33.el7

libvirt-lock-sanlock

5.7.0-33.el7

libvirt-login-shell

5.7.0-33.el7

libvirt-nss

5.7.0-33.el7

python2-libvirt

5.7.0-33.el7

Связанные CVE

CVE-2022-0897

Ссылки на источники

Связанные уязвимости

CVE-2022-0897

CVSS3: 4.3

ubuntu

больше 3 лет назад

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).