Описание
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.
Security Fix(es):
-
QEMU: net: e1000e: use-after-free while sending packets (CVE-2020-15859)
-
QEMU: slirp: invalid pointer initialization may lead to information disclosure (bootp) (CVE-2021-3592)
-
QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp6) (CVE-2021-3593)
-
QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp) (CVE-2021-3594)
-
QEMU: slirp: invalid pointer initialization may lead to information disclosure (tftp) (CVE-2021-3595)
-
libvirt: Insecure sVirt label generation (CVE-2021-3631)
-
libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API (CVE-2021-3667)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.
Затронутые продукты
Rocky Linux 8
Ссылки на источники
Исправления
- Red Hat - 1855250
- Red Hat - 1859168
- Red Hat - 1929357
- Red Hat - 1932823
- Red Hat - 1933640
- Red Hat - 1934509
- Red Hat - 1939418
- Red Hat - 1942805
- Red Hat - 1961562
- Red Hat - 1967329
- Red Hat - 1967496
- Red Hat - 1967716
- Red Hat - 1967914
- Red Hat - 1969848
- Red Hat - 1970484
- Red Hat - 1970487
- Red Hat - 1970489
- Red Hat - 1970491
- Red Hat - 1977726
- Red Hat - 1982134
