RLSA-2022:7968

Опубликовано: 15 нояб. 2022

Источник: rocky

Оценка: Low

Описание

Low: virt-v2v security, bug fix, and enhancement update

The virt-v2v package provides a tool for converting virtual machines to use the KVM (Kernel-based Virtual Machine) hypervisor or Rocky Enterprise Software Foundation Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can configure a guest to use VirtIO drivers if possible.

Security Fix(es):

libguestfs: Buffer overflow in get_keys leads to DoS (CVE-2022-2211)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section.

Затронутые продукты

Rocky Linux 9

Наименование	Архитектура	Релиз	RPM
virt-v2v	x86_64	6.el9	virt-v2v-2.0.7-6.el9.x86_64.rpm
virt-v2v-bash-completion	noarch	6.el9	virt-v2v-bash-completion-2.0.7-6.el9.noarch.rpm

Показывать по

Связанные CVE

CVE-2022-2211

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=1684075
Red Hat - 1684075
https://bugzilla.redhat.com/show_bug.cgi?id=1774386
Red Hat - 1774386
https://bugzilla.redhat.com/show_bug.cgi?id=1788823
Red Hat - 1788823
https://bugzilla.redhat.com/show_bug.cgi?id=1817050
Red Hat - 1817050
https://bugzilla.redhat.com/show_bug.cgi?id=1848862
Red Hat - 1848862
https://bugzilla.redhat.com/show_bug.cgi?id=1854275
Red Hat - 1854275
https://bugzilla.redhat.com/show_bug.cgi?id=1868048
Red Hat - 1868048
https://bugzilla.redhat.com/show_bug.cgi?id=1883802
Red Hat - 1883802
https://bugzilla.redhat.com/show_bug.cgi?id=1985830
Red Hat - 1985830
https://bugzilla.redhat.com/show_bug.cgi?id=2003503
Red Hat - 2003503
https://bugzilla.redhat.com/show_bug.cgi?id=2028764
Red Hat - 2028764
https://bugzilla.redhat.com/show_bug.cgi?id=2039597
Red Hat - 2039597
https://bugzilla.redhat.com/show_bug.cgi?id=2047660
Red Hat - 2047660
https://bugzilla.redhat.com/show_bug.cgi?id=2051564
Red Hat - 2051564
https://bugzilla.redhat.com/show_bug.cgi?id=2059287
Red Hat - 2059287
https://bugzilla.redhat.com/show_bug.cgi?id=2062360
Red Hat - 2062360
https://bugzilla.redhat.com/show_bug.cgi?id=2064178
Red Hat - 2064178
https://bugzilla.redhat.com/show_bug.cgi?id=2066773
Red Hat - 2066773
https://bugzilla.redhat.com/show_bug.cgi?id=2069768
Red Hat - 2069768
https://bugzilla.redhat.com/show_bug.cgi?id=2070186
Red Hat - 2070186

Связанные уязвимости

CVE-2022-2211

CVSS3: 6.5

ubuntu

почти 3 года назад

A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.

CVE-2022-2211

CVSS3: 5.5

redhat

почти 3 года назад

CVE-2022-2211

CVSS3: 6.5

nvd

почти 3 года назад

CVE-2022-2211

CVSS3: 6.5

debian

почти 3 года назад

A vulnerability was found in libguestfs. This issue occurs while calcu ...

SUSE-SU-2022:4308-1

suse-cvrf

больше 2 лет назад

Security update for virt-v2v

exploitDog

RLSA-2022:7968

Описание

Затронутые продукты

Rocky Linux 9: обновленные пакеты

Связанные CVE

Ссылки на источники

Исправления

Связанные уязвимости