Описание
Security update for libguestfs
This update for libguestfs fixes the following issues:
- CVE-2022-2211: Fixed a buffer overflow in get_keys (bsc#1201064).
Список пакетов
Container suse/sles/15.5/libguestfs-tools:0.58.0
guestfs-data-1.44.2-150400.3.3.1
guestfs-winsupport-1.44.2-150400.3.3.1
SUSE Linux Enterprise Module for Development Tools 15 SP4
ocaml-libguestfs-devel-1.44.2-150400.3.3.1
SUSE Linux Enterprise Module for Server Applications 15 SP4
guestfs-data-1.44.2-150400.3.3.1
guestfs-tools-1.44.2-150400.3.3.1
guestfs-winsupport-1.44.2-150400.3.3.1
guestfsd-1.44.2-150400.3.3.1
libguestfs-devel-1.44.2-150400.3.3.1
libguestfs0-1.44.2-150400.3.3.1
perl-Sys-Guestfs-1.44.2-150400.3.3.1
python3-libguestfs-1.44.2-150400.3.3.1
openSUSE Leap 15.4
guestfs-data-1.44.2-150400.3.3.1
guestfs-tools-1.44.2-150400.3.3.1
guestfs-winsupport-1.44.2-150400.3.3.1
guestfsd-1.44.2-150400.3.3.1
libguestfs-devel-1.44.2-150400.3.3.1
libguestfs-test-1.44.2-150400.3.3.1
libguestfs0-1.44.2-150400.3.3.1
lua-libguestfs-1.44.2-150400.3.3.1
ocaml-libguestfs-1.44.2-150400.3.3.1
ocaml-libguestfs-devel-1.44.2-150400.3.3.1
perl-Sys-Guestfs-1.44.2-150400.3.3.1
python3-libguestfs-1.44.2-150400.3.3.1
rubygem-libguestfs-1.44.2-150400.3.3.1
Ссылки
- Link for SUSE-SU-2022:2581-1
- E-Mail link for SUSE-SU-2022:2581-1
- SUSE Security Ratings
- SUSE Bug 1201064
- SUSE CVE CVE-2022-2211 page
Описание
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
Затронутые продукты
Container suse/sles/15.5/libguestfs-tools:0.58.0:guestfs-data-1.44.2-150400.3.3.1
Container suse/sles/15.5/libguestfs-tools:0.58.0:guestfs-winsupport-1.44.2-150400.3.3.1
SUSE Linux Enterprise Module for Development Tools 15 SP4:ocaml-libguestfs-devel-1.44.2-150400.3.3.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:guestfs-data-1.44.2-150400.3.3.1
Ссылки
- CVE-2022-2211
- SUSE Bug 1201064