RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2022:1759)

high Nessus Plugin ID 161052

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1759 advisory.

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

The following packages have been upgraded to a later upstream version: qemu-kvm (6.2.0), libvirt (8.0.0), libvirt-python (8.0.0), perl-Sys-Virt (8.0.0), seabios (1.15.0), libtpms (0.9.1). (BZ#1997410, BZ#2012802, BZ#2012806, BZ#2012813, BZ#2018392, BZ#2027716, BZ#2029355)

Security Fix(es):

* QEMU: virtio-net: heap use-after-free in virtio_net_receive_rcu (CVE-2021-3748)

* ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records (CVE-2021-33285)

* ntfs-3g: Heap buffer overflow triggered by a specially crafted Unicode string (CVE-2021-33286)

* ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes (CVE-2021-33287)

* ntfs-3g: Heap buffer overflow triggered by a specially crafted MFT section (CVE-2021-33289)

* ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname (CVE-2021-35266)

* ntfs-3g: Stack buffer overflow triggered when correcting differences between MFT and MFTMirror sections (CVE-2021-35267)

* ntfs-3g: Heap buffer overflow in ntfs_inode_real_open() triggered by a specially crafted NTFS inode (CVE-2021-35268)

* ntfs-3g: Heap buffer overflow in ntfs_attr_setup_flag() triggered by a specially crafted NTFS attribute from MFT (CVE-2021-35269)

* ntfs-3g: NULL pointer dereference in ntfs_extent_inode_open() (CVE-2021-39251)

* ntfs-3g: Out-of-bounds read in ntfs_ie_lookup() (CVE-2021-39252)

* ntfs-3g: Out-of-bounds read in ntfs_runlists_merge_i() (CVE-2021-39253)

* ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize() (CVE-2021-39254)

* ntfs-3g: Out-of-bounds read ntfs_attr_find_in_attrdef() triggered by an invalid attribute (CVE-2021-39255)

* ntfs-3g: Heap buffer overflow in ntfs_inode_lookup_by_name() (CVE-2021-39256)

* ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap (CVE-2021-39257)

* ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find() (CVE-2021-39258)

* ntfs-3g: Out-of-bounds access in ntfs_inode_lookup_by_name() caused by an unsanitized attribute length (CVE-2021-39259)

* ntfs-3g: Out-of-bounds access in ntfs_inode_sync_standard_information() (CVE-2021-39260)

* ntfs-3g: Heap buffer overflow in ntfs_compressed_pwrite() (CVE-2021-39261)

* ntfs-3g: Out-of-bounds access in ntfs_decompress() (CVE-2021-39262)

* ntfs-3g: Heap buffer overflow in ntfs_get_attribute_value() caused by an unsanitized attribute (CVE-2021-39263)

* libnbd: nbdcopy: missing error handling may create corrupted destination image (CVE-2022-0485)

* hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622)

* nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)

* libvirt: segmentation fault during VM shutdown can lead to vdsm hang (CVE-2021-3975)

* QEMU: NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c (CVE-2021-4145)

* QEMU: NULL pointer dereference in pci_write() in hw/acpi/pcihp.c (CVE-2021-4158)

* QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?49fa327f

http://www.nessus.org/u?9341665d

https://access.redhat.com/security/updates/classification/#moderate

https://access.redhat.com/errata/RHSA-2022:1759

https://bugzilla.redhat.com/show_bug.cgi?id=1510237

https://bugzilla.redhat.com/show_bug.cgi?id=1677608

https://bugzilla.redhat.com/show_bug.cgi?id=1689202

https://bugzilla.redhat.com/show_bug.cgi?id=1738392

https://bugzilla.redhat.com/show_bug.cgi?id=1743098

https://bugzilla.redhat.com/show_bug.cgi?id=1806857

https://bugzilla.redhat.com/show_bug.cgi?id=1810863

https://bugzilla.redhat.com/show_bug.cgi?id=1836094

https://bugzilla.redhat.com/show_bug.cgi?id=1845468

https://bugzilla.redhat.com/show_bug.cgi?id=1852762

https://bugzilla.redhat.com/show_bug.cgi?id=1867087

https://bugzilla.redhat.com/show_bug.cgi?id=1919210

https://bugzilla.redhat.com/show_bug.cgi?id=1924972

https://bugzilla.redhat.com/show_bug.cgi?id=1926508

https://bugzilla.redhat.com/show_bug.cgi?id=1942275

https://bugzilla.redhat.com/show_bug.cgi?id=1943203

https://bugzilla.redhat.com/show_bug.cgi?id=1953389

https://bugzilla.redhat.com/show_bug.cgi?id=1965140

https://bugzilla.redhat.com/show_bug.cgi?id=1965589

https://bugzilla.redhat.com/show_bug.cgi?id=1965638

https://bugzilla.redhat.com/show_bug.cgi?id=1972515

https://bugzilla.redhat.com/show_bug.cgi?id=1975489

https://bugzilla.redhat.com/show_bug.cgi?id=1975840

https://bugzilla.redhat.com/show_bug.cgi?id=1978574

https://bugzilla.redhat.com/show_bug.cgi?id=1981782

https://bugzilla.redhat.com/show_bug.cgi?id=1982993

https://bugzilla.redhat.com/show_bug.cgi?id=1983684

https://bugzilla.redhat.com/show_bug.cgi?id=1984721

https://bugzilla.redhat.com/show_bug.cgi?id=1985451

https://bugzilla.redhat.com/show_bug.cgi?id=1988104

https://bugzilla.redhat.com/show_bug.cgi?id=1988986

https://bugzilla.redhat.com/show_bug.cgi?id=1989338

https://bugzilla.redhat.com/show_bug.cgi?id=1989520

https://bugzilla.redhat.com/show_bug.cgi?id=1990135

https://bugzilla.redhat.com/show_bug.cgi?id=1994695

https://bugzilla.redhat.com/show_bug.cgi?id=1995865

https://bugzilla.redhat.com/show_bug.cgi?id=1996530

https://bugzilla.redhat.com/show_bug.cgi?id=1997410

https://bugzilla.redhat.com/show_bug.cgi?id=1998514

https://bugzilla.redhat.com/show_bug.cgi?id=1998947

https://bugzilla.redhat.com/show_bug.cgi?id=1998949

https://bugzilla.redhat.com/show_bug.cgi?id=1998950

https://bugzilla.redhat.com/show_bug.cgi?id=2000225

https://bugzilla.redhat.com/show_bug.cgi?id=2001525

https://bugzilla.redhat.com/show_bug.cgi?id=2001608

https://bugzilla.redhat.com/show_bug.cgi?id=2001609

https://bugzilla.redhat.com/show_bug.cgi?id=2001613

https://bugzilla.redhat.com/show_bug.cgi?id=2001616

https://bugzilla.redhat.com/show_bug.cgi?id=2001619

https://bugzilla.redhat.com/show_bug.cgi?id=2001621

https://bugzilla.redhat.com/show_bug.cgi?id=2001623

https://bugzilla.redhat.com/show_bug.cgi?id=2001645

https://bugzilla.redhat.com/show_bug.cgi?id=2001649

https://bugzilla.redhat.com/show_bug.cgi?id=2001650

https://bugzilla.redhat.com/show_bug.cgi?id=2001651

https://bugzilla.redhat.com/show_bug.cgi?id=2001652

https://bugzilla.redhat.com/show_bug.cgi?id=2001653

https://bugzilla.redhat.com/show_bug.cgi?id=2001654

https://bugzilla.redhat.com/show_bug.cgi?id=2001656

https://bugzilla.redhat.com/show_bug.cgi?id=2001658

https://bugzilla.redhat.com/show_bug.cgi?id=2001659

https://bugzilla.redhat.com/show_bug.cgi?id=2001661

https://bugzilla.redhat.com/show_bug.cgi?id=2001662

https://bugzilla.redhat.com/show_bug.cgi?id=2001665

https://bugzilla.redhat.com/show_bug.cgi?id=2001667

https://bugzilla.redhat.com/show_bug.cgi?id=2002607

https://bugzilla.redhat.com/show_bug.cgi?id=2002694

https://bugzilla.redhat.com/show_bug.cgi?id=2002907

https://bugzilla.redhat.com/show_bug.cgi?id=2003071

https://bugzilla.redhat.com/show_bug.cgi?id=2003679

https://bugzilla.redhat.com/show_bug.cgi?id=2004416

https://bugzilla.redhat.com/show_bug.cgi?id=2004812

https://bugzilla.redhat.com/show_bug.cgi?id=2007129

https://bugzilla.redhat.com/show_bug.cgi?id=2009236

https://bugzilla.redhat.com/show_bug.cgi?id=2012385

https://bugzilla.redhat.com/show_bug.cgi?id=2012802

https://bugzilla.redhat.com/show_bug.cgi?id=2012806

https://bugzilla.redhat.com/show_bug.cgi?id=2012813

https://bugzilla.redhat.com/show_bug.cgi?id=2013916

https://bugzilla.redhat.com/show_bug.cgi?id=2017928

https://bugzilla.redhat.com/show_bug.cgi?id=2018173

https://bugzilla.redhat.com/show_bug.cgi?id=2018392

https://bugzilla.redhat.com/show_bug.cgi?id=2020630

https://bugzilla.redhat.com/show_bug.cgi?id=2021778

https://bugzilla.redhat.com/show_bug.cgi?id=2022604

https://bugzilla.redhat.com/show_bug.cgi?id=2022606

https://bugzilla.redhat.com/show_bug.cgi?id=2022607

https://bugzilla.redhat.com/show_bug.cgi?id=2022608

https://bugzilla.redhat.com/show_bug.cgi?id=2023279

https://bugzilla.redhat.com/show_bug.cgi?id=2024326

https://bugzilla.redhat.com/show_bug.cgi?id=2024419

https://bugzilla.redhat.com/show_bug.cgi?id=2025769

https://bugzilla.redhat.com/show_bug.cgi?id=2026834

https://bugzilla.redhat.com/show_bug.cgi?id=2027208

https://bugzilla.redhat.com/show_bug.cgi?id=2027716

https://bugzilla.redhat.com/show_bug.cgi?id=2029355

https://bugzilla.redhat.com/show_bug.cgi?id=2029380

https://bugzilla.redhat.com/show_bug.cgi?id=2029582

https://bugzilla.redhat.com/show_bug.cgi?id=2029612

https://bugzilla.redhat.com/show_bug.cgi?id=2029647

https://bugzilla.redhat.com/show_bug.cgi?id=2030119

https://bugzilla.redhat.com/show_bug.cgi?id=2030435

https://bugzilla.redhat.com/show_bug.cgi?id=2030437

https://bugzilla.redhat.com/show_bug.cgi?id=2030438

https://bugzilla.redhat.com/show_bug.cgi?id=2031035

https://bugzilla.redhat.com/show_bug.cgi?id=2031039

https://bugzilla.redhat.com/show_bug.cgi?id=2031041

https://bugzilla.redhat.com/show_bug.cgi?id=2033279

https://bugzilla.redhat.com/show_bug.cgi?id=2034602

https://bugzilla.redhat.com/show_bug.cgi?id=2035002

https://bugzilla.redhat.com/show_bug.cgi?id=2035177

https://bugzilla.redhat.com/show_bug.cgi?id=2035185

https://bugzilla.redhat.com/show_bug.cgi?id=2035237

https://bugzilla.redhat.com/show_bug.cgi?id=2035714

https://bugzilla.redhat.com/show_bug.cgi?id=2036178

https://bugzilla.redhat.com/show_bug.cgi?id=2037135

https://bugzilla.redhat.com/show_bug.cgi?id=2041480

https://bugzilla.redhat.com/show_bug.cgi?id=2041610

https://bugzilla.redhat.com/show_bug.cgi?id=2043584

https://bugzilla.redhat.com/show_bug.cgi?id=2045945

https://bugzilla.redhat.com/show_bug.cgi?id=2046172

https://bugzilla.redhat.com/show_bug.cgi?id=2050324

https://bugzilla.redhat.com/show_bug.cgi?id=2050697

https://bugzilla.redhat.com/show_bug.cgi?id=2050702

https://bugzilla.redhat.com/show_bug.cgi?id=2054597

https://bugzilla.redhat.com/show_bug.cgi?id=2059311

https://bugzilla.redhat.com/show_bug.cgi?id=2065314

Plugin Details

Severity: High

ID: 161052

File Name: redhat-RHSA-2022-1759.nasl

Version: 1.14

Type: local

Agent: unix

Published: 5/11/2022

Updated: 11/7/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 6

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2021-39263

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage, p-cpe:/a:redhat:enterprise_linux:sgabios-bin, p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-plugin, p-cpe:/a:redhat:enterprise_linux:ocaml-hivex, p-cpe:/a:redhat:enterprise_linux:swtpm-libs, p-cpe:/a:redhat:enterprise_linux:qemu-img, p-cpe:/a:redhat:enterprise_linux:libguestfs-tools, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon, p-cpe:/a:redhat:enterprise_linux:nbdkit-ssh-plugin, p-cpe:/a:redhat:enterprise_linux:libguestfs-devel, p-cpe:/a:redhat:enterprise_linux:netcf, p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport, p-cpe:/a:redhat:enterprise_linux:swtpm-tools, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-opengl, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-core, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-scsi, p-cpe:/a:redhat:enterprise_linux:supermin-devel, p-cpe:/a:redhat:enterprise_linux:nbdfuse, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi-direct, p-cpe:/a:redhat:enterprise_linux:libvirt-nss, p-cpe:/a:redhat:enterprise_linux:nbdkit-linuxdisk-plugin, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-network, p-cpe:/a:redhat:enterprise_linux:seavgabios-bin, p-cpe:/a:redhat:enterprise_linux:nbdkit-nbd-plugin, p-cpe:/a:redhat:enterprise_linux:libguestfs-rescue, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tests, p-cpe:/a:redhat:enterprise_linux:nbdkit, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-secret, p-cpe:/a:redhat:enterprise_linux:libguestfs-java-devel, p-cpe:/a:redhat:enterprise_linux:hivex, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-disk, p-cpe:/a:redhat:enterprise_linux:libvirt-devel, p-cpe:/a:redhat:enterprise_linux:ocaml-hivex-devel, p-cpe:/a:redhat:enterprise_linux:nbdkit-bash-completion, p-cpe:/a:redhat:enterprise_linux:perl-hivex, p-cpe:/a:redhat:enterprise_linux:libvirt-python, p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-uk, p-cpe:/a:redhat:enterprise_linux:libguestfs-java, p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-plugin, p-cpe:/a:redhat:enterprise_linux:libguestfs-gfs2, p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs-devel, p-cpe:/a:redhat:enterprise_linux:libvirt-client, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-curl, p-cpe:/a:redhat:enterprise_linux:netcf-libs, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-docs, p-cpe:/a:redhat:enterprise_linux:libguestfs-xfs, p-cpe:/a:redhat:enterprise_linux:libvirt-dbus, p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject, p-cpe:/a:redhat:enterprise_linux:nbdkit-server, p-cpe:/a:redhat:enterprise_linux:nbdkit-xz-filter, p-cpe:/a:redhat:enterprise_linux:python3-libguestfs, p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd-devel, p-cpe:/a:redhat:enterprise_linux:libvirt-libs, p-cpe:/a:redhat:enterprise_linux:seabios, p-cpe:/a:redhat:enterprise_linux:sgabios, p-cpe:/a:redhat:enterprise_linux:swtpm-devel, p-cpe:/a:redhat:enterprise_linux:libnbd-bash-completion, p-cpe:/a:redhat:enterprise_linux:slof, p-cpe:/a:redhat:enterprise_linux:nbdkit-tmpdisk-plugin, p-cpe:/a:redhat:enterprise_linux:libguestfs-appliance, p-cpe:/a:redhat:enterprise_linux:swtpm-tools-pkcs11, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-mpath, p-cpe:/a:redhat:enterprise_linux:nbdkit-vddk-plugin, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-ui-spice, p-cpe:/a:redhat:enterprise_linux:perl-sys-virt, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-rbd, p-cpe:/a:redhat:enterprise_linux:libguestfs-gobject-devel, p-cpe:/a:redhat:enterprise_linux:libnbd-devel, p-cpe:/a:redhat:enterprise_linux:libtpms, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-rbd, p-cpe:/a:redhat:enterprise_linux:libguestfs-inspect-icons, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-logical, p-cpe:/a:redhat:enterprise_linux:libguestfs, p-cpe:/a:redhat:enterprise_linux:netcf-devel, p-cpe:/a:redhat:enterprise_linux:perl-sys-guestfs, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-gluster, p-cpe:/a:redhat:enterprise_linux:virt-v2v, p-cpe:/a:redhat:enterprise_linux:libtpms-devel, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:libguestfs-bash-completion, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-core, p-cpe:/a:redhat:enterprise_linux:ruby-libguestfs, p-cpe:/a:redhat:enterprise_linux:nbdkit-tar-filter, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-iscsi, p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-plugins, p-cpe:/a:redhat:enterprise_linux:virt-dib, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nodedev, p-cpe:/a:redhat:enterprise_linux:ocaml-libguestfs, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-nwfilter, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-qemu, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-interface, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common, p-cpe:/a:redhat:enterprise_linux:nbdkit-gzip-filter, p-cpe:/a:redhat:enterprise_linux:nbdkit-example-plugins, p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-ja, p-cpe:/a:redhat:enterprise_linux:libvirt-docs, p-cpe:/a:redhat:enterprise_linux:libguestfs-rsync, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-kvm, p-cpe:/a:redhat:enterprise_linux:virt-v2v-man-pages-ja, p-cpe:/a:redhat:enterprise_linux:python3-hivex, p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent, p-cpe:/a:redhat:enterprise_linux:seabios-bin, p-cpe:/a:redhat:enterprise_linux:libiscsi-devel, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-storage-iscsi, p-cpe:/a:redhat:enterprise_linux:qemu-kvm, p-cpe:/a:redhat:enterprise_linux:swtpm, p-cpe:/a:redhat:enterprise_linux:python3-libnbd, p-cpe:/a:redhat:enterprise_linux:libguestfs-man-pages-uk, p-cpe:/a:redhat:enterprise_linux:ruby-hivex, p-cpe:/a:redhat:enterprise_linux:nbdkit-curl-plugin, p-cpe:/a:redhat:enterprise_linux:nbdkit-devel, p-cpe:/a:redhat:enterprise_linux:nbdkit-python-plugin, p-cpe:/a:redhat:enterprise_linux:libguestfs-tools-c, p-cpe:/a:redhat:enterprise_linux:python3-libvirt, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-config-nwfilter, p-cpe:/a:redhat:enterprise_linux:hivex-devel, p-cpe:/a:redhat:enterprise_linux:ocaml-libnbd, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-ssh, p-cpe:/a:redhat:enterprise_linux:libvirt-wireshark, p-cpe:/a:redhat:enterprise_linux:libvirt, p-cpe:/a:redhat:enterprise_linux:libvirt-daemon-driver-network, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-block-gluster, p-cpe:/a:redhat:enterprise_linux:libiscsi, p-cpe:/a:redhat:enterprise_linux:libiscsi-utils, p-cpe:/a:redhat:enterprise_linux:nbdkit-basic-filters, p-cpe:/a:redhat:enterprise_linux:qemu-kvm-hw-usbredir, p-cpe:/a:redhat:enterprise_linux:supermin, p-cpe:/a:redhat:enterprise_linux:libnbd, p-cpe:/a:redhat:enterprise_linux:lua-guestfs, p-cpe:/a:redhat:enterprise_linux:libguestfs-javadoc, p-cpe:/a:redhat:enterprise_linux:virt-v2v-bash-completion, p-cpe:/a:redhat:enterprise_linux:libvirt-lock-sanlock

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/10/2022

Vulnerability Publication Date: 5/26/2021

Reference Information

CVE: CVE-2021-20196, CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-3622, CVE-2021-3716, CVE-2021-3748, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263, CVE-2021-3975, CVE-2021-4145, CVE-2021-4158, CVE-2022-0485

CWE: 119, 252, 400, 416, 476, 924

IAVB: 2022-B-0051-S

RHSA: 2022:1759