RHEL 8 : Red Hat Virtualization security, update [ovirt-4.5.0] (Important) (RHSA-2022:4896)

high Nessus Plugin ID 161818

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4896 advisory.

The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.

Security Fix(es):

* kernel: use-after-free in RDMA listen() (CVE-2021-4028)

* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)

* kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)

* openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)

* zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)

* gzip: arbitrary-file-write vulnerability (CVE-2022-1271)

* rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fixes:

* elfutils package has been update within RHV-H Channel to match the same version released in RHEL (BZ#2038081)

* Rebase package(s) to version 1.2.24 For highlights, important fixes, or notable enhancements: see bugs in Depend On. (BZ#2057338)

* Rebase package(s) to version: 4.5.0

Highlights, important fixes, or notable enhancements: (BZ#2057342)

* Rebase package(s) to version anaconda-33.16.6.6-1.el8 For highlights and important bug fixes: include UI change for blocking installation if root password is not set. (BZ#1899821)

* Red hat Virtualization Host has been rebased on Red Hat Enterprise Linux 8.6 (BZ#1997074)

* Previously, concurrent executions of LV refresh (lvchange) failed. This hindered simultaneous starts of virtual machines that have thin-provisioned disks based on the same disk on a block storage domain.
In this release, concurrent execution of LV refresh has been fixed in LVM2. (BZ#2020497)

* Red Hat Virtualization Host has been rebased on latest Ceph 4.3 (BZ#2090138)

* In previous releases systemtap package could have been installed on top of RHV-H from RHV-H channel.
With 4.4 SP1 systemtap package installation is not supported anymore (BZ#2052963)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected redhat-virtualization-host-image-update package.

See Also

http://www.nessus.org/u?db4053c2

https://access.redhat.com/security/updates/classification/#important

https://access.redhat.com/errata/RHSA-2022:4896

https://bugzilla.redhat.com/show_bug.cgi?id=1899821

https://bugzilla.redhat.com/show_bug.cgi?id=1997074

https://bugzilla.redhat.com/show_bug.cgi?id=2020497

https://bugzilla.redhat.com/show_bug.cgi?id=2027201

https://bugzilla.redhat.com/show_bug.cgi?id=2029923

https://bugzilla.redhat.com/show_bug.cgi?id=2038081

https://bugzilla.redhat.com/show_bug.cgi?id=2052963

https://bugzilla.redhat.com/show_bug.cgi?id=2056334

https://bugzilla.redhat.com/show_bug.cgi?id=2056745

https://bugzilla.redhat.com/show_bug.cgi?id=2056830

https://bugzilla.redhat.com/show_bug.cgi?id=2057338

https://bugzilla.redhat.com/show_bug.cgi?id=2057342

https://bugzilla.redhat.com/show_bug.cgi?id=2062202

https://bugzilla.redhat.com/show_bug.cgi?id=2067945

https://bugzilla.redhat.com/show_bug.cgi?id=2073310

https://bugzilla.redhat.com/show_bug.cgi?id=2081353

https://bugzilla.redhat.com/show_bug.cgi?id=2086834

https://bugzilla.redhat.com/show_bug.cgi?id=2090138

Plugin Details

Severity: High

ID: 161818

File Name: redhat-RHSA-2022-4896.nasl

Version: 1.12

Type: local

Agent: unix

Published: 6/3/2022

Updated: 11/7/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

Vendor

Vendor Severity: Important

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 6

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-25636

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2022-1271

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/3/2022

Vulnerability Publication Date: 1/18/2022

Exploitable With

Core Impact

Reference Information

CVE: CVE-2018-25032, CVE-2021-4028, CVE-2021-4083, CVE-2022-0778, CVE-2022-1271, CVE-2022-24903, CVE-2022-25636

CWE: 1173, 119, 362, 416, 787, 835

IAVA: 2024-A-0327

RHSA: 2022:4896