ALSA-2022:0886

Source
https://errata.almalinux.org/8/ALSA-2022-0886.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2022:0886.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2022:0886
Related
Published
2022-03-15T09:10:17Z
Modified
2022-03-17T20:46:19Z
Summary
Moderate: virt:rhel and virt-devel:rhel security update
Details

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

Security Fix(es):

  • QEMU: virtiofsd: potential privilege escalation via CVE-2018-13405 (CVE-2022-0358)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:8 / libiscsi

Package

Name
libiscsi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.18.0-8.module_el8.6.0+2880+7d9e3703

AlmaLinux:8 / libiscsi-devel

Package

Name
libiscsi-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.18.0-8.module_el8.6.0+2880+7d9e3703

AlmaLinux:8 / libiscsi-utils

Package

Name
libiscsi-utils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.18.0-8.module_el8.6.0+2880+7d9e3703

AlmaLinux:8 / libvirt-dbus

Package

Name
libvirt-dbus

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.0-2.module_el8.6.0+2880+7d9e3703

AlmaLinux:8 / netcf

Package

Name
netcf

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.8-12.module_el8.6.0+2880+7d9e3703

AlmaLinux:8 / netcf-devel

Package

Name
netcf-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.8-12.module_el8.6.0+2880+7d9e3703

AlmaLinux:8 / netcf-libs

Package

Name
netcf-libs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.8-12.module_el8.6.0+2880+7d9e3703

AlmaLinux:8 / qemu-guest-agent

Package

Name
qemu-guest-agent

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / qemu-img

Package

Name
qemu-img

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / qemu-kvm

Package

Name
qemu-kvm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / qemu-kvm-block-curl

Package

Name
qemu-kvm-block-curl

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / qemu-kvm-block-gluster

Package

Name
qemu-kvm-block-gluster

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / qemu-kvm-block-iscsi

Package

Name
qemu-kvm-block-iscsi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / qemu-kvm-block-rbd

Package

Name
qemu-kvm-block-rbd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / qemu-kvm-block-ssh

Package

Name
qemu-kvm-block-ssh

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / qemu-kvm-common

Package

Name
qemu-kvm-common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / qemu-kvm-core

Package

Name
qemu-kvm-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15:4.2.0-59.module_el8.5.0+2629+68d2f392.2

AlmaLinux:8 / sgabios

Package

Name
sgabios

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.20170427git-3.module_el8.6.0+2880+7d9e3703

AlmaLinux:8 / sgabios-bin

Package

Name
sgabios-bin

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.20170427git-3.module_el8.6.0+2880+7d9e3703