[ALSA-2020:4676] Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2020-11-03
Description:
Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. The following packages have been upgraded to a later upstream version: hivex (1.3.18), libguestfs (1.40.2), libguestfs-winsupport (8.2), libvirt (6.0.0), libvirt-dbus (1.3.0), libvirt-python (6.0.0), nbdkit (1.16.2), perl-Sys-Virt (6.0.0), qemu-kvm (4.2.0), seabios (1.13.0), SLOF (20191022). (BZ#1810193, BZ#1844296) Security Fix(es): * libvirt: leak of /dev/mapper/control into QEMU guests (CVE-2020-14339) * QEMU: Slirp: use-after-free during packet reassembly (CVE-2019-15890) * libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent (CVE-2019-20485) * QEMU: slirp: use-after-free in ip_reass() function in ip_input.c (CVE-2020-1983) * libvirt: Potential denial of service via active pool without target path (CVE-2020-10703) * libvirt: leak of sensitive cookie information via dumpxml (CVE-2020-14301) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages:
  • libguestfs-winsupport-8.2-1.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • libiscsi-1.18.0-8.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • libiscsi-devel-1.18.0-8.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • libiscsi-utils-1.18.0-8.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • libnbd-1.2.2-1.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • libnbd-devel-1.2.2-1.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • libvirt-dbus-1.3.0-2.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdfuse-1.2.2-1.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-bash-completion-1.16.2-4.module_el8.4.0+2523+3300d70f.noarch.rpm
  • nbdkit-basic-filters-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-basic-plugins-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-curl-plugin-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-devel-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-example-plugins-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-gzip-plugin-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-linuxdisk-plugin-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-python-plugin-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-server-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-ssh-plugin-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-vddk-plugin-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • nbdkit-xz-filter-1.16.2-4.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • netcf-0.2.8-12.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • netcf-devel-0.2.8-12.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • netcf-libs-0.2.8-12.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • perl-Sys-Virt-6.0.0-1.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • python3-libnbd-1.2.2-1.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • python3-libvirt-6.0.0-1.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • seabios-1.13.0-2.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • seabios-bin-1.13.0-2.module_el8.4.0+2523+3300d70f.noarch.rpm
  • seavgabios-bin-1.13.0-2.module_el8.4.0+2523+3300d70f.noarch.rpm
  • sgabios-0.20170427git-3.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • sgabios-bin-0.20170427git-3.module_el8.4.0+2523+3300d70f.noarch.rpm
  • supermin-5.1.19-10.module_el8.4.0+2523+3300d70f.x86_64.rpm
  • supermin-devel-5.1.19-10.module_el8.4.0+2523+3300d70f.x86_64.rpm
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.