CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
89.5%
CentOS Errata and Security Advisory CESA-2017:0564
The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images.
Security Fix(es):
Note: The libguestfs packages in this advisory were rebuilt with a fixed version of OCaml to address this issue.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2017-March/030092.html
Affected packages:
libguestfs
libguestfs-devel
libguestfs-java
libguestfs-java-devel
libguestfs-javadoc
libguestfs-tools
libguestfs-tools-c
ocaml-libguestfs
ocaml-libguestfs-devel
perl-Sys-Guestfs
python-libguestfs
ruby-libguestfs
Upstream details at:
https://access.redhat.com/errata/RHSA-2017:0564
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | x86_64 | libguestfs | < 1.20.11-20.el6 | libguestfs-1.20.11-20.el6.x86_64.rpm |
CentOS | 6 | x86_64 | libguestfs-devel | < 1.20.11-20.el6 | libguestfs-devel-1.20.11-20.el6.x86_64.rpm |
CentOS | 6 | x86_64 | libguestfs-java | < 1.20.11-20.el6 | libguestfs-java-1.20.11-20.el6.x86_64.rpm |
CentOS | 6 | x86_64 | libguestfs-java-devel | < 1.20.11-20.el6 | libguestfs-java-devel-1.20.11-20.el6.x86_64.rpm |
CentOS | 6 | x86_64 | libguestfs-javadoc | < 1.20.11-20.el6 | libguestfs-javadoc-1.20.11-20.el6.x86_64.rpm |
CentOS | 6 | x86_64 | libguestfs-tools | < 1.20.11-20.el6 | libguestfs-tools-1.20.11-20.el6.x86_64.rpm |
CentOS | 6 | x86_64 | libguestfs-tools-c | < 1.20.11-20.el6 | libguestfs-tools-c-1.20.11-20.el6.x86_64.rpm |
CentOS | 6 | x86_64 | ocaml-libguestfs | < 1.20.11-20.el6 | ocaml-libguestfs-1.20.11-20.el6.x86_64.rpm |
CentOS | 6 | x86_64 | ocaml-libguestfs-devel | < 1.20.11-20.el6 | ocaml-libguestfs-devel-1.20.11-20.el6.x86_64.rpm |
CentOS | 6 | x86_64 | perl-sys-guestfs | < 1.20.11-20.el6 | perl-Sys-Guestfs-1.20.11-20.el6.x86_64.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
89.5%