Lucene search
Basic search
Lucene search
Search by product
Subscribe
K
Start 30-day trial
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SIGN IN
OracleLinux
ELSA-2022-9172
History
Feb 25, 2022 - 12:00 a.m.
Vulners
/
Oraclelinux
/
virt:kvm_utils security update
virt:kvm_utils security update
2022-02-25
00:00:00
linux.oracle.com
48
cve-2021-3504
rhbz#1950501
orabug: 29319324
distro_oracle_linux
rhbz#1933640
rhbz#1384241
rhbz#1828952
rhbz#1837765
bz#1844296
wim ten have
michal privoznik
karl heubaum
mark kanda
philippe mathieu-daude
prasad j pandit
alexander bulekov
jason wang
paolo bonzini
hannes reinecke
EPSS
0.004
Percentile
72.7%
JSON
hivex
[1.3.18-21]
Bounds check for block exceeding page length (CVE-2021-3504)
resolves: rhbz#1950501
libguestfs
[1.40.2-28.0.1]
Replace upstream references from description tag
Config supermin to use host yum.conf in ol8 [Orabug: 29319324]
Set DISTRO_ORACLE_LINUX correspeonding to ol
[1:1.40.2-28]
daemon: lvm: Use lvcreate --yes to avoid interactive prompts
resolves: rhbz#1933640
[1:1.40.2-27]
selinux-relabel does not work if SELINUXTYPE != targeted
tar-in command does not allow restoring file capabilities
resolves: rhbz#1384241 rhbz#1828952
[1:1.40.2-26]
insufficient default memsize to open anaconda default RHEL 8.2 luks device
resolves: rhbz#1837765
libnbd
[1.2.2]
Resolves: bz#1844296
(Upgrade components in virt:rhel module:stream for RHEL-8.3 release)
libvirt
[5.7.0-32.el8]
qemu: Validate config->exadata before reaping guests (Wim ten Have) [Orabug: 33763967]
qemu: Make vNUMA/SMT pCPU packing L3-cache aware on AMD/E4 (Wim ten Have) [Orabug: 33268059]
qemu: work exadataConfig flags directly from the QEMUdriver structure (Wim ten Have) [Orabug: 33268059]
qemu: Label restore path outside of secdriver transactions (Michal Privoznik) [Orabug: 33351242]
security: Introduce virSecurityManagerDomainSetPathLabelRO (Michal Privoznik) [Orabug: 33351242]
libvirt-python
[5.7.0-1.el8]
libvirt-python.spec: Add a .spec file for libvirt-python
qemu-kvm
[4.2.1.15.el8]
qemu-kvm.spec: Add support for reading vmdk, vhdx, vpc, https, and ssh disk image formats from qemu-kvm (Karl Heubaum) [Orabug: 33741340]
Document CVE-2021-4158 and CVE-2021-3947 as fixed (Mark Kanda) [Orabug: 33719302] [Orabug: 33754145] {CVE-2021-4158} {CVE-2021-3947}
hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196 (Philippe Mathieu-Daude) [Orabug: 32439466] {CVE-2021-20196}
hw/block/fdc: Extract blk_create_empty_drive() (Philippe Mathieu-Daude) [Orabug: 32439466] {CVE-2021-20196}
net: vmxnet3: validate configuration values during activate (CVE-2021-20203) (Prasad J Pandit) [Orabug: 32559476] {CVE-2021-20203}
lan9118: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
pcnet: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
rtl8139: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
tx_pkt: switch to use qemu_receive_packet_iov() for loopback (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
sungem: switch to use qemu_receive_packet() for loopback (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
dp8393x: switch to use qemu_receive_packet() for loopback packet (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
e1000: switch to use qemu_receive_packet() for loopback (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
net: introduce qemu_receive_packet() (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
target/i386: Populate x86_ext_save_areas offsets using cpuid where possible (Paolo Bonzini)
target/i386: Observe XSAVE state area offsets (Paolo Bonzini)
target/i386: Make x86_ext_save_areas visible outside cpu.c (Paolo Bonzini)
target/i386: Pass buffer and length to XSAVE helper (Paolo Bonzini)
target/i386: Clarify the padding requirements of X86XSaveArea (Paolo Bonzini)
target/i386: Consolidate the X86XSaveArea offset checks (Paolo Bonzini)
target/i386: Declare constants for XSAVE offsets (Paolo Bonzini)
[4.2.1-14.el8]
scsi: fix sense code for EREMOTEIO (Paolo Bonzini) [Orabug: 33537443]
scsi: move host_status handling into SCSI drivers (Hannes Reinecke) [Orabug: 33537443]
scsi: inline sg_io_sense_from_errno() into the callers (Hannes Reinecke) [Orabug: 33537443]
scsi-generic: do not snoop the output of failed commands (Paolo Bonzini) [Orabug: 33537443]
scsi: Add mapping for generic SCSI_HOST status to sense codes (Hannes Reinecke) [Orabug: 33537443]
scsi: Rename linux-specific SG_ERR codes to generic SCSI_HOST error codes (Hannes Reinecke) [Orabug: 33537443]
scsi: drop ‘result’ argument from command_complete callback (Hannes Reinecke) [Orabug: 33537443]
scsi-disk: pass guest recoverable errors through even for rerror=stop (Paolo Bonzini) [Orabug: 33537443]
scsi-disk: pass SCSI status to scsi_handle_rw_error (Paolo Bonzini) [Orabug: 33537443]
scsi: introduce scsi_sense_from_errno() (Paolo Bonzini) [Orabug: 33537443]
scsi-disk: do not complete requests early for rerror/werror=ignore (Paolo Bonzini) [Orabug: 33537443]
scsi-disk: move scsi_handle_rw_error earlier (Paolo Bonzini) [Orabug: 33537443]
scsi-disk: convert more errno values back to SCSI statuses (Paolo Bonzini) [Orabug: 33537443]
[4.2.1-13.el8]
pcie: Do not set power state for some hot-plugged devices (Annie Li) [Orabug: 33642532]
[4.2.1-12.1.el8]
Update slirp to address various CVEs (Mark Kanda) [Orabug: 32208456] [Orabug: 33014409] [Orabug: 33014414] [Orabug: 33014417] [Orabug: 33014420] {CVE-2020-29129} {CVE-2020-29130} {CVE-2021-3592} {CVE-2021-3593} {CVE-2021-3594} {CVE-2021-3595}
hw/pflash_cfi01: Allow backing devices to be smaller than memory region (David Edmondson)
pcie: expire pending delete (Gerd Hoffmann) [Orabug: 33450706]
pcie: fast unplug when slot power is off (Gerd Hoffmann) [Orabug: 33450706]
pcie: factor out pcie_cap_slot_unplug() (Gerd Hoffmann) [Orabug: 33450706]
pcie: add power indicator blink check (Gerd Hoffmann) [Orabug: 33450706]
pcie: implement slot power control for pcie root ports (Gerd Hoffmann) [Orabug: 33450706]
pci: implement power state (Gerd Hoffmann) [Orabug: 33450706]
hw/pci/pcie: Move hot plug capability check to pre_plug callback (Julia Suvorova) [Orabug: 33450706]
hw/pci/pcie: Replace PCI_DEVICE() casts with existing variable (Julia Suvorova) [Orabug: 33450706]
hw/pci/pcie: Forbid hot-plug if it’s disabled on the slot (Julia Suvorova) [Orabug: 33450706]
pcie_root_port: Add hotplug disabling option (Julia Suvorova) [Orabug: 33450706]
qdev-monitor: Forbid repeated device_del (Julia Suvorova) [Orabug: 33450706]
i386:acpi: Remove _HID from the SMBus ACPI entry (Corey Minyard)
uas: add stream number sanity checks (Gerd Hoffmann) [Orabug: 33280793] {CVE-2021-3713}
usbredir: fix free call (Gerd Hoffmann) [Orabug: 33198441] {CVE-2021-3682}
hw/scsi/scsi-disk: MODE_PAGE_ALLS not allowed in MODE SELECT commands (Mauro Matteo Cascella) [Orabug: 33548490] {CVE-2021-3930}
e1000: fix tx re-entrancy problem (Jon Maloy) [Orabug: 32560552] {CVE-2021-20257}
virtio-net-pci: Don’t use ‘efi-virtio.rom’ on AArch64 (Mark Kanda) [Orabug: 33537594]
MAINTAINERS: Add ACPI/HEST/GHES entries (Dongjiu Geng)
target-arm: kvm64: handle SIGBUS signal from kernel or KVM (Dongjiu Geng)
ACPI: Record Generic Error Status Block(GESB) table (Dongjiu Geng)
KVM: Move hwpoison page related functions into kvm-all.c (Dongjiu Geng)
ACPI: Record the Generic Error Status Block address (Dongjiu Geng)
ACPI: Build Hardware Error Source Table (Dongjiu Geng)
ACPI: Build related register address fields via hardware error fw_cfg blob (Dongjiu Geng)
docs: APEI GHES generation and CPER record description (Dongjiu Geng)
hw/arm/virt: Introduce a RAS machine option (Dongjiu Geng)
acpi: nvdimm: change NVDIMM_UUID_LE to a common macro (Dongjiu Geng)
block/curl: HTTP header field names are case insensitive (David Edmondson) [Orabug: 33287589]
block/curl: HTTP header fields allow whitespace around values (David Edmondson) [Orabug: 33287589]
[4.2.1-11.el8]
trace: use STAP_SDT_V2 to work around symbol visibility (Stefan Hajnoczi) [Orabug: 33272428]
[4.2.1-11.el8]
pvrdma: Fix the ring init error flow (Marcel Apfelbaum) [Orabug: 33120142] {CVE-2021-3608}
pvrdma: Ensure correct input on ring init (Marcel Apfelbaum) [Orabug: 33120146] {CVE-2021-3607}
hw/rdma: Fix possible mremap overflow in the pvrdma device (Marcel Apfelbaum) [Orabug: 33120084] {CVE-2021-3582}
vhost-user-gpu: reorder free calls (Gerd Hoffmann) [Orabug: 32950701] {CVE-2021-3544}
vhost-user-gpu: abstract vg_cleanup_mapping_iov (Li Qiang) [Orabug: 32950716] {CVE-2021-3546}
vhost-user-gpu: fix OOB write in ‘virgl_cmd_get_capset’ (Li Qiang) [Orabug: 32950716] {CVE-2021-3546}
vhost-user-gpu: fix memory leak in ‘virgl_resource_attach_backing’ (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
vhost-user-gpu: fix memory leak in ‘virgl_cmd_resource_unref’ (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
vhost-user-gpu: fix memory leak while calling ‘vg_resource_unref’ (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
vhost-user-gpu: fix memory leak in vg_resource_attach_backing (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
vhost-user-gpu: fix resource leak in ‘vg_resource_create_2d’ (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info (Li Qiang) [Orabug: 32950708] {CVE-2021-3545}
usb: limit combined packets to 1 MiB (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527}
usb/redir: avoid dynamic stack allocation (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527}
mptsas: Remove unused MPTSASState ‘pending’ field (Michael Tokarev) [Orabug: 32470463] {CVE-2021-3392}
oslib-posix: initialize backend memory objects in parallel (Mark Kanda) [Orabug: 32555402]
oslib-posix: refactor memory prealloc threads (Mark Kanda) [Orabug: 32555402]
Affected Package
OS
Version
Architecture
Package
Version
Filename
oracle linux
8
src
hivex
< 1.3.18-21.module
hivex-1.3.18-21.module+el8.5.0+20482+a450964e.src.rpm
oracle linux
8
src
libguestfs
< 1.40.2-28.0.1.module
libguestfs-1.40.2-28.0.1.module+el8.5.0+20482+a450964e.src.rpm
oracle linux
8
src
libguestfs-winsupport
< 8.2-1.module
libguestfs-winsupport-8.2-1.module+el8.5.0+20482+a450964e.src.rpm
oracle linux
8
src
libiscsi
< 1.18.0-8.module
libiscsi-1.18.0-8.module+el8.5.0+20482+a450964e.src.rpm
oracle linux
8
src
libnbd
< 1.2.2-1.module
libnbd-1.2.2-1.module+el8.5.0+20482+a450964e.src.rpm
oracle linux
8
src
libvirt
< 5.7.0-32.module
libvirt-5.7.0-32.module+el8.5.0+20482+a450964e.src.rpm
oracle linux
8
src
libvirt-dbus
< 1.3.0-2.module
libvirt-dbus-1.3.0-2.module+el8.5.0+20482+a450964e.src.rpm
oracle linux
8
src
libvirt-python
< 5.7.0-32.module
libvirt-python-5.7.0-32.module+el8.5.0+20482+a450964e.src.rpm
oracle linux
8
src
nbdkit
< 1.16.2-4.0.1.module
nbdkit-1.16.2-4.0.1.module+el8.5.0+20482+a450964e.src.rpm
oracle linux
8
src
netcf
< 0.2.8-12.module
netcf-0.2.8-12.module+el8.5.0+20482+a450964e.src.rpm
Rows per page:
10
1-10 of 229
1
Related
nessus 57
oraclelinux 4
ubuntu 4
openvas 42
osv 18
archlinux 2
mageia 1
gentoo 1
fedora 4
amazon 2
debian 4
altlinux 1
suse 7
redhat 5
almalinux 2
rocky 2
citrix 1
veracode 2
debiancve 4
ubuntucve 4
cve 5
attackerkb 1
redhatcve 4
cvelist 3
nvd 4
cbl_mariner 6
prion 5
alpinelinux 4
nessus
nessus
57
Oracle Linux 8 : kvm_utils (ELSA-2022-9172)
2022-02-25 00:00:00
Oracle Linux 7 : qemu (ELSA-2021-9638)
2023-09-07 00:00:00
Ubuntu 20.04 LTS : libslirp vulnerabilities (USN-5009-1)
2021-07-16 00:00:00
oraclelinux
oraclelinux
4
qemu security update
2022-01-04 00:00:00
qemu security update
2022-02-05 00:00:00
virt:ol and virt-devel:rhel security update
2021-12-22 00:00:00
ubuntu
ubuntu
4
libslirp vulnerabilities
2021-07-15 00:00:00
libslirp vulnerabilities
2021-10-26 00:00:00
QEMU vulnerabilities
2022-02-28 00:00:00
openvas
openvas
42
Ubuntu: Security Advisory (USN-5009-1)
2021-07-16 00:00:00
Ubuntu: Security Advisory (USN-5009-2)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2021-0480)
2022-01-28 00:00:00
osv
osv
18
libslirp vulnerabilities
2021-07-15 17:23:21
qemu - security update
2021-09-01 00:00:00
qemu vulnerabilities
2022-02-28 13:03:07
archlinux
archlinux
[ASA-202106-49] libslirp: information disclosure
2021-06-22 00:00:00
[ASA-202012-7] libslirp: information disclosure
2020-12-05 00:00:00
mageia
mageia
Updated libslirp packages fix security vulnerability
2021-10-21 00:28:32
gentoo
gentoo
libslirp: Multiple vulnerabilities
2021-07-20 00:00:00
fedora
fedora
4
[SECURITY] Fedora 33 Update: libslirp-4.3.1-5.fc33
2021-07-04 01:09:15
[SECURITY] Fedora 34 Update: libslirp-4.4.0-4.fc34
2021-07-04 01:07:58
[SECURITY] Fedora 32 Update: libslirp-4.3.1-3.fc32
2020-12-13 02:35:41
amazon
amazon
Low: qemu
2023-07-20 17:29:00
Low: qemu
2023-05-25 17:41:00
debian
debian
4
[SECURITY] [DLA 2753-1] qemu security update
2021-09-02 18:40:09
[SECURITY] [DLA 2970-1] qemu security update
2022-04-04 13:21:47
[SECURITY] [DLA 3362-1] qemu security update
2023-03-14 21:01:53
altlinux
altlinux
Security fix for the ALT Linux 10 package qemu version 6.1.1-alt1
2022-03-01 00:00:00
suse
suse
7
Security update for libslirp (important)
2022-05-18 00:00:00
Security update for libslirp (low)
2022-04-22 00:00:00
Security update for libslirp (important)
2022-04-29 00:00:00
redhat
redhat
5
(RHSA-2022:0081) Low: virt:av and virt-devel:av security and bug fix update
2022-01-11 09:12:04
(RHSA-2021:5238) Low: virt:rhel and virt-devel:rhel security update
2021-12-21 09:11:21
(RHSA-2021:4191) Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-11-09 08:35:34
almalinux
almalinux
Low: virt:rhel and virt-devel:rhel security update
2021-12-21 09:11:21
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-11-09 08:35:34
rocky
rocky
virt:rhel and virt-devel:rhel security update
2021-12-21 09:11:21
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2021-11-09 08:35:34
citrix
citrix
Citrix Hypervisor Security Update
2021-06-23 11:06:42
veracode
veracode
Denial Of Service (DoS)
2022-01-15 16:40:05
Denial Of Service (DoS)
2021-04-11 12:04:51
debiancve
debiancve
4
CVE-2021-20196
2021-05-26 22:15:07
CVE-2021-20203
2021-02-25 20:15:11
CVE-2021-3930
2022-02-18 18:15:09
ubuntucve
ubuntucve
4
CVE-2021-20196
2021-05-26 00:00:00
CVE-2021-20203
2021-02-25 00:00:00
CVE-2021-3930
2022-02-18 00:00:00
cve
cve
5
CVE-2021-20196
2021-05-26 22:15:07
CVE-2021-20257
2022-03-16 15:15:09
CVE-2021-20203
2021-02-25 20:15:11
attackerkb
attackerkb
CVE-2021-20257
2020-12-17 00:00:00
redhatcve
redhatcve
4
CVE-2021-20196
2021-01-24 20:41:50
CVE-2021-20203
2021-02-01 09:45:24
CVE-2021-20257
2021-02-22 08:16:14
cvelist
cvelist
CVE-2021-20196
2021-05-26 21:16:58
CVE-2021-20203
2021-02-25 19:09:46
CVE-2021-20257
2022-03-16 14:12:26
nvd
nvd
4
CVE-2021-20196
2021-05-26 22:15:07
CVE-2021-20203
2021-02-25 20:15:11
CVE-2020-29129
2020-11-26 20:15:10
cbl_mariner
cbl_mariner
6
CVE-2021-20203 affecting package qemu-kvm 4.2.0-48
2021-04-06 23:50:33
CVE-2021-20257 affecting package qemu for versions less than 6.2.0-2
2022-06-03 17:54:21
CVE-2021-3947 affecting package qemu-kvm 4.2.0-48
2022-04-07 06:04:11
prion
prion
5
Integer overflow
2021-02-25 20:15:00
Denial of service
2022-03-16 15:15:00
Buffer overflow
2020-11-26 20:15:00
alpinelinux
alpinelinux
4
CVE-2021-20196
2021-05-26 22:15:07
CVE-2021-20257
2022-03-16 15:15:09
CVE-2021-20203
2021-02-25 20:15:11
EPSS
0.004
Percentile
72.7%
JSON
Related for ELSA-2022-9172
nessus
57
oraclelinux
4
ubuntu
4
openvas
42
osv
18
archlinux
2
mageia
1
gentoo
1
fedora
4
amazon
2
debian
4
altlinux
1
suse
7
redhat
5
almalinux
2
rocky
2
citrix
1
veracode
2
debiancve
4
ubuntucve
4
cve
5
attackerkb
1
redhatcve
4
cvelist
3
nvd
4
cbl_mariner
6
prion
5
alpinelinux
4