(RHSA-2022:0397) Low: virt:av and virt-devel:av security and bug fix update

The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

Security Fix(es):

• nbdkit: NBD_OPT_STRUCTURED_REPLY injection on STARTTLS (CVE-2021-3716)

• QEMU: block: fdc: null pointer dereference may lead to guest crash (CVE-2021-20196)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• There is nbdkit curl error info if convert a guest from VMware without vddk by administrator account [rhel-av-8.5.z] (BZ#2040778)

• Fix data corruption in nbdkit-cow-filter and nbdkit-cache-filter [rhel-av-8.5z] (BZ#2040781)