(RHSA-2023:3822) Moderate: virt:rhel and virt-devel:rhel security and bug fix update

2023-06-2713:35:33

access.redhat.com

kvm

virt:rhel

virt-devel:rhel

libvirt

memory leak

cve-2023-2700

bug fix

logs

bz#2180030

qemu

snapshot

bz#2181575

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

Security Fix(es):

libvirt: Memory leak in virPCIVirtualFunctionList cleanup (CVE-2023-2700)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Logs are spammed with ’ Domain id=7 is tainted: custom-ga-command’ message (BZ#2180030)
[qemu] snapshot is failing with error libvirt.libvirtError: internal error: QEMU monitor reply exceeds buffer size (10485760 bytes) (BZ#2181575)

OSVersionArchitecturePackageVersionFilename
RedHatanyi686libvirt-daemon-driver-storage-iscsi-direct< 8.0.0-19.2.module+el8.8.0+18944+7f5acf75libvirt-daemon-driver-storage-iscsi-direct-8.0.0-19.2.module+el8.8.0+18944+7f5acf75.i686.rpm
RedHatanys390xswtpm-debuginfo< 0.7.0-4.20211109gitb79fd91.module+el8.8.0+16781+9f4724c2swtpm-debuginfo-0.7.0-4.20211109gitb79fd91.module+el8.8.0+16781+9f4724c2.s390x.rpm
RedHatanys390xlibguestfs-rescue< 1.44.0-9.module+el8.8.0+16781+9f4724c2libguestfs-rescue-1.44.0-9.module+el8.8.0+16781+9f4724c2.s390x.rpm
RedHatanys390xlibguestfs-gobject< 1.44.0-9.module+el8.8.0+16781+9f4724c2libguestfs-gobject-1.44.0-9.module+el8.8.0+16781+9f4724c2.s390x.rpm
RedHatanyi686libvirt-daemon-driver-storage-mpath-debuginfo< 8.0.0-19.2.module+el8.8.0+18944+7f5acf75libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-19.2.module+el8.8.0+18944+7f5acf75.i686.rpm
RedHatanyaarch64qemu-kvm-block-ssh-debuginfo< 6.2.0-32.module+el8.8.0+18361+9f407f6eqemu-kvm-block-ssh-debuginfo-6.2.0-32.module+el8.8.0+18361+9f407f6e.aarch64.rpm
RedHatanyi686ruby-hivex< 1.3.18-23.module+el8.8.0+16781+9f4724c2ruby-hivex-1.3.18-23.module+el8.8.0+16781+9f4724c2.i686.rpm
RedHatanyaarch64lua-guestfs-debuginfo< 1.44.0-9.module+el8.8.0+16781+9f4724c2lua-guestfs-debuginfo-1.44.0-9.module+el8.8.0+16781+9f4724c2.aarch64.rpm
RedHatanyppc64lelibvirt-daemon-driver-secret-debuginfo< 8.0.0-19.2.module+el8.8.0+18944+7f5acf75libvirt-daemon-driver-secret-debuginfo-8.0.0-19.2.module+el8.8.0+18944+7f5acf75.ppc64le.rpm
RedHatanyppc64lenbdkit-basic-plugins< 1.24.0-5.module+el8.8.0+17308+05924798nbdkit-basic-plugins-1.24.0-5.module+el8.8.0+17308+05924798.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	i686	libvirt-daemon-driver-storage-iscsi-direct	< 8.0.0-19.2.module+el8.8.0+18944+7f5acf75	libvirt-daemon-driver-storage-iscsi-direct-8.0.0-19.2.module+el8.8.0+18944+7f5acf75.i686.rpm
RedHat	any	s390x	swtpm-debuginfo	< 0.7.0-4.20211109gitb79fd91.module+el8.8.0+16781+9f4724c2	swtpm-debuginfo-0.7.0-4.20211109gitb79fd91.module+el8.8.0+16781+9f4724c2.s390x.rpm
RedHat	any	s390x	libguestfs-rescue	< 1.44.0-9.module+el8.8.0+16781+9f4724c2	libguestfs-rescue-1.44.0-9.module+el8.8.0+16781+9f4724c2.s390x.rpm
RedHat	any	s390x	libguestfs-gobject	< 1.44.0-9.module+el8.8.0+16781+9f4724c2	libguestfs-gobject-1.44.0-9.module+el8.8.0+16781+9f4724c2.s390x.rpm
RedHat	any	i686	libvirt-daemon-driver-storage-mpath-debuginfo	< 8.0.0-19.2.module+el8.8.0+18944+7f5acf75	libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-19.2.module+el8.8.0+18944+7f5acf75.i686.rpm
RedHat	any	aarch64	qemu-kvm-block-ssh-debuginfo	< 6.2.0-32.module+el8.8.0+18361+9f407f6e	qemu-kvm-block-ssh-debuginfo-6.2.0-32.module+el8.8.0+18361+9f407f6e.aarch64.rpm
RedHat	any	i686	ruby-hivex	< 1.3.18-23.module+el8.8.0+16781+9f4724c2	ruby-hivex-1.3.18-23.module+el8.8.0+16781+9f4724c2.i686.rpm
RedHat	any	aarch64	lua-guestfs-debuginfo	< 1.44.0-9.module+el8.8.0+16781+9f4724c2	lua-guestfs-debuginfo-1.44.0-9.module+el8.8.0+16781+9f4724c2.aarch64.rpm
RedHat	any	ppc64le	libvirt-daemon-driver-secret-debuginfo	< 8.0.0-19.2.module+el8.8.0+18944+7f5acf75	libvirt-daemon-driver-secret-debuginfo-8.0.0-19.2.module+el8.8.0+18944+7f5acf75.ppc64le.rpm
RedHat	any	ppc64le	nbdkit-basic-plugins	< 1.24.0-5.module+el8.8.0+17308+05924798	nbdkit-basic-plugins-1.24.0-5.module+el8.8.0+17308+05924798.ppc64le.rpm