(RHSA-2024:4351) Low: virt:rhel and virt-devel:rhel security and bug fix update

2024-07-0801:54:25

access.redhat.com

rhsa-2024-4351

kernel-based virtual machine

api management

stack use-after-free

virsh destroy fix

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

Low

EPSS

Percentile

10.6%

JSON

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

Security Fix:

virt:rhel/libvirt: stack use-after-free in virNetClientIOEventLoop (CVE-2024-4418)

Bug fix:

virsh destroy with --graceful destroyed a paused guest (qemu process paused by SIGSTOP) (JIRA:RHEL-36064)

OSVersionArchitecturePackageVersionFilename
RedHatanyi686libvirt-nss< 8.0.0-23.2.module+el8.10.0+21972+d7867348libvirt-nss-8.0.0-23.2.module+el8.10.0+21972+d7867348.i686.rpm
RedHatanyx86_64qemu-kvm-block-rbd< 6.2.0-49.module+el8.10.0+21533+3df3c4b6qemu-kvm-block-rbd-6.2.0-49.module+el8.10.0+21533+3df3c4b6.x86_64.rpm
RedHatanyppc64lelibguestfs< 1.44.0-9.module+el8.9.0+18724+20190c23libguestfs-1.44.0-9.module+el8.9.0+18724+20190c23.ppc64le.rpm
RedHatanyx86_64libguestfs-tools-c< 1.44.0-9.module+el8.9.0+18724+20190c23libguestfs-tools-c-1.44.0-9.module+el8.9.0+18724+20190c23.x86_64.rpm
RedHatanyx86_64hivex-devel< 1.3.18-23.module+el8.9.0+18724+20190c23hivex-devel-1.3.18-23.module+el8.9.0+18724+20190c23.x86_64.rpm
RedHatanys390xnbdkit-python-plugin-debuginfo< 1.24.0-5.module+el8.9.0+18724+20190c23nbdkit-python-plugin-debuginfo-1.24.0-5.module+el8.9.0+18724+20190c23.s390x.rpm
RedHatanyx86_64libnbd< 1.6.0-5.module+el8.9.0+18724+20190c23libnbd-1.6.0-5.module+el8.9.0+18724+20190c23.x86_64.rpm
RedHatanyaarch64libvirt-wireshark-debuginfo< 8.0.0-23.2.module+el8.10.0+21972+d7867348libvirt-wireshark-debuginfo-8.0.0-23.2.module+el8.10.0+21972+d7867348.aarch64.rpm
RedHatanyx86_64swtpm-debuginfo< 0.7.0-4.20211109gitb79fd91.module+el8.9.0+18724+20190c23swtpm-debuginfo-0.7.0-4.20211109gitb79fd91.module+el8.9.0+18724+20190c23.x86_64.rpm
RedHatanys390xlibvirt-devel< 8.0.0-23.2.module+el8.10.0+21972+d7867348libvirt-devel-8.0.0-23.2.module+el8.10.0+21972+d7867348.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	i686	libvirt-nss	< 8.0.0-23.2.module+el8.10.0+21972+d7867348	libvirt-nss-8.0.0-23.2.module+el8.10.0+21972+d7867348.i686.rpm
RedHat	any	x86_64	qemu-kvm-block-rbd	< 6.2.0-49.module+el8.10.0+21533+3df3c4b6	qemu-kvm-block-rbd-6.2.0-49.module+el8.10.0+21533+3df3c4b6.x86_64.rpm
RedHat	any	ppc64le	libguestfs	< 1.44.0-9.module+el8.9.0+18724+20190c23	libguestfs-1.44.0-9.module+el8.9.0+18724+20190c23.ppc64le.rpm
RedHat	any	x86_64	libguestfs-tools-c	< 1.44.0-9.module+el8.9.0+18724+20190c23	libguestfs-tools-c-1.44.0-9.module+el8.9.0+18724+20190c23.x86_64.rpm
RedHat	any	x86_64	hivex-devel	< 1.3.18-23.module+el8.9.0+18724+20190c23	hivex-devel-1.3.18-23.module+el8.9.0+18724+20190c23.x86_64.rpm
RedHat	any	s390x	nbdkit-python-plugin-debuginfo	< 1.24.0-5.module+el8.9.0+18724+20190c23	nbdkit-python-plugin-debuginfo-1.24.0-5.module+el8.9.0+18724+20190c23.s390x.rpm
RedHat	any	x86_64	libnbd	< 1.6.0-5.module+el8.9.0+18724+20190c23	libnbd-1.6.0-5.module+el8.9.0+18724+20190c23.x86_64.rpm
RedHat	any	aarch64	libvirt-wireshark-debuginfo	< 8.0.0-23.2.module+el8.10.0+21972+d7867348	libvirt-wireshark-debuginfo-8.0.0-23.2.module+el8.10.0+21972+d7867348.aarch64.rpm
RedHat	any	x86_64	swtpm-debuginfo	< 0.7.0-4.20211109gitb79fd91.module+el8.9.0+18724+20190c23	swtpm-debuginfo-0.7.0-4.20211109gitb79fd91.module+el8.9.0+18724+20190c23.x86_64.rpm
RedHat	any	s390x	libvirt-devel	< 8.0.0-23.2.module+el8.10.0+21972+d7867348	libvirt-devel-8.0.0-23.2.module+el8.10.0+21972+d7867348.s390x.rpm