Lucene search

Rockylinux Product ErrataRLSA-2022:8003

HistoryNov 15, 2022 - 6:13 a.m.

libvirt security, bug fix, and enhancement update

2022-11-1506:13:06

Rockylinux Product Errata

errata.rockylinux.org

libvirt

security fix

enhancement

cve-2022-0897

rocky linux 9

c api

virtualization

denial of service

upgrade

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

39.0%

JSON

An update is available for libvirt.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.

The following packages have been upgraded to a later upstream version: libvirt (8.5.0). (BZ#2060313)

Security Fix(es):

libvirt: missing locking in nwfilterConnectNumOfNWFilters can lead to denial of service (CVE-2022-0897)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
rocky9aarch64libvirt< 8.5.0-7.3.el9_1libvirt-0:8.5.0-7.3.el9_1.aarch64.rpm
rocky9ppc64lelibvirt< 8.5.0-7.3.el9_1libvirt-0:8.5.0-7.3.el9_1.ppc64le.rpm
rocky9s390xlibvirt< 8.5.0-7.3.el9_1libvirt-0:8.5.0-7.3.el9_1.s390x.rpm
rocky9x86_64libvirt< 8.5.0-7.3.el9_1libvirt-0:8.5.0-7.3.el9_1.x86_64.rpm
rocky9aarch64libvirt-client< 8.5.0-7.3.el9_1libvirt-client-0:8.5.0-7.3.el9_1.aarch64.rpm
rocky9ppc64lelibvirt-client< 8.5.0-7.3.el9_1libvirt-client-0:8.5.0-7.3.el9_1.ppc64le.rpm
rocky9s390xlibvirt-client< 8.5.0-7.3.el9_1libvirt-client-0:8.5.0-7.3.el9_1.s390x.rpm
rocky9x86_64libvirt-client< 8.5.0-7.3.el9_1libvirt-client-0:8.5.0-7.3.el9_1.x86_64.rpm
rocky9aarch64libvirt-client-debuginfo< 8.5.0-7.3.el9_1libvirt-client-debuginfo-0:8.5.0-7.3.el9_1.aarch64.rpm
rocky9ppc64lelibvirt-client-debuginfo< 8.5.0-7.3.el9_1libvirt-client-debuginfo-0:8.5.0-7.3.el9_1.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	9	aarch64	libvirt	< 8.5.0-7.3.el9_1	libvirt-0:8.5.0-7.3.el9_1.aarch64.rpm
rocky	9	ppc64le	libvirt	< 8.5.0-7.3.el9_1	libvirt-0:8.5.0-7.3.el9_1.ppc64le.rpm
rocky	9	s390x	libvirt	< 8.5.0-7.3.el9_1	libvirt-0:8.5.0-7.3.el9_1.s390x.rpm
rocky	9	x86_64	libvirt	< 8.5.0-7.3.el9_1	libvirt-0:8.5.0-7.3.el9_1.x86_64.rpm
rocky	9	aarch64	libvirt-client	< 8.5.0-7.3.el9_1	libvirt-client-0:8.5.0-7.3.el9_1.aarch64.rpm
rocky	9	ppc64le	libvirt-client	< 8.5.0-7.3.el9_1	libvirt-client-0:8.5.0-7.3.el9_1.ppc64le.rpm
rocky	9	s390x	libvirt-client	< 8.5.0-7.3.el9_1	libvirt-client-0:8.5.0-7.3.el9_1.s390x.rpm
rocky	9	x86_64	libvirt-client	< 8.5.0-7.3.el9_1	libvirt-client-0:8.5.0-7.3.el9_1.x86_64.rpm
rocky	9	aarch64	libvirt-client-debuginfo	< 8.5.0-7.3.el9_1	libvirt-client-debuginfo-0:8.5.0-7.3.el9_1.aarch64.rpm
rocky	9	ppc64le	libvirt-client-debuginfo	< 8.5.0-7.3.el9_1	libvirt-client-debuginfo-0:8.5.0-7.3.el9_1.ppc64le.rpm