Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2022:1759)

high Nessus Plugin ID 184718

Synopsis

The remote Rocky Linux host is missing one or more security updates.

Description

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1759 advisory.

- A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device.
This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-20196)

- In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the bytes_in_use field should be less than the bytes_allocated field. When it is not, the parsing of the records proceeds into the wild. (CVE-2021-33285)

- In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33286)

- In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. (CVE-2021-33287)

- In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. (CVE-2021-33289)

- In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. (CVE-2021-35266)

- NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. (CVE-2021-35267)

- In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35268)

- NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. (CVE-2021-35269)

- A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability. (CVE-2021-3622)

- A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability. (CVE-2021-3716)

- A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process. (CVE-2021-3748)

- A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. (CVE-2021-39251)

- A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.
(CVE-2021-39252)

- A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.
(CVE-2021-39253)

- A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. (CVE-2021-39254)

- A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22. (CVE-2021-39255)

- A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22. (CVE-2021-39256)

- A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22. (CVE-2021-39257)

- A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. (CVE-2021-39258)

- A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22. (CVE-2021-39259)

- A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. (CVE-2021-39260)

- A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. (CVE-2021-39261)

- A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.
(CVE-2021-39262)

- A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. (CVE-2021-39263)

- A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. (CVE-2021-3975)

- A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0.
The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node. (CVE-2021-4145)

- A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. (CVE-2021-4158)

- A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the silent creation of a corrupted destination image. (CVE-2022-0485)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1984721

https://bugzilla.redhat.com/show_bug.cgi?id=1985451

https://bugzilla.redhat.com/show_bug.cgi?id=1988104

https://bugzilla.redhat.com/show_bug.cgi?id=1988986

https://bugzilla.redhat.com/show_bug.cgi?id=1989338

https://bugzilla.redhat.com/show_bug.cgi?id=1989520

https://bugzilla.redhat.com/show_bug.cgi?id=1990135

https://bugzilla.redhat.com/show_bug.cgi?id=1994695

https://bugzilla.redhat.com/show_bug.cgi?id=1995865

https://bugzilla.redhat.com/show_bug.cgi?id=1996530

https://bugzilla.redhat.com/show_bug.cgi?id=1997410

https://bugzilla.redhat.com/show_bug.cgi?id=1998514

https://bugzilla.redhat.com/show_bug.cgi?id=1998947

https://bugzilla.redhat.com/show_bug.cgi?id=1998949

https://bugzilla.redhat.com/show_bug.cgi?id=1998950

https://bugzilla.redhat.com/show_bug.cgi?id=2000225

https://bugzilla.redhat.com/show_bug.cgi?id=2001525

https://bugzilla.redhat.com/show_bug.cgi?id=2001608

https://bugzilla.redhat.com/show_bug.cgi?id=2001609

https://bugzilla.redhat.com/show_bug.cgi?id=2001613

https://bugzilla.redhat.com/show_bug.cgi?id=2001616

https://bugzilla.redhat.com/show_bug.cgi?id=2001619

https://bugzilla.redhat.com/show_bug.cgi?id=2001621

https://bugzilla.redhat.com/show_bug.cgi?id=2027716

https://bugzilla.redhat.com/show_bug.cgi?id=2029355

https://bugzilla.redhat.com/show_bug.cgi?id=2029380

https://bugzilla.redhat.com/show_bug.cgi?id=2029582

https://errata.rockylinux.org/RLSA-2022:1759

https://bugzilla.redhat.com/show_bug.cgi?id=1677608

https://bugzilla.redhat.com/show_bug.cgi?id=1510237

https://bugzilla.redhat.com/show_bug.cgi?id=1689202

https://bugzilla.redhat.com/show_bug.cgi?id=1738392

https://bugzilla.redhat.com/show_bug.cgi?id=1743098

https://bugzilla.redhat.com/show_bug.cgi?id=1806857

https://bugzilla.redhat.com/show_bug.cgi?id=1810863

https://bugzilla.redhat.com/show_bug.cgi?id=1836094

https://bugzilla.redhat.com/show_bug.cgi?id=1845468

https://bugzilla.redhat.com/show_bug.cgi?id=1852762

https://bugzilla.redhat.com/show_bug.cgi?id=1867087

https://bugzilla.redhat.com/show_bug.cgi?id=1919210

https://bugzilla.redhat.com/show_bug.cgi?id=1924972

https://bugzilla.redhat.com/show_bug.cgi?id=1926508

https://bugzilla.redhat.com/show_bug.cgi?id=1942275

https://bugzilla.redhat.com/show_bug.cgi?id=1943203

https://bugzilla.redhat.com/show_bug.cgi?id=1953389

https://bugzilla.redhat.com/show_bug.cgi?id=1965140

https://bugzilla.redhat.com/show_bug.cgi?id=1965589

https://bugzilla.redhat.com/show_bug.cgi?id=1965638

https://bugzilla.redhat.com/show_bug.cgi?id=1972515

https://bugzilla.redhat.com/show_bug.cgi?id=1975489

https://bugzilla.redhat.com/show_bug.cgi?id=1975840

https://bugzilla.redhat.com/show_bug.cgi?id=1978574

https://bugzilla.redhat.com/show_bug.cgi?id=1981782

https://bugzilla.redhat.com/show_bug.cgi?id=1982993

https://bugzilla.redhat.com/show_bug.cgi?id=1983684

https://bugzilla.redhat.com/show_bug.cgi?id=2001623

https://bugzilla.redhat.com/show_bug.cgi?id=2001645

https://bugzilla.redhat.com/show_bug.cgi?id=2001649

https://bugzilla.redhat.com/show_bug.cgi?id=2001650

https://bugzilla.redhat.com/show_bug.cgi?id=2001651

https://bugzilla.redhat.com/show_bug.cgi?id=2001652

https://bugzilla.redhat.com/show_bug.cgi?id=2001653

https://bugzilla.redhat.com/show_bug.cgi?id=2001654

https://bugzilla.redhat.com/show_bug.cgi?id=2001656

https://bugzilla.redhat.com/show_bug.cgi?id=2001658

https://bugzilla.redhat.com/show_bug.cgi?id=2001659

https://bugzilla.redhat.com/show_bug.cgi?id=2001661

https://bugzilla.redhat.com/show_bug.cgi?id=2001662

https://bugzilla.redhat.com/show_bug.cgi?id=2001665

https://bugzilla.redhat.com/show_bug.cgi?id=2001667

https://bugzilla.redhat.com/show_bug.cgi?id=2002607

https://bugzilla.redhat.com/show_bug.cgi?id=2029612

https://bugzilla.redhat.com/show_bug.cgi?id=2029647

https://bugzilla.redhat.com/show_bug.cgi?id=2030119

https://bugzilla.redhat.com/show_bug.cgi?id=2030435

https://bugzilla.redhat.com/show_bug.cgi?id=2030437

https://bugzilla.redhat.com/show_bug.cgi?id=2030438

https://bugzilla.redhat.com/show_bug.cgi?id=2031035

https://bugzilla.redhat.com/show_bug.cgi?id=2031039

https://bugzilla.redhat.com/show_bug.cgi?id=2031041

https://bugzilla.redhat.com/show_bug.cgi?id=2033279

https://bugzilla.redhat.com/show_bug.cgi?id=2034602

https://bugzilla.redhat.com/show_bug.cgi?id=2035002

https://bugzilla.redhat.com/show_bug.cgi?id=2035177

https://bugzilla.redhat.com/show_bug.cgi?id=2035185

https://bugzilla.redhat.com/show_bug.cgi?id=2035237

https://bugzilla.redhat.com/show_bug.cgi?id=2035714

https://bugzilla.redhat.com/show_bug.cgi?id=2036178

https://bugzilla.redhat.com/show_bug.cgi?id=2037135

https://bugzilla.redhat.com/show_bug.cgi?id=2041480

https://bugzilla.redhat.com/show_bug.cgi?id=2041610

https://bugzilla.redhat.com/show_bug.cgi?id=2043584

https://bugzilla.redhat.com/show_bug.cgi?id=2045945

https://bugzilla.redhat.com/show_bug.cgi?id=2046172

https://bugzilla.redhat.com/show_bug.cgi?id=2050324

https://bugzilla.redhat.com/show_bug.cgi?id=2002694

https://bugzilla.redhat.com/show_bug.cgi?id=2002907

https://bugzilla.redhat.com/show_bug.cgi?id=2003071

https://bugzilla.redhat.com/show_bug.cgi?id=2003679

https://bugzilla.redhat.com/show_bug.cgi?id=2004416

https://bugzilla.redhat.com/show_bug.cgi?id=2004812

https://bugzilla.redhat.com/show_bug.cgi?id=2007129

https://bugzilla.redhat.com/show_bug.cgi?id=2009236

https://bugzilla.redhat.com/show_bug.cgi?id=2012385

https://bugzilla.redhat.com/show_bug.cgi?id=2012802

https://bugzilla.redhat.com/show_bug.cgi?id=2012806

https://bugzilla.redhat.com/show_bug.cgi?id=2012813

https://bugzilla.redhat.com/show_bug.cgi?id=2013916

https://bugzilla.redhat.com/show_bug.cgi?id=2017928

https://bugzilla.redhat.com/show_bug.cgi?id=2018173

https://bugzilla.redhat.com/show_bug.cgi?id=2018392

https://bugzilla.redhat.com/show_bug.cgi?id=2020630

https://bugzilla.redhat.com/show_bug.cgi?id=2021778

https://bugzilla.redhat.com/show_bug.cgi?id=2022604

https://bugzilla.redhat.com/show_bug.cgi?id=2022606

https://bugzilla.redhat.com/show_bug.cgi?id=2022607

https://bugzilla.redhat.com/show_bug.cgi?id=2022608

https://bugzilla.redhat.com/show_bug.cgi?id=2023279

https://bugzilla.redhat.com/show_bug.cgi?id=2024326

https://bugzilla.redhat.com/show_bug.cgi?id=2024419

https://bugzilla.redhat.com/show_bug.cgi?id=2025769

https://bugzilla.redhat.com/show_bug.cgi?id=2026834

https://bugzilla.redhat.com/show_bug.cgi?id=2027208

https://bugzilla.redhat.com/show_bug.cgi?id=2050697

https://bugzilla.redhat.com/show_bug.cgi?id=2050702

https://bugzilla.redhat.com/show_bug.cgi?id=2054597

https://bugzilla.redhat.com/show_bug.cgi?id=2059311

https://bugzilla.redhat.com/show_bug.cgi?id=2065314

Plugin Details

Severity: High

ID: 184718

File Name: rocky_linux_RLSA-2022-1759.nasl

Version: 1.1

Type: local

Published: 11/6/2023

Updated: 11/7/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.0

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 6

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2021-39263

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:rocky:linux:libguestfs-gfs2, p-cpe:/a:rocky:linux:libguestfs-tools-c, p-cpe:/a:rocky:linux:libguestfs-winsupport, p-cpe:/a:rocky:linux:libiscsi, p-cpe:/a:rocky:linux:libvirt-daemon-driver-nodedev-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-secret, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-core, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-logical-debuginfo, p-cpe:/a:rocky:linux:libvirt-lock-sanlock-debuginfo, p-cpe:/a:rocky:linux:nbdkit-gzip-plugin-debuginfo, p-cpe:/a:rocky:linux:nbdkit-tmpdisk-plugin, p-cpe:/a:rocky:linux:nbdkit-xz-filter-debuginfo, p-cpe:/a:rocky:linux:netcf-debuginfo, p-cpe:/a:rocky:linux:ocaml-libguestfs-debuginfo, p-cpe:/a:rocky:linux:python3-hivex, p-cpe:/a:rocky:linux:qemu-kvm-block-rbd, p-cpe:/a:rocky:linux:supermin-devel, p-cpe:/a:rocky:linux:swtpm-debuginfo, p-cpe:/a:rocky:linux:virt-dib-debuginfo, p-cpe:/a:rocky:linux:virt-v2v-debuginfo, p-cpe:/a:rocky:linux:hivex-debuginfo, p-cpe:/a:rocky:linux:hivex-debugsource, p-cpe:/a:rocky:linux:libguestfs-java-devel, p-cpe:/a:rocky:linux:libvirt-daemon, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-rbd-debuginfo, p-cpe:/a:rocky:linux:libvirt-lock-sanlock, p-cpe:/a:rocky:linux:lua-guestfs, p-cpe:/a:rocky:linux:nbdkit-server, p-cpe:/a:rocky:linux:perl-sys-guestfs, p-cpe:/a:rocky:linux:perl-sys-guestfs-debuginfo, p-cpe:/a:rocky:linux:perl-sys-virt-debuginfo, p-cpe:/a:rocky:linux:libguestfs-java-debuginfo, p-cpe:/a:rocky:linux:libguestfs-man-pages-uk, p-cpe:/a:rocky:linux:libnbd-devel, p-cpe:/a:rocky:linux:libtpms, p-cpe:/a:rocky:linux:libvirt-daemon-driver-interface-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi-direct-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-kvm, p-cpe:/a:rocky:linux:libvirt-nss-debuginfo, p-cpe:/a:rocky:linux:nbdkit-gzip-filter, p-cpe:/a:rocky:linux:nbdkit-linuxdisk-plugin-debuginfo, p-cpe:/a:rocky:linux:nbdkit-tmpdisk-plugin-debuginfo, p-cpe:/a:rocky:linux:perl-hivex-debuginfo, p-cpe:/a:rocky:linux:qemu-guest-agent, p-cpe:/a:rocky:linux:qemu-kvm-block-gluster-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-block-iscsi, p-cpe:/a:rocky:linux:sgabios-bin, p-cpe:/a:rocky:linux:swtpm-debugsource, p-cpe:/a:rocky:linux:swtpm-libs-debuginfo, p-cpe:/a:rocky:linux:virt-v2v, p-cpe:/a:rocky:linux:libguestfs-javadoc, p-cpe:/a:rocky:linux:libvirt-daemon-driver-interface, p-cpe:/a:rocky:linux:libvirt-daemon-driver-nwfilter-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-disk-debuginfo, p-cpe:/a:rocky:linux:libvirt-debuginfo, p-cpe:/a:rocky:linux:nbdkit-python-plugin, p-cpe:/a:rocky:linux:nbdkit-ssh-plugin, p-cpe:/a:rocky:linux:ocaml-libnbd-debuginfo, p-cpe:/a:rocky:linux:python3-libvirt, p-cpe:/a:rocky:linux:qemu-img, p-cpe:/a:rocky:linux:qemu-kvm-block-curl, p-cpe:/a:rocky:linux:qemu-kvm-block-rbd-debuginfo, p-cpe:/a:rocky:linux:sgabios, p-cpe:/a:rocky:linux:supermin-debuginfo, p-cpe:/a:rocky:linux:swtpm, p-cpe:/a:rocky:linux:libguestfs-debuginfo, p-cpe:/a:rocky:linux:libguestfs-man-pages-ja, p-cpe:/a:rocky:linux:libguestfs-tools-c-debuginfo, p-cpe:/a:rocky:linux:libiscsi-utils, p-cpe:/a:rocky:linux:libtpms-devel, p-cpe:/a:rocky:linux:nbdkit-example-plugins-debuginfo, p-cpe:/a:rocky:linux:nbdkit-gzip-filter-debuginfo, p-cpe:/a:rocky:linux:nbdkit-server-debuginfo, p-cpe:/a:rocky:linux:ocaml-hivex-debuginfo, p-cpe:/a:rocky:linux:perl-sys-virt, p-cpe:/a:rocky:linux:python3-libvirt-debuginfo, p-cpe:/a:rocky:linux:qemu-img-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-common-debuginfo, p-cpe:/a:rocky:linux:supermin, p-cpe:/a:rocky:linux:libguestfs-devel, p-cpe:/a:rocky:linux:libguestfs-gobject-debuginfo, p-cpe:/a:rocky:linux:libguestfs-xfs, p-cpe:/a:rocky:linux:libnbd-bash-completion, p-cpe:/a:rocky:linux:libtpms-debugsource, p-cpe:/a:rocky:linux:libvirt-daemon-driver-nodedev, p-cpe:/a:rocky:linux:libvirt-daemon-driver-nwfilter, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-disk, p-cpe:/a:rocky:linux:nbdkit-debugsource, p-cpe:/a:rocky:linux:nbdkit-gzip-plugin, p-cpe:/a:rocky:linux:nbdkit-vddk-plugin-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-block-curl-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-tests, p-cpe:/a:rocky:linux:virt-dib, p-cpe:/a:rocky:linux:libguestfs-rsync, p-cpe:/a:rocky:linux:libvirt-daemon-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-mpath, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-scsi, p-cpe:/a:rocky:linux:libvirt-python-debugsource, p-cpe:/a:rocky:linux:nbdkit-debuginfo, p-cpe:/a:rocky:linux:nbdkit-linuxdisk-plugin, p-cpe:/a:rocky:linux:nbdkit-ssh-plugin-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-block-gluster, p-cpe:/a:rocky:linux:qemu-kvm-block-ssh, p-cpe:/a:rocky:linux:qemu-kvm-core, p-cpe:/a:rocky:linux:swtpm-devel, p-cpe:/a:rocky:linux:libguestfs-inspect-icons, p-cpe:/a:rocky:linux:libvirt-daemon-driver-network, p-cpe:/a:rocky:linux:lua-guestfs-debuginfo, p-cpe:/a:rocky:linux:nbdfuse, p-cpe:/a:rocky:linux:nbdkit-basic-plugins-debuginfo, p-cpe:/a:rocky:linux:nbdkit-python-plugin-debuginfo, p-cpe:/a:rocky:linux:nbdkit-tar-filter, p-cpe:/a:rocky:linux:nbdkit-tar-filter-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-block-ssh-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-common, p-cpe:/a:rocky:linux:qemu-kvm-ui-opengl-debuginfo, p-cpe:/a:rocky:linux:supermin-debugsource, p-cpe:/a:rocky:linux:hivex, p-cpe:/a:rocky:linux:libiscsi-debuginfo, p-cpe:/a:rocky:linux:libiscsi-devel, p-cpe:/a:rocky:linux:libnbd, p-cpe:/a:rocky:linux:libvirt-libs, p-cpe:/a:rocky:linux:nbdfuse-debuginfo, p-cpe:/a:rocky:linux:nbdkit-bash-completion, p-cpe:/a:rocky:linux:nbdkit-nbd-plugin, p-cpe:/a:rocky:linux:netcf-devel, p-cpe:/a:rocky:linux:netcf-libs, p-cpe:/a:rocky:linux:ocaml-libnbd, p-cpe:/a:rocky:linux:qemu-guest-agent-debuginfo, p-cpe:/a:rocky:linux:seabios, p-cpe:/a:rocky:linux:swtpm-tools-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi-direct, p-cpe:/a:rocky:linux:libvirt-dbus-debugsource, p-cpe:/a:rocky:linux:netcf-debugsource, p-cpe:/a:rocky:linux:perl-hivex, p-cpe:/a:rocky:linux:python3-libguestfs, p-cpe:/a:rocky:linux:python3-libnbd-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-docs, p-cpe:/a:rocky:linux:qemu-kvm-ui-spice-debuginfo, p-cpe:/a:rocky:linux:libguestfs-rescue, p-cpe:/a:rocky:linux:libiscsi-utils-debuginfo, p-cpe:/a:rocky:linux:libvirt-client, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-core-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-gluster-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-rbd, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-scsi-debuginfo, p-cpe:/a:rocky:linux:libvirt-dbus, p-cpe:/a:rocky:linux:libvirt-wireshark-debuginfo, p-cpe:/a:rocky:linux:nbdkit-vddk-plugin, p-cpe:/a:rocky:linux:perl-sys-virt-debugsource, p-cpe:/a:rocky:linux:qemu-kvm-hw-usbredir-debuginfo, p-cpe:/a:rocky:linux:libguestfs-bash-completion, p-cpe:/a:rocky:linux:libguestfs-gobject, p-cpe:/a:rocky:linux:libvirt-client-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-secret-debuginfo, p-cpe:/a:rocky:linux:libvirt-docs, p-cpe:/a:rocky:linux:nbdkit-basic-filters, p-cpe:/a:rocky:linux:nbdkit-basic-plugins, p-cpe:/a:rocky:linux:nbdkit-xz-filter, p-cpe:/a:rocky:linux:netcf-libs-debuginfo, p-cpe:/a:rocky:linux:ocaml-hivex-devel, p-cpe:/a:rocky:linux:ocaml-libnbd-devel, p-cpe:/a:rocky:linux:python3-hivex-debuginfo, p-cpe:/a:rocky:linux:python3-libguestfs-debuginfo, p-cpe:/a:rocky:linux:python3-libnbd, p-cpe:/a:rocky:linux:qemu-kvm, p-cpe:/a:rocky:linux:qemu-kvm-debugsource, p-cpe:/a:rocky:linux:qemu-kvm-ui-opengl, p-cpe:/a:rocky:linux:ruby-libguestfs-debuginfo, p-cpe:/a:rocky:linux:libguestfs, p-cpe:/a:rocky:linux:libguestfs-tools, p-cpe:/a:rocky:linux:libiscsi-debugsource, p-cpe:/a:rocky:linux:libnbd-debuginfo, p-cpe:/a:rocky:linux:libnbd-debugsource, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-iscsi-debuginfo, p-cpe:/a:rocky:linux:nbdkit, p-cpe:/a:rocky:linux:nbdkit-curl-plugin-debuginfo, p-cpe:/a:rocky:linux:nbdkit-tar-plugin, p-cpe:/a:rocky:linux:qemu-kvm-block-iscsi-debuginfo, p-cpe:/a:rocky:linux:virt-v2v-bash-completion, p-cpe:/a:rocky:linux:libtpms-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-network-debuginfo, p-cpe:/a:rocky:linux:libvirt-daemon-driver-qemu-debuginfo, p-cpe:/a:rocky:linux:libvirt-devel, p-cpe:/a:rocky:linux:nbdkit-curl-plugin, p-cpe:/a:rocky:linux:nbdkit-nbd-plugin-debuginfo, p-cpe:/a:rocky:linux:nbdkit-tar-plugin-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-hw-usbredir, p-cpe:/a:rocky:linux:ruby-libguestfs, p-cpe:/a:rocky:linux:swtpm-tools-pkcs11, p-cpe:/a:rocky:linux:virt-v2v-debugsource, p-cpe:/a:rocky:linux:virt-v2v-man-pages-ja, p-cpe:/a:rocky:linux:hivex-devel, p-cpe:/a:rocky:linux:libguestfs-debugsource, p-cpe:/a:rocky:linux:libguestfs-gobject-devel, p-cpe:/a:rocky:linux:libguestfs-java, p-cpe:/a:rocky:linux:libvirt, p-cpe:/a:rocky:linux:libvirt-daemon-config-nwfilter, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-logical, p-cpe:/a:rocky:linux:libvirt-debugsource, p-cpe:/a:rocky:linux:libvirt-libs-debuginfo, p-cpe:/a:rocky:linux:libvirt-wireshark, p-cpe:/a:rocky:linux:nbdkit-devel, p-cpe:/a:rocky:linux:nbdkit-example-plugins, p-cpe:/a:rocky:linux:ocaml-libguestfs, p-cpe:/a:rocky:linux:ocaml-libguestfs-devel, p-cpe:/a:rocky:linux:ruby-hivex, p-cpe:/a:rocky:linux:seavgabios-bin, p-cpe:/a:rocky:linux:virt-v2v-man-pages-uk, cpe:/o:rocky:linux:8, p-cpe:/a:rocky:linux:libguestfs-appliance, p-cpe:/a:rocky:linux:libvirt-daemon-config-network, p-cpe:/a:rocky:linux:libvirt-daemon-driver-qemu, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-gluster, p-cpe:/a:rocky:linux:libvirt-daemon-driver-storage-mpath-debuginfo, p-cpe:/a:rocky:linux:libvirt-dbus-debuginfo, p-cpe:/a:rocky:linux:libvirt-nss, p-cpe:/a:rocky:linux:nbdkit-basic-filters-debuginfo, p-cpe:/a:rocky:linux:netcf, p-cpe:/a:rocky:linux:ocaml-hivex, p-cpe:/a:rocky:linux:qemu-kvm-core-debuginfo, p-cpe:/a:rocky:linux:qemu-kvm-ui-spice, p-cpe:/a:rocky:linux:ruby-hivex-debuginfo, p-cpe:/a:rocky:linux:seabios-bin, p-cpe:/a:rocky:linux:swtpm-libs, p-cpe:/a:rocky:linux:swtpm-tools

Required KB Items: Host/local_checks_enabled, Host/RockyLinux/release, Host/RockyLinux/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/10/2022

Vulnerability Publication Date: 5/26/2021

Reference Information

CVE: CVE-2021-20196, CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-3622, CVE-2021-3716, CVE-2021-3748, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263, CVE-2021-3975, CVE-2021-4145, CVE-2021-4158, CVE-2022-0485