Oracle Linux 8:virt:kvm_utils3 (ELSA-2024-12604)

medium Nessus 插件 ID 206426

简介

远程 Oracle Linux 主机缺少一个或多个安全更新。

描述

远程 Oracle Linux 8 主机上安装的程序包受到 ELSA-2024-12604 公告中提及的多个漏洞影响。

- 修复 CVE-2022-0485:如果 NBD 读取或写入失败,则 nbdcopy 失败,解决了:rhbz#2045718
- 包含针对 NBD 协议降级攻击的补丁 (CVE-2019-14842)。
- rpc:确保从客户端事件循环中删除临时 GSource (Daniel P. Berrange) [Orabug: 36821472] {CVE-2024-4418}
- 修复 udevListInterfacesByStatus 中的差一错误 (Martin Kletzander) [Orabug: 36364464] {CVE-2024-1441}
- storage:修复从“virStoragePoolObjListSearch”返回的锁定对象 (Peter Krempa) [Orabug:
35644221] {CVE-2023-3750}
- virpci:解决 virPCIVirtualFunctionList 清理中的泄漏 (Tim Shearer) [Orabug: 35395469] {CVE-2023-2700}
- qemu:删除使用 qemuDomainObjBeginJobWithAgent() (Jonathon Jongsma) [Orabug: 31990187] {CVE-2019-20485}
- qemu:agent:释放后将 ifname 设置为空 (Jan Tomko) [Orabug: 31964426] {CVE-2020-25637}
- rpc:需要为 virDomainInterfaceAddresses 中的来宾机代理写入 acl (Jan Tomko) [Orabug: 31964426] {CVE-2020-25637}
- rpc:通过 uint 参数对过滤 @acls 添加支持 (Jan Tomko) [Orabug:31964426] {CVE-2020-25637}
- rpc:gendispatch:处理空标记 (Jan Tomko) [Orabug: 31964426] {CVE-2020-25637}
- storage:通过 targetpath 修复查找存储池时的后台程序崩溃 (Yi Li) [Orabug: 31439483] {CVE-2020-10703}
- qemuDomainGetStatsIOThread:不要泄漏带有 0 iothreads 的数组 (Peter Krempa) [Orabug: 31251756] {CVE-2020-12430}
- qemu:不要同时暂停两个作业 (Jonathon Jongsma) [Orabug: 31073098] {CVE-2019-20485}
- hw/virtio/virtio-crypto:保护出现 DMA 重新进入缺陷 (Philippe Mathieu-Daude) [Orabug: 36869694] {CVE-2024-3446}
- hw/char/virtio-serial-bus:保护出现 DMA 重新进入缺陷 (Philippe Mathieu-Daude) [Orabug: 36869694] {CVE-2024-3446}
- hw/display/virtio-gpu:保护出现 DMA 重新进入缺陷 (Philippe Mathieu-Daude) [Orabug: 36869694] {CVE-2024-3446}
- hw/virtio:引入 virtio_bh_new_guarded() 帮助程序 (Philippe Mathieu-Daude) [Orabug: 36869694] {CVE-2024-3446}
- pcie_sriov:验证 NumVFs (Akihiko Odaki) [Orabug: 36314082] {CVE-2024-26327}
- hw/nvme:使用 pcie_sriov_num_vfs() (Akihiko Odaki) [Orabug: 36314111] {CVE-2024-26328}
- pcie:引入 pcie_sriov_num_vfs() (Akihiko Odaki) [Orabug: 36314111] {CVE-2024-26328}
- qcow2:不要使用 BDRV_O_NO_IO 打开 data_file (Kevin Wolf) [Orabug: 36801853] {CVE-2024-4467}
- hw/sd/sdhci:设置命令禁止 (DAT) 时,不更新 TRNMOD (hilippe Mathieu-Daude) [Orabug:
36575206] {CVE-2024-3447}
- ui/clipboard:为更新和请求添加断言 (Fiona Ebner) [Orabug: 36323175] {CVE-2023-6683}
- ui/clipboard:当没有数据时,将类型标记为不可用 (Fiona Ebner) [Orabug: 36323175] {CVE-2023-6683}
- virtio-net:刷新 TX 时正确复制 vnet 标头 (Jason Wang) [Orabug: 36154459] {CVE-2023-6693}
- esp:将非 DMA 传输长度限制为可用数据的长度 (Mark Cave-Ayland) [Orabug: 36322141] {CVE-2024-24474}
- net:更新 NIC 的 MemReentrancyGuard (Akihiko Odaki) [Orabug: 35644197] {CVE-2023-3019}
- net:为 qemu_new_nic() 提供 MemReentrancyGuard * (Akihiko Odaki) [Orabug: 35644197] {CVE-2023-3019}
- lsi53c895a:对 MMIO 区域也禁用重入检测 (Thomas Huth) [Orabug: 33774027] {CVE-2021-3750}
- memory:在取消设置 engaged_in_io 之前执行更严格的检查 (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- async:避免在重入防护上的释放后使用 (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- apic:禁用 apic-msi 的重入检测 (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- raven:禁用 iomem 的重入检测 (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- bcm2835_property:禁用 iomem 的重入检测 (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- lsi53c895a:禁用脚本 RAM 的重入检测 (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- hw:将大多数 qemu_bh_new 调用替换为 qemu_bh_new_guarded (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- checkpatch:添加 qemu_bh_new/aio_bh_new 检查 (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- async:向 BH API 添加可选的重入保护 (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- memory:防止 dma-reentracy 问题 (Alexander Bulekov) [Orabug: 33774027] {CVE-2021-3750}
- hw/scsi/scsi-disk:不允许小于 512 的区块大小 [CVE-2023-42467] (Thomas Huth) [Orabug:
35808564] {CVE-2023-42467}
- tests/qtest: ahci-test:添加测试,暴露待定回调的重置问题 (Fiona Ebner) [Orabug:
35977245] {CVE-2023-5088}
- hw/ide: reset:在重置状态前取消异步 DMA 操作 (Fiona Ebner) [Orabug: 35977245] {CVE-2023-5088}
- virtio-crypto:验证 sym 请求的 src&dst 缓冲区长度 (zhenwei pi) [Orabug: 35683774] {CVE-2023-3180}
- io:如果在握手期间关闭 TLS 通道,则删除 io 监视 (Daniel P. Berrange) [Orabug: 35683826] {CVE-2023-3354}
- ui/vnc-clipboard:修复 inflate_buffer 中的无限循环 (CVE-2023-3255) (Mauro Matteo Cascella) [Orabug:
35683770] {CVE-2023-3255}
- hw/scsi/lsi53c895a:修复 LSI 控制器中的可重新进入问题 (CVE-2023-0330) (Thomas Huth) [Orabug:
35683817] {CVE-2023-0330}
- vhost-vdpa:如果对等 nic 存在,则不清除 vdpa/vhost-net 结构 (Ani Sinha) [Orabug:
35649138] {CVE-2023-3301}
- 9pfs:防止打开特殊文件 (CVE-2023-2861) (Christian Schoenebeck) [Orabug: 35570017] {CVE-2023-2861}
- display/qxl-render:修复 qxl_cursor 中的争用条件 (CVE-2021-4207) (Mauro Matteo Cascella) [Orabug:
34591445] {CVE-2021-4207}
- ui/cursor:修复 cursor_alloc 中的整数溢出 (CVE-2021-4206) (Mauro Matteo Cascella) [Orabug:
34591281] {CVE-2021-4206}
- scsi/lsi53c895a:真正修复 lsi_do_msgout 中的释放后使用 (CVE-2022-0216) (Mauro Matteo Cascella) [Orabug: 34590706] {CVE-2022-0216}
- scsi/lsi53c895a:修复 lsi_do_msgout 中的释放后使用 (CVE-2022-0216) (Mauro Matteo Cascella) [Orabug:
34590706] {CVE-2022-0216}
- tests/qtest:添加 fuzz-lsi53c895a-test (Philippe Mathieu-Daude) [Orabug: 34590706] {CVE-2022-0216}
- hw/scsi/lsi53c895a:请求 DMA 且无数据排队时不中止 (Philippe Mathieu-Daude) [Orabug:
34590706] {CVE-2022-0216}
- virtio-net:修复接收期间出错时的映射泄漏 (Jason Wang) [Orabug: 34538375] {CVE-2022-26353}
- vhost-vsock:出错时分离 virqueue 元素 (Stefano Garzarella) [Orabug: 33941752] {CVE-2022-26354}
- block/mirror:修复 mirror_wait_on_conflicts() 中的空指针取消引用 (Stefano Garzarella) [Orabug:
33916572] {CVE-2021-4145}
- virtiofsd:终止所有附属组的成员资格 (CVE-2022-0358) (Vivek Goyal) [Orabug:33816690] {CVE-2022-0358}
- acpi:验证访问时的热插拔选择器 (Michael S. Tsirkin) [Orabug: 33816625] {CVE-2021-4158}
- 将 CVE-2021-4158 和 CVE-2021-3947 记录为已修复 (Mark Kanda) [Orabug:33719302] [Orabug: 33754145] {CVE-2021-4158} {CVE-2021-3947}
- hw/block/fdc:Kludge 缺少软盘驱动以修复 CVE-2021-20196 (Philippe Mathieu-Daude) [Orabug:
32439466] {CVE-2021-20196}
- hw/block/fdc:提取 blk_create_empty_drive() (Philippe Mathieu-Daude) [Orabug: 32439466] {CVE-2021-20196}
- net: vmxnet3:在激活期间验证配置值 (CVE-2021-20203) (Prasad J Pandit) [Orabug:
32559476] {CVE-2021-20203}
- lan9118:切换为使用 qemu_receive_packet() 用于环回 (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
- pcnet:切换为使用 qemu_receive_packet() 用于环回 (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
- rtl8139:切换为使用 qemu_receive_packet() 用于环回 (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
- tx_pkt:切换为使用 qemu_receive_packet_iov() 用于环回 (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- sungem:切换为使用 qemu_receive_packet() 用于环回 (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- dp8393x:切换为使用 qemu_receive_packet() 用于环回包 (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- e1000:切换为使用 qemu_receive_packet() 用于环回 (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- net:引入 qemu_receive_packet() (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- 更新 slirp 以解决多个 CVE (Mark Kanda) [Orabug: 32208456] [Orabug: 33014409] [Orabug:
33014414] [Orabug: 33014417] [Orabug: 33014420] {CVE-2020-29129} {CVE-2020-29130} {CVE-2021-3592} {CVE-2021-3593} {CVE-2021-3594} {CVE-2021-3595}
- uas:添加流编号健全性检查 (Gerd Hoffmann) [Orabug: 33280793] {CVE-2021-3713}
- usbredir:修复自由调用 (Gerd Hoffmann) [Orabug: 33198441] {CVE-2021-3682}
- hw/scsi/scsi-disk:MODE SELECT 命令中不允许 MODE_PAGE_ALLS (Mauro Matteo Cascella) [Orabug:
33548490] {CVE-2021-3930}
- e1000:修复 tx 重新进入问题 (Jon Maloy) [Orabug: 32560552] {CVE-2021-20257}
- pvrdma:修复环 init 错误流 (Marcel Apfelbaum) [Orabug: 33120142] {CVE-2021-3608}
- pvrdma:确保环 init 上的输入正确 (Marcel Apfelbaum) [Orabug: 33120146] {CVE-2021-3607}
- hw/rdma:修复 pvrdma 设备中可能的 mremap 溢出 (Marcel Apfelbaum) [Orabug: 33120084] {CVE-2021-3582}
- vhost-user-gpu:重新排序自由调用 (Gerd Hoffmann) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu:提取 vg_cleanup_mapping_iov (Li Qiang) [Orabug: 32950716] {CVE-2021-3546}
- vhost-user-gpu:修复“virgl_cmd_get_capset”中的越界写入 (Li Qiang) [Orabug: 32950716] {CVE-2021-3546}
- vhost-user-gpu:修复“virgl_resource_attach_backing”中的内存泄漏 (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu:修复“virgl_cmd_resource_unref”中的内存泄漏 (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu:修复调用“vg_resource_unref”时的内存泄漏 (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu:修复 vg_resource_attach_backing 中的内存泄漏 (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu:修复“vg_resource_create_2d”中的资源泄漏 (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu:修复 virgl_cmd_get_capset_info 中的内存泄漏 (Li Qiang) [Orabug: 32950716] {CVE-2021-3545}
- usb:将合并的数据包限制为 1 MiB (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527}
- usb/redir:避免动态堆栈分配 (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527}
- mptsas:删除未使用的 MPTSASState“待定”字段 (Michael Tokarev) [Orabug: 32470463] {CVE-2021-3392}
- e1000:恶意描述符提前失败 (Jason Wang) [Orabug: 32560552] {CVE-2021-20257}
- 文档 CVE-2020-27661 为已修复 (Mark Kanda) [Orabug: 32960200] {CVE-2020-27661}
- imx7-ccm:添加 digprog mmio 写入方法 (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- tz-ppc:添加虚拟读取/写入方法 (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- spapr_pci:添加 spapr msi 读取方法 (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- nvram:添加 nrf51_soc 闪存读取方法 (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- prep:添加 ppc-parity 写入方法 (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- vfio:添加 quirk 设备写入方法 (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- pci-host:designware:添加 pcie-ms 读取方法 (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- hw/pci-host:添加 pci-intack 写入方法 (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- hw/intc/arm_gic:修复 GICD_SGIR 寄存器中的中断 ID (Philippe Mathieu-Daude) [Orabug: 32470471] {CVE-2021-20221}
- memory:在指向 MMIO 区域的情况下限制缓存的转换 (Paolo Bonzini) [Orabug: 32252673] {CVE-2020-27821}
- hw/sd/sdhci:修复 DMA 传输块大小字段 (Philippe Mathieu-Daude) [Orabug: 32613470] {CVE-2021-3409}
- 9pfs:完全重新启动取消回收循环 (CVE-2021-20181) (Greg Kurz) [Orabug: 32441198] {CVE-2021-20181}
- ide:atapi:检查逻辑块地址和读取大小 (CVE-2020-29443) (Prasad J Pandit) [Orabug:
32393835] {CVE-2020-29443}
- 文档 CVE-2019-20808 为已修复 (Mark Kanda) [Orabug: 32339196] {CVE-2019-20808}
- block/iscsi:修复 iscsi_aio_ioctl_cb 中的堆缓冲区溢出 (Chen Qun) [Orabug: 32339207] {CVE-2020-11947}
- net:删除 eth_get_gso_type 中的断言调用 (Prasad J Pandit) [Orabug: 32102583] {CVE-2020-27617}
- 文档 CVE-2020-25723 为已修复 (Mark Kanda) [Orabug: 32222397] {CVE-2020-25723}
- hw/net/e1000e:若是空描述符,则推进 desc_offset (Prasad J Pandit) [Orabug: 32217517] {CVE-2020-28916}
- libslirp:更新版本以包含 CVE 补丁 (Mark Kanda) [Orabug: 32208456] [Orabug: 32208462] {CVE-2020-29129} {CVE-2020-29130}
- 文档 CVE-2020-25624 为已修复 (Mark Kanda) [Orabug: 32212527] {CVE-2020-25624}
- ati:检查 x y 显示参数值 (Prasad J Pandit) [Orabug: 32108251] {CVE-2020-27616}
- hw:hw:usb:hcd-ohci:退出前检查已处理的 TD (Prasad J Pandit) [Orabug: 31901690] {CVE-2020-25625}
- hw:hcd-ohci:检查 len 和 frame_number 变量 (Prasad J Pandit) [Orabug: 31901690] {CVE-2020-25625}
- hw:ehci:检查“usb_packet_map”的返回值 (Li Qiang) [Orabug: 31901649] {CVE-2020-25084}
- hw:xhci:检查“usb_packet_map”的返回值 (Li Qiang) [Orabug: 31901649] {CVE-2020-25084}
- usb:修复 setup_len init (CVE-2020-14364) (Gerd Hoffmann) [Orabug: 31848849] {CVE-2020-14364}
- 将 CVE-2020-12829 和 CVE-2020-14415 记录为已修复 (Mark Kanda) [Orabug: 31855502] [Orabug: 31855427] {CVE-2020-12829} {CVE-2020-14415}
- hw/net/xgmac:修复 xgmac_enet_send() 中的缓冲区溢出 (Mauro Matteo Cascella) [Orabug: 31667649] {CVE-2020-15863}
- hw/net/net_tx_pkt:修复 net_tx_pkt_add_raw_fragment() 中的断言失败 (Mauro Matteo Cascella) [Orabug: 31737809] {CVE-2020-16092}
- hw/sd/sdcard:如果地址无效,则不切换到 ReceivingData (Philippe Mathieu-Daude) [Orabug:
31414336] {CVE-2020-13253}
- hw/sd/sdcard:不允许无效的 SD 卡大小 (Philippe Mathieu-Daude) [Orabug: 31414336] {CVE-2020-13253}
- libslirp:更新到 v4.3.1 以修复 CVE-2020-10756 (Karl Heubaum) [Orabug:31604999] {CVE-2020-10756}
- 将 CVE 记录为已修复 2/2 (Karl Heubaum) [Orabug: 30618035] {CVE-2017-18043} {CVE-2018-10839} {CVE-2018-11806} {CVE-2018-12617} {CVE-2018-15746} {CVE-2018-16847} {CVE-2018-16867} {CVE-2018-17958} {CVE-2018-17962} {CVE-2018-17963} {CVE-2018-18849} {CVE-2018-19364} {CVE-2018-19489} {CVE-2018-3639} {CVE-2018-5683} {CVE-2018-7550} {CVE-2018-7858} {CVE-2019-12068} {CVE-2019-15034} {CVE-2019-15890} {CVE-2019-20382} {CVE-2020-10702} {CVE-2020-10761} {CVE-2020-11102} {CVE-2020-11869} {CVE-2020-13361} {CVE-2020-13765} {CVE-2020-13800} {CVE-2020-1711} {CVE-2020-1983} {CVE-2020-8608}
- 将 CVE 记录为已修复 1/2 (Karl Heubaum) [Orabug: 30618035] {CVE-2017-10806} {CVE-2017-11334} {CVE-2017-12809} {CVE-2017-13672} {CVE-2017-13673} {CVE-2017-13711} {CVE-2017-14167} {CVE-2017-15038} {CVE-2017-15119} {CVE-2017-15124} {CVE-2017-15268} {CVE-2017-15289} {CVE-2017-16845} {CVE-2017-17381} {CVE-2017-18030} {CVE-2017-2630} {CVE-2017-2633} {CVE-2017-5715} {CVE-2017-5753} {CVE-2017-5754} {CVE-2017-5931} {CVE-2017-6058} {CVE-2017-7471} {CVE-2017-7493} {CVE-2017-8112} {CVE-2017-8309} {CVE-2017-8379} {CVE-2017-8380} {CVE-2017-9503} {CVE-2017-9524} {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2018-16872} {CVE-2018-20123} {CVE-2018-20124} {CVE-2018-20125} {CVE-2018-20126} {CVE-2018-20191} {CVE-2018-20216} {CVE-2018-20815} {CVE-2019-11091} {CVE-2019-12155} {CVE-2019-14378} {CVE-2019-3812} {CVE-2019-5008} {CVE-2019-6501} {CVE-2019-6778} {CVE-2019-8934} {CVE-2019-9824}
- exec:返回空值时将映射长度设置为零 (Prasad J Pandit) [Orabug: 31439733] {CVE-2020-13659}
- megasas:将未签名类型用于 reply_queue_head 并检查索引 (Prasad J Pandit) [Orabug: 31414338] {CVE-2020-13362}
- memory:恢复“memory:接受 memory_region_access_valid 中的不匹配大小”(Michael S. Tsirkin) [Orabug: 31439736] [Orabug: 31452202] {CVE-2020-13754} {CVE-2020-13791}
- 将 CVE-2020-13765 记录为已修复 (Karl Heubaum) [Orabug: 31463250] {CVE-2020-13765}
- ati-vga:在递归调用前检查 mm_index (CVE-2020-13800) (Prasad J Pandit) [Orabug: 31452206] {CVE-2020-13800}
- es1370:针对当前帧检查总帧计数 (Prasad J Pandit) [Orabug: 31463235] {CVE-2020-13361}
- ati-vga:修复 ati_2d_blt() 中的检查以避免崩溃 (BALATON Zoltan) [Orabug: 31238432] {CVE-2020-11869}
- libslirp:更新到稳定的 v4.2 以修复 CVE-2020-1983 (Karl Heubaum) [Orabug: 31241227] {CVE-2020-1983}
- 将 CVE 记录为已修复 (Karl Heubaum) {CVE-2019-12068} {CVE-2019-15034}
- libslirp:更新到版本 4.2.0 以修复 CVE (Karl Heubaum) [Orabug: 30274592] [Orabug: 30869830] {CVE-2019-15890} {CVE-2020-8608}
- vnc:当 vnc 断开连接时,修复内存泄漏 (Li Qiang) [Orabug: 30996427] {CVE-2019-20382}
- iscsi:来自 GET LBA STATUS 的端点块计数 (CVE-2020-1711) (Felipe Franciosi) [Orabug: 31124035] {CVE-2020-1711}

Tenable 已直接从 Oracle Linux 安全公告中提取上述描述块。

请注意,Nessus 尚未测试这些问题,而是只依据应用程序自我报告的版本号进行判断。

解决方案

更新受影响的程序包。

另见

https://linux.oracle.com/errata/ELSA-2024-12604.html

插件详情

严重性: Medium

ID: 206426

文件名: oraclelinux_ELSA-2024-12604.nasl

版本: 1.4

类型: local

代理: unix

发布时间: 2024/9/2

最近更新时间: 2025/5/8

支持的传感器: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

风险信息

VPR

风险因素: Medium

分数: 6.7

CVSS v2

风险因素: Medium

基本分数: 6.8

时间分数: 5

矢量: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS 分数来源: CVE-2024-4467

CVSS v3

风险因素: Medium

基本分数: 6

时间分数: 5.2

矢量: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

时间矢量: CVSS:3.0/E:U/RL:O/RC:C

CVSS 分数来源: CVE-2024-26328

漏洞信息

CPE: p-cpe:/a:oracle:linux:libvirt-daemon-config-nwfilter, p-cpe:/a:oracle:linux:nbdkit-linuxdisk-plugin, p-cpe:/a:oracle:linux:libguestfs-gfs2, p-cpe:/a:oracle:linux:libiscsi-devel, p-cpe:/a:oracle:linux:sgabios-bin, p-cpe:/a:oracle:linux:libguestfs-bash-completion, p-cpe:/a:oracle:linux:qemu-kvm-block-gluster, p-cpe:/a:oracle:linux:ruby-libguestfs, p-cpe:/a:oracle:linux:netcf, p-cpe:/a:oracle:linux:libvirt-lock-sanlock, p-cpe:/a:oracle:linux:libguestfs-javadoc, p-cpe:/a:oracle:linux:libguestfs-rsync, p-cpe:/a:oracle:linux:nbdkit-tar-filter, p-cpe:/a:oracle:linux:virt-dib, p-cpe:/a:oracle:linux:libvirt-nss, p-cpe:/a:oracle:linux:libguestfs-tools-c, p-cpe:/a:oracle:linux:perl-sys-guestfs, cpe:/a:oracle:linux:8::kvm_appstream, p-cpe:/a:oracle:linux:nbdkit-gzip-plugin, p-cpe:/a:oracle:linux:libvirt, p-cpe:/a:oracle:linux:virt-v2v-man-pages-uk, p-cpe:/a:oracle:linux:nbdkit, p-cpe:/a:oracle:linux:qemu-kvm-block-ssh, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-rbd, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-gluster, p-cpe:/a:oracle:linux:libvirt-libs, p-cpe:/a:oracle:linux:nbdkit-tmpdisk-plugin, p-cpe:/a:oracle:linux:libvirt-daemon-config-network, p-cpe:/a:oracle:linux:libvirt-daemon-driver-qemu, p-cpe:/a:oracle:linux:nbdkit-vddk-plugin, p-cpe:/a:oracle:linux:swtpm-tools-pkcs11, p-cpe:/a:oracle:linux:libiscsi, p-cpe:/a:oracle:linux:libvirt-dbus, p-cpe:/a:oracle:linux:qemu-kvm, p-cpe:/a:oracle:linux:swtpm-devel, p-cpe:/a:oracle:linux:libguestfs-gobject-devel, p-cpe:/a:oracle:linux:hivex-devel, p-cpe:/a:oracle:linux:libguestfs-tools, p-cpe:/a:oracle:linux:qemu-kvm-block-rbd, p-cpe:/a:oracle:linux:libguestfs-devel, p-cpe:/a:oracle:linux:nbdkit-basic-plugins, p-cpe:/a:oracle:linux:python3-libguestfs, p-cpe:/a:oracle:linux:perl-hivex, p-cpe:/a:oracle:linux:nbdkit-nbd-plugin, p-cpe:/a:oracle:linux:libvirt-daemon-kvm, p-cpe:/a:oracle:linux:nbdkit-xz-filter, p-cpe:/a:oracle:linux:qemu-guest-agent, p-cpe:/a:oracle:linux:libguestfs-man-pages-ja, p-cpe:/a:oracle:linux:nbdkit-tar-plugin, p-cpe:/a:oracle:linux:nbdkit-bash-completion, p-cpe:/a:oracle:linux:libguestfs-java-devel, p-cpe:/a:oracle:linux:libvirt-daemon-driver-nwfilter, p-cpe:/a:oracle:linux:nbdkit-ssh-plugin, p-cpe:/a:oracle:linux:virt-v2v-bash-completion, p-cpe:/a:oracle:linux:libvirt-docs, p-cpe:/a:oracle:linux:nbdfuse, p-cpe:/a:oracle:linux:virt-v2v-man-pages-ja, p-cpe:/a:oracle:linux:libvirt-daemon-driver-interface, p-cpe:/a:oracle:linux:supermin, p-cpe:/a:oracle:linux:libvirt-client, p-cpe:/a:oracle:linux:libguestfs-xfs, p-cpe:/a:oracle:linux:libvirt-client-qemu, p-cpe:/a:oracle:linux:libnbd-bash-completion, p-cpe:/a:oracle:linux:virt-v2v, p-cpe:/a:oracle:linux:libnbd, p-cpe:/a:oracle:linux:nbdkit-curl-plugin, p-cpe:/a:oracle:linux:libnbd-devel, p-cpe:/a:oracle:linux:libguestfs-rescue, p-cpe:/a:oracle:linux:libtpms-devel, p-cpe:/a:oracle:linux:hivex, p-cpe:/a:oracle:linux:libvirt-daemon-driver-network, p-cpe:/a:oracle:linux:seabios-bin, cpe:/a:oracle:exadata_dbserver:24.1.4.0.0::ol8, p-cpe:/a:oracle:linux:nbdkit-gzip-filter, p-cpe:/a:oracle:linux:libguestfs, p-cpe:/a:oracle:linux:libguestfs-gobject, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-mpath, p-cpe:/a:oracle:linux:libguestfs-winsupport, p-cpe:/a:oracle:linux:libvirt-daemon-driver-nodedev, p-cpe:/a:oracle:linux:libguestfs-appliance, p-cpe:/a:oracle:linux:nbdkit-python-plugin, p-cpe:/a:oracle:linux:supermin-devel, p-cpe:/a:oracle:linux:seavgabios-bin, p-cpe:/a:oracle:linux:seabios, p-cpe:/a:oracle:linux:libguestfs-java, p-cpe:/a:oracle:linux:libvirt-devel, p-cpe:/a:oracle:linux:netcf-devel, p-cpe:/a:oracle:linux:qemu-virtiofsd, p-cpe:/a:oracle:linux:swtpm-tools, p-cpe:/a:oracle:linux:qemu-kvm-block-iscsi, p-cpe:/a:oracle:linux:swtpm-libs, p-cpe:/a:oracle:linux:python3-hivex, p-cpe:/a:oracle:linux:libvirt-daemon, p-cpe:/a:oracle:linux:nbdkit-basic-filters, p-cpe:/a:oracle:linux:ruby-hivex, p-cpe:/a:oracle:linux:libiscsi-utils, p-cpe:/a:oracle:linux:python3-libnbd, p-cpe:/a:oracle:linux:libguestfs-inspect-icons, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-disk, p-cpe:/a:oracle:linux:libguestfs-man-pages-uk, p-cpe:/a:oracle:linux:perl-sys-virt, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-scsi, p-cpe:/a:oracle:linux:python3-libvirt, p-cpe:/a:oracle:linux:sgabios, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-core, p-cpe:/a:oracle:linux:nbdkit-server, p-cpe:/a:oracle:linux:nbdkit-example-plugins, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage, p-cpe:/a:oracle:linux:qemu-kvm-common, p-cpe:/a:oracle:linux:lua-guestfs, p-cpe:/a:oracle:linux:libvirt-wireshark, p-cpe:/a:oracle:linux:libvirt-daemon-driver-secret, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi, p-cpe:/a:oracle:linux:netcf-libs, p-cpe:/a:oracle:linux:libtpms, p-cpe:/a:oracle:linux:nbdkit-devel, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-logical, p-cpe:/a:oracle:linux:libvirt-daemon-driver-storage-iscsi-direct, p-cpe:/a:oracle:linux:qemu-img, p-cpe:/a:oracle:linux:swtpm, p-cpe:/a:oracle:linux:qemu-kvm-block-curl, p-cpe:/a:oracle:linux:qemu-kvm-core, cpe:/o:oracle:linux:8

必需的 KB 项: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

易利用性: No known exploits are available

补丁发布日期: 2024/9/2

漏洞发布日期: 2024/2/19

参考资料信息

CVE: CVE-2024-26327, CVE-2024-26328, CVE-2024-3446, CVE-2024-4418, CVE-2024-4467