RHSA-2022:7959: Red Hat Security Advisory: guestfs-tools security, bug fix, and enhancement update

Skip to navigation Skip to main content

Utilities

• Subscriptions
• Downloads
• Containers
• Support Cases

Infrastructure and Management

• Red Hat Enterprise Linux
• Red Hat Virtualization
• Red Hat Identity Management
• Red Hat Directory Server
• Red Hat Certificate System
• Red Hat Satellite
• Red Hat Subscription Management
• Red Hat Update Infrastructure
• Red Hat Insights
• Red Hat Ansible Automation Platform

Cloud Computing

• Red Hat OpenShift
• Red Hat CloudForms
• Red Hat OpenStack Platform
• Red Hat OpenShift Container Platform
• Red Hat OpenShift Data Science
• Red Hat OpenShift Online
• Red Hat OpenShift Dedicated
• Red Hat Advanced Cluster Security for Kubernetes
• Red Hat Advanced Cluster Management for Kubernetes
• Red Hat Quay
• Red Hat CodeReady Workspaces
• Red Hat OpenShift Service on AWS

Storage

• Red Hat Gluster Storage
• Red Hat Hyperconverged Infrastructure
• Red Hat Ceph Storage
• Red Hat OpenShift Data Foundation

Runtimes

• Red Hat Runtimes
• Red Hat JBoss Enterprise Application Platform
• Red Hat Data Grid
• Red Hat JBoss Web Server
• Red Hat Single Sign On
• Red Hat support for Spring Boot
• Red Hat build of Node.js
• Red Hat build of Thorntail
• Red Hat build of Eclipse Vert.x
• Red Hat build of OpenJDK
• Red Hat build of Quarkus

Integration and Automation

• Red Hat Process Automation
• Red Hat Process Automation Manager
• Red Hat Decision Manager

All Products

Issued:

2022-11-15

Updated:

2022-11-15

RHSA-2022:7959 - Security Advisory

• Overview
• Updated Packages

Synopsis

Low: guestfs-tools security, bug fix, and enhancement update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for guestfs-tools is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

guestfs-tools is a set of tools that can be used to make batch configuration changes to guests, get disk used/free statistics, perform backups and guest clones, change registry/UUID/hostname info, build guests from scratch, and much more.

Security Fix(es):

• libguestfs: Buffer overflow in get_keys leads to DoS (CVE-2022-2211)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.

Affected Products

• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

• BZ - 2059286 - RFE: Rebase guestfs-tools to 1.48 in RHEL 9.1
• BZ - 2072493 - [RFE] Request to add lvm system.devices cleanup operation to virt-sysprep
• BZ - 2075718 - Having to use “–selinux-relabel” is not intuitive given Red Hat products default to selinux enabled.
• BZ - 2089748 - Removal of “–selinux-relabel” option breaks existing scripts
• BZ - 2100862 - CVE-2022-2211 libguestfs: Buffer overflow in get_keys leads to DoS
• BZ - 2106286 - virt-sysprep: make an effort to support LUKS on LV

References

• https://access.redhat.com/security/updates/classification/#low
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

Red Hat Enterprise Linux for x86_64 9

SRPM

guestfs-tools-1.48.2-5.el9.src.rpm

SHA-256: 3e841f406d1199668a8ef6ac25a0945db33adc06a8d256bfd8e8ae77e8b0bdb8

x86_64

guestfs-tools-1.48.2-5.el9.x86_64.rpm

SHA-256: fb69e17eb690cf4d009351556f34ea1a4f86793dd1ea38a26f5804abec56f5b9

guestfs-tools-debuginfo-1.48.2-5.el9.x86_64.rpm

SHA-256: 89f923557a36a632ef024d7b76dfad717ab384df8a7af4ce3b746074d726f53c

guestfs-tools-debugsource-1.48.2-5.el9.x86_64.rpm

SHA-256: bc559c4b36aab4570d5ccdca376ea2ad6add5f16f108650b7177d8276cdd8ed4

virt-win-reg-1.48.2-5.el9.noarch.rpm

SHA-256: 9380f8bff7fdb3917bef8d3c1e98b0492d35fe45774a9055650a322b490a5344

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

guestfs-tools-1.48.2-5.el9.src.rpm

SHA-256: 3e841f406d1199668a8ef6ac25a0945db33adc06a8d256bfd8e8ae77e8b0bdb8

s390x

guestfs-tools-1.48.2-5.el9.s390x.rpm

SHA-256: f202ecd7b78bd9ab6af6b594e325cfc282c68ba96ff2791a9aae25f54274f25a

guestfs-tools-debuginfo-1.48.2-5.el9.s390x.rpm

SHA-256: 0b9795faa841949620a3e5f86b919fc0aedb842847209effe2cc12f85072f84a

guestfs-tools-debugsource-1.48.2-5.el9.s390x.rpm

SHA-256: a430128896d8d2b603a11241e2c5f034c23a3a6d5ecdebcd810cc9a82b461d7e

virt-win-reg-1.48.2-5.el9.noarch.rpm

SHA-256: 9380f8bff7fdb3917bef8d3c1e98b0492d35fe45774a9055650a322b490a5344

Red Hat Enterprise Linux for ARM 64 9

SRPM

guestfs-tools-1.48.2-5.el9.src.rpm

SHA-256: 3e841f406d1199668a8ef6ac25a0945db33adc06a8d256bfd8e8ae77e8b0bdb8

aarch64

guestfs-tools-1.48.2-5.el9.aarch64.rpm

SHA-256: d76768aaa53647c74a52a89a8ae9f9afa624b9389a80131906ffd6b99187f4d0

guestfs-tools-debuginfo-1.48.2-5.el9.aarch64.rpm

SHA-256: 1c1af5c6a36a715aa78ba1ed9fc5780b5df48c4128e22363e8bd9ddee58836d5

guestfs-tools-debugsource-1.48.2-5.el9.aarch64.rpm

SHA-256: c74d1dabc79d934069be22e6d30ea4ff132293845bdbfad8bc7d07a68c43e779

virt-win-reg-1.48.2-5.el9.noarch.rpm

SHA-256: 9380f8bff7fdb3917bef8d3c1e98b0492d35fe45774a9055650a322b490a5344

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.