Headline
RHSA-2023:2179: Red Hat Security Advisory: libguestfs-winsupport security update
An update for libguestfs-winsupport is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-46790: A vulnerability was found in NTFS-3G, specifically in the ntfsck utility. Incorrect validation of NTFS metadata can result in a heap-based buffer overflow when processing a crafted NTFS image file or partition.
- CVE-2022-30784: A vulnerability was found in NTFS-3G. Incorrect validation of NTFS metadata can result in a heap exhaustion when processing a crafted NTFS image file or partition.
- CVE-2022-30786: A vulnerability was found in NTFS-3G. Incorrect validation of NTFS metadata can result in a heap-based buffer overflow when processing a crafted NTFS image file or partition.
- CVE-2022-30788: A vulnerability was found in NTFS-3G. Incorrect validation of NTFS metadata can result in a heap-based buffer overflow when processing a crafted NTFS image file or partition.
- CVE-2022-30789: A vulnerability was found in NTFS-3G. Incorrect validation of NTFS metadata can result in a heap-based buffer overflow when processing a crafted NTFS image file or partition.
Issued:
2023-05-09
Updated:
2023-05-09
RHSA-2023:2179 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: libguestfs-winsupport security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for libguestfs-winsupport is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine (VM) disk images.
Security Fix(es):
- ntfs-3g: heap-based buffer overflow in ntfsck (CVE-2021-46790)
- ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value (CVE-2022-30784)
- ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate (CVE-2022-30786)
- ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc (CVE-2022-30788)
- ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array (CVE-2022-30789)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for ARM 64 9 aarch64
Fixes
- BZ - 2093314 - CVE-2022-30784 ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value
- BZ - 2093326 - CVE-2022-30786 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate
- BZ - 2093340 - CVE-2022-30788 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc
- BZ - 2093348 - CVE-2022-30789 ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array
- BZ - 2093358 - CVE-2021-46790 ntfs-3g: heap-based buffer overflow in ntfsck
CVEs
- CVE-2021-46790
- CVE-2022-30784
- CVE-2022-30786
- CVE-2022-30788
- CVE-2022-30789
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
Red Hat Enterprise Linux for x86_64 9
SRPM
libguestfs-winsupport-9.2-1.el9.src.rpm
SHA-256: a0ca197683e651027e9150a9c0b217a6ac1eb9726e9f65fea34e3dcb98125c17
x86_64
libguestfs-winsupport-9.2-1.el9.x86_64.rpm
SHA-256: 101ce81c931c1470ac8939720ecafe2e9cc1efc69e736dd73540a5b5eb0f79cd
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
libguestfs-winsupport-9.2-1.el9.src.rpm
SHA-256: a0ca197683e651027e9150a9c0b217a6ac1eb9726e9f65fea34e3dcb98125c17
s390x
libguestfs-winsupport-9.2-1.el9.s390x.rpm
SHA-256: b18b13cfc20d68a4cbfeccc16343b4477e44ab0bb80fb462f24566dc6595feb9
Red Hat Enterprise Linux for ARM 64 9
SRPM
libguestfs-winsupport-9.2-1.el9.src.rpm
SHA-256: a0ca197683e651027e9150a9c0b217a6ac1eb9726e9f65fea34e3dcb98125c17
aarch64
libguestfs-winsupport-9.2-1.el9.aarch64.rpm
SHA-256: e2221e179d673de11861c331b537b848bd9c48b906e4bd9750f7044951b21d7c
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46790: A vulnerability was found in NTFS-3G, specifically in the ntfsck utility. Incorrect validation of NTFS metadata can result in a heap-based buffer overflow when processing a crafted NTFS image file or partition. * CVE-2022-3165: An integer underflow issue was found in the QEMU VNC server while processing ClientCut...
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
Ubuntu Security Notice 5463-2 - USN-5463-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
Ubuntu Security Notice 5463-2 - USN-5463-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
Ubuntu Security Notice 5463-2 - USN-5463-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
Ubuntu Security Notice 5463-2 - USN-5463-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
Ubuntu Security Notice 5463-1 - It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
Ubuntu Security Notice 5463-1 - It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
Ubuntu Security Notice 5463-1 - It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
Ubuntu Security Notice 5463-1 - It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
Ubuntu Security Notice 5463-1 - It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
Ubuntu Security Notice 5452-1 - It was discovered that NTFS-3G was incorrectly validating NTFS metadata in its ntfsck tool by not performing boundary checks. A local attacker could possibly use this issue to cause a denial of service or to execute arbitrary code.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.