RHSA-2022:7968: Red Hat Security Advisory: virt-v2v security, bug fix, and enhancement update

Issued:

2022-11-15

Updated:

2022-11-15

RHSA-2022:7968 - Security Advisory

• Overview
• Updated Packages

Synopsis

Low: virt-v2v security, bug fix, and enhancement update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for virt-v2v is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The virt-v2v package provides a tool for converting virtual machines to use the KVM (Kernel-based Virtual Machine) hypervisor or Red Hat Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can configure a guest to use VirtIO drivers if possible.

Security Fix(es):

• libguestfs: Buffer overflow in get_keys leads to DoS (CVE-2022-2211)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.

Affected Products

• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat CodeReady Linux Builder for x86_64 9 x86_64

Fixes

• BZ - 1684075 - Virt-v2v can’t convert a guest from VMware via nbdkit-vddk if original guest disk address is irregular
• BZ - 1774386 - input_vmx: cleanly reject guests with snapshots when using "-it ssh"
• BZ - 1788823 - Virt-v2v firstboot scripts should run in order, with v2v network configuration happening first
• BZ - 1817050 - Can’t convert guest from VMware with non-admin account and vddk >=7.0 by virt-v2v
• BZ - 1848862 - There is nbdkit curl error info if convert a guest from VMware without vddk by administrator account
• BZ - 1854275 - document that vmx+ssh "-ip" auth doesn’t cover ssh / scp shell commands
• BZ - 1868048 - [RFE]virt-v2v should install qemu-ga on debian guest during the conversion
• BZ - 1883802 - -i vmx: SATA disks are not parsed
• BZ - 1985830 - Start or remove VM failure even v2v has already finished
• BZ - 2003503 - There is virt-v2v warning: fstrim on guest filesystem /dev/mapper/osprober-linux-sdb1 failed if non-os disk of source guest has few/no inodes lef
• BZ - 2028764 - Install the qemu-guest-agent package during the conversion process
• BZ - 2039597 - Failed to import VM when selecting OVA as a source on RHV webadmin
• BZ - 2047660 - Add ‘–compressed’ support in modular v2v
• BZ - 2051564 - [RFE]Limiting the maximum number of disks per guest for v2v conversions
• BZ - 2059287 - RFE: Rebase virt-v2v to 2.0 in RHEL 9.1
• BZ - 2062360 - RFE: Virt-v2v should replace hairy “enable LEGACY crypto” advice which a more targeted mechanism
• BZ - 2064178 - nothing provides openssh-clients >= 8.8p1 needed by virt-v2v-1:2.0.0-1.el9.x86_64
• BZ - 2066773 - The /tmp/v2v.XXXX directory has incorrect permisison if run v2v by root
• BZ - 2069768 - Import of OVA fails if the user/group name contains spaces
• BZ - 2070186 - fix virtio-vsock check (for Linux guests) in virt-v2v
• BZ - 2070530 - Virt-v2v can’t convert guest when os is installed on nvme disk via vmx+ssh
• BZ - 2074026 - Remove -o json option
• BZ - 2074801 - do not pass “–non-bootable --read-write” to "volume create " in openstack output module
• BZ - 2074805 - -o qemu mode fails with: qemu-system-x86_64: -balloon: invalid option and other problems
• BZ - 2076013 - RHEL9.1 guest can’t boot into OS after v2v conversion
• BZ - 2082603 - virt-v2v -o qemu prints cosmetic warning: “warning: short-form boolean option ‘readonly’ deprecated”
• BZ - 2094779 - missing python dependency in rhel9.1
• BZ - 2100862 - CVE-2022-2211 libguestfs: Buffer overflow in get_keys leads to DoS
• BZ - 2101665 - “/dev/nvme0n1” is not remapped to “/dev/vda” (etc) in boot config files such as “/boot/grub2/device.map”
• BZ - 2107503 - RHEL 8.6 VM with “qemu64” CPU model can’t start because “the CPU is incompatible with host CPU: Host CPU does not provide required features: svm”
• BZ - 2112801 - RHEL9 guest hangs during boot after conversion by virt-p2v
• BZ - 2116811 - virt-v2v: error: internal error: assertion failed at linux_kernels.ml, line 190, char 11

References

• https://access.redhat.com/security/updates/classification/#low
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

Red Hat Enterprise Linux for x86_64 9

SRPM

virt-v2v-2.0.7-6.el9.src.rpm

SHA-256: e6984595278d2d9e8a0547418ef0e01083d9e46aa0b74cfb1ca2d09895aa9ee3

x86_64

virt-v2v-2.0.7-6.el9.x86_64.rpm

SHA-256: 6689b66cc419a746a1a2ec76e263dcd2d8278d12507038c1a94ca17311814f4e

virt-v2v-bash-completion-2.0.7-6.el9.noarch.rpm

SHA-256: f9a9076aa6e76bfbd96b7b08ab0a6e155b5155b61900867fd92ddddee12676ac

virt-v2v-debuginfo-2.0.7-6.el9.x86_64.rpm

SHA-256: 51c2956b0c1c2f192e92667cafaea9850153371b96f625870a81682c442e4d8b

virt-v2v-debugsource-2.0.7-6.el9.x86_64.rpm

SHA-256: 63cecca486b7d280fb11e4d8795e98df4491d9587d1c9472e6d9f1725a710951

Red Hat CodeReady Linux Builder for x86_64 9

SRPM

x86_64

virt-v2v-man-pages-ja-2.0.7-6.el9.noarch.rpm

SHA-256: 3b4734fe2d66dfc6907af995a3b1ed1b4c5ce83ce690cf02255e8eae7ceac329

virt-v2v-man-pages-uk-2.0.7-6.el9.noarch.rpm

SHA-256: 8cd9076fc853e79a65b0bbf213dbaa24f0b07357c7ce4bb63f2ec98be4030ab9

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.