libguestfs-winsupport-9.2-1.el9
エラータID: AXSA:2023-5849:01
The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine (VM) disk images.
Security Fix(es):
* ntfs-3g: heap-based buffer overflow in ntfsck (CVE-2021-46790)
* ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value (CVE-2022-30784)
* ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate (CVE-2022-30786)
* ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc (CVE-2022-30788)
* ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array (CVE-2022-30789)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2021-46790
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.
CVE-2022-30784
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
CVE-2022-30786
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
CVE-2022-30788
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
CVE-2022-30789
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
Update packages.
ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
N/A
SRPMS
- libguestfs-winsupport-9.2-1.el9.src.rpm
MD5: bd7cb6fba287b75c31663a4da0701164
SHA-256: e6f74f3cfe2379c69528266a57b75a46a20319b0b22a1e975b4f5a41573364b2
Size: 1.30 MB
Asianux Server 9 for x86_64
- libguestfs-winsupport-9.2-1.el9.x86_64.rpm
MD5: 9ab1adfb89442855aeb4decf8e337b48
SHA-256: 25ee9f5bb05ab37129ce98b4ca38777c6e9f17f48533e87343a974edb61331b6
Size: 2.40 MB