A remote attacker could use this to cause a denial of service (system crash). On Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 6, and other Linux distributions that run on the x86_64 architecture, a denial of service (host crash) can be caused by a flaw in the Linux kernel when handling TCP packet data of non-zero length when the network interface is set to use receive packet data from interface only. An attacker could use this flaw to make a remote connection attempt appear to fail, resulting in a denial of service. (CVE-2017-7578) Red Hat would like to thank Phil Oster from OSCAR, for reporting this issue. oVirt Virtual Machine has been updated to version oVirt 3.10.10, which includes defense-in-depth improvements as well as minor bug fixes. The most important change is the updated version of libvirt which now supports KVM version 1.14. libvirt version has now been updated to version 4.3.10. As a result, KVM (version 1.14) is now supported by oVirt 3.10.10. Another important change is the updated version of the python-virtinst package. Now, it is possible to install oVirt on systems with Python 2.7 installed. Connector version has been updated to version 5.0.10. Connector 5.0.10 is the first connector release with support for Virtuozzo 8.1
Version Information oVirt version 3.10.10
- CVE-2017-7578: A remote attacker could use this to cause a denial of service (system crash).
- CVE-2017-7578: A remote attacker could use this to cause a denial of service (system crash).
- oVirt Virtual Machine has been updated to version oVirt 3.10.10, which includes defense-in-depth improvements as well as minor bug fixes.
oVirt Virtual Machine has been updated to version oVirt 3.10.10, which includes defense-in-depth improvements as well as minor bug fixes. The most important change is the updated version of libvirt which now supports KVM version 1.14. libvirt version has now been updated to version 4.3.10. As a result, KVM (version 1.14) is now supported by oVirt 3.10.10.:
Bug fixes
CVE-2022-41222 is a bug that can cause a denial of service (system crash). A remote attacker could use this to make a connection attempt appear to fail, resulting in a denial of service.
Why would anyone want to do that? The vulnerability was introduced as part of the oVirt 3.10 security update (CVE-2017-7578) due to a flaw in Linux kernel's handling of TCP packet data. The problem occurs when the network interface is set to use receive packet data from interface only, which means all incoming packets are sent directly to the host instead of the virtual machine. An attacker could exploit this flaw by using this flaw in an attempt to create an illegitimate connection and causing a denial of service on the host.
Timeline
Published on: 09/21/2022 08:15:00 UTC
Last modified on: 09/22/2022 18:15:00 UTC
References
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3
- https://bugs.chromium.org/p/project-zero/issues/detail?id=2347
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2
- http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41222