SUSE-SU-2021:2274-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2021/suse-su-20212274-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2274-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2021:2274-1
Related
Published
2021-07-09T05:34:06Z
Modified
2021-07-09T05:34:06Z
Summary
Security update for kubevirt
Details

This update for kubevirt fixes the following issues:

General:

  • Updated kubevirt to version 0.40.0
  • Fixed an issue when calling virsh-domcapabilities
  • Fixed the the wrong registry path for containers.

Security fixes:

  • CVE-2021-20286: A flaw was found in libnbd 1.7.3. An assertion failure in nbdunlockedopt_go in ilb/opt.c may lead to denial of service.
References

Affected packages

SUSE:Linux Enterprise Module for Containers 15 SP2 / containerized-data-importer

Package

Name
containerized-data-importer
Purl
pkg:rpm/suse/containerized-data-importer&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.30.0-5.3.2

Ecosystem specific 

{
    "binaries": [
        {
            "kubevirt-manifests": "0.40.0-5.11.2",
            "kubevirt-virtctl": "0.40.0-5.11.2",
            "containerized-data-importer-manifests": "1.30.0-5.3.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP2 / kubevirt

Package

Name
kubevirt
Purl
pkg:rpm/suse/kubevirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.40.0-5.11.2

Ecosystem specific 

{
    "binaries": [
        {
            "kubevirt-manifests": "0.40.0-5.11.2",
            "kubevirt-virtctl": "0.40.0-5.11.2",
            "containerized-data-importer-manifests": "1.30.0-5.3.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP3 / kubevirt

Package

Name
kubevirt
Purl
pkg:rpm/suse/kubevirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.40.0-5.11.2

Ecosystem specific 

{
    "binaries": [
        {
            "kubevirt-manifests": "0.40.0-5.11.2",
            "kubevirt-virtctl": "0.40.0-5.11.2"
        }
    ]
}