CVE-2021-20295
Description
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756, refer to bug 1835986 or the CVE page: https://access.redhat.com/security/cve/CVE-2020-10756.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.149
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-admin-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-bash-completion-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-client-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-config-network-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-config-nwfilter-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-interface-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-network-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-nodedev-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-nwfilter-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-qemu-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-secret-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-core-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-disk-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-gluster-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-iscsi-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-iscsi-direct-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-logical-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-mpath-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-rbd-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-driver-storage-scsi-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-daemon-kvm-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-debugsource-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-devel-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-docs-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-libs-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-lock-sanlock-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update libvirt-nss-6.0.0-28.1.module+el8.3.0+10448+0c705bc6.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-guest-agent-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-img-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-kvm-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-kvm-block-curl-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-kvm-block-gluster-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-kvm-block-iscsi-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-kvm-block-rbd-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-kvm-block-ssh-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-kvm-common-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-kvm-core-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
| (RHSA-2021:1064) virt:rhel and virt-devel:rhel security update qemu-kvm-debugsource-4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234