CVE-2022-2211

A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
libguestfslibguestfs
-
redhatenterprise_linux
8.0
redhatenterprise_linux
8.0
redhatenterprise_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
guestfs-tools
bookworm
1.48.2-1+deb12u1
fixed
bookworm (security)
1.48.2-1+deb12u1
fixed
bullseye
no-dsa
buster
no-dsa
sid
1.52.2-1
fixed
trixie
1.52.2-1
fixed
libguestfs
bookworm
1:1.48.6-2
fixed
bullseye
no-dsa
buster
no-dsa
sid
1:1.52.2-5
fixed
trixie
1:1.52.2-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
guestfs-tools
bionic
dne
focal
dne
impish
dne
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
dne
xenial
dne
libguestfs
bionic
needs-triage
focal
needs-triage
impish
ignored
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
ignored
xenial
needs-triage
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
guestfs-data
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
guestfs-tools
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
1.53.7-150700.1.2
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
1.53.7-150700.1.2
fixed
guestfs-tools-bash-completion
suse enterprise sap 15 SP7
1.53.7-150700.1.2
fixed
suse enterprise server 15 SP7
1.53.7-150700.1.2
fixed
guestfs-tools-man-pages-ja
suse enterprise sap 15 SP7
1.53.7-150700.1.2
fixed
suse enterprise server 15 SP7
1.53.7-150700.1.2
fixed
guestfs-tools-man-pages-uk
suse enterprise sap 15 SP7
1.53.7-150700.1.2
fixed
suse enterprise server 15 SP7
1.53.7-150700.1.2
fixed
guestfs-winsupport
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
guestfsd
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
libguestfs
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-appliance
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-bash-completion
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-devel
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-gobject-1_0
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-gobject-devel
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-inspect-icons
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-man-pages-ja
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-man-pages-uk
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-rescue
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-rsync
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-typelib-Guestfs-1_0
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-winsupport
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs-xfs
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfs0
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
libguestfsd
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
lua-libguestfs
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
ocaml-libguestfs
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
ocaml-libguestfs-devel
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
perl-Sys-Guestfs
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
python3-libguestfs
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
rubygem-libguestfs
suse enterprise sap 15 SP7
1.55.6-150700.1.7
fixed
suse enterprise server 15 SP7
1.55.6-150700.1.7
fixed
virt-v2v
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP5
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
2.7.7-150700.1.2
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP5
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
2.7.7-150700.1.2
fixed
virt-v2v-bash-completion
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP5
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
2.7.7-150700.1.2
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP5
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
2.7.7-150700.1.2
fixed
virt-v2v-man-pages-ja
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP5
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
2.7.7-150700.1.2
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP5
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
2.7.7-150700.1.2
fixed
virt-v2v-man-pages-uk
suse enterprise sap 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP5
1.44.2-150400.3.3.1
fixed
suse enterprise sap 15 SP7
2.7.7-150700.1.2
fixed
suse enterprise server 15 SP4
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP5
1.44.2-150400.3.3.1
fixed
suse enterprise server 15 SP7
2.7.7-150700.1.2
fixed
virt-win-reg
suse enterprise sap 15 SP7
1.53.7-150700.1.2
fixed
suse enterprise server 15 SP7
1.53.7-150700.1.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
guestfs-tools
RHEL 9
0:1.48.2-5.el9
fixed
libguestfs
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-appliance
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-bash-completion
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-devel
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-gobject
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-gobject-devel
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-inspect-icons
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-man-pages-ja
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-man-pages-uk
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-rescue
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-rsync
RHEL 9
1:1.48.4-2.el9
fixed
libguestfs-xfs
RHEL 9
1:1.48.4-2.el9
fixed
lua-guestfs
RHEL 9
1:1.48.4-2.el9
fixed
ocaml-libguestfs
RHEL 9
1:1.48.4-2.el9
fixed
ocaml-libguestfs-devel
RHEL 9
1:1.48.4-2.el9
fixed
perl-Sys-Guestfs
RHEL 9
1:1.48.4-2.el9
fixed
php-libguestfs
RHEL 9
1:1.48.4-2.el9
fixed
python3-libguestfs
RHEL 9
1:1.48.4-2.el9
fixed
ruby-libguestfs
RHEL 9
1:1.48.4-2.el9
fixed
virt-v2v
RHEL 9
1:2.0.7-6.el9
fixed
virt-v2v-bash-completion
RHEL 9
1:2.0.7-6.el9
fixed
virt-v2v-man-pages-ja
RHEL 9
1:2.0.7-6.el9
fixed
virt-v2v-man-pages-uk
RHEL 9
1:2.0.7-6.el9
fixed
virt-win-reg
RHEL 9
0:1.48.2-5.el9
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2022-2211
https://access.redhat.com/security/cve/CVE-2022-2211