SUSE has issued an advisory on July 28: https://lists.suse.com/pipermail/sle-security-updates/2022-July/011703.html Mageia 8 may also be affected.
Equivalent openSUSE advisory: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M7MWG7KVN226XKCGY5HO5W2SNOHSAO4T/
Need to dig to find the fix. https://bugzilla.suse.com/1201064 Fix, patch (I think): https://bugzilla.suse.com/attachment.cgi?id=859933&action=diff Upstream documentation for the fix: https://bugzilla.suse.com/attachment.cgi?id=859934&action=diff RedHat has a lot about this, but it is complicated and embraces other issues, notably LUKS. I saw references to patches, but never a patch. https://bugzilla.redhat.com/show_bug.cgi?id=2100862 This is nominally with joequant (CC'ing), but latest updates have been done by tv, so assigning thus.
CC: (none) => joequantAssignee: bugsquad => thierry.vignaud
RedHat has issued an advisory for this on November 8: https://access.redhat.com/errata/RHSA-2022:7472
It was already fixed in Mageia 9. Mageia 8 EOL.
CVE: (none) => CVE-2022-2211CC: (none) => nicolas.salgueroStatus: NEW => RESOLVEDResolution: (none) => OLDSource RPM: libguestfs-1.49.2-1.mga9.src.rpm => libguestfs-1.44.0-2.2.mga8.src.rpmVersion: Cauldron => 8