RedHat: RHSA-2021-3119:01 Moderate: OpenShift Virtualization 2.6.6 Images
Summary
OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization
RHEL-8-CNV-2.6
hostpath-provisioner-container-v2.6.6-3
vm-import-controller-container-v2.6.6-5
vm-import-virtv2v-container-v2.6.6-5
vm-import-operator-container-v2.6.6-5
virt-cdi-apiserver-container-v2.6.6-4
virt-cdi-controller-container-v2.6.6-4
virt-cdi-cloner-container-v2.6.6-4
virt-cdi-importer-container-v2.6.6-4
virt-cdi-uploadserver-container-v2.6.6-4
virt-cdi-uploadproxy-container-v2.6.6-4
virt-cdi-operator-container-v2.6.6-4
ovs-cni-marker-container-v2.6.6-5
kubevirt-ssp-operator-container-v2.6.6-5
kubemacpool-container-v2.6.6-7
kubevirt-vmware-container-v2.6.6-4
kubevirt-kvm-info-nfd-plugin-container-v2.6.6-4
kubevirt-cpu-model-nfd-plugin-container-v2.6.6-4
kubevirt-cpu-node-labeller-container-v2.6.6-4
virtio-win-container-v2.6.6-4
kubevirt-template-validator-container-v2.6.6-4
cnv-containernetworking-plugins-container-v2.6.6-4
node-maintenance-operator-container-v2.6.6-4
kubevirt-v2v-conversion-container-v2.6.6-4
cluster-network-addons-operator-container-v2.6.6-4
ovs-cni-plugin-container-v2.6.6-4
bridge-marker-container-v2.6.6-4
kubernetes-nmstate-handler-container-v2.6.6-7
hyperconverged-cluster-webhook-container-v2.6.6-4
cnv-must-gather-container-v2.6.6-16
hyperconverged-cluster-operator-container-v2.6.6-4
virt-launcher-container-v2.6.6-7
hostpath-provisioner-operator-container-v2.6.6-5
virt-api-container-v2.6.6-7
virt-handler-container-v2.6.6-7
virt-controller-container-v2.6.6-7
virt-operator-container-v2.6.6-7
hco-bundle-registry-container-v2.6.6-70
Security Fix(es):
* golang: crypto/elliptic: incorrect operations on the P-224 curve
(CVE-2021-3114)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Summary
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
References
https://access.redhat.com/security/cve/CVE-2016-10228 https://access.redhat.com/security/cve/CVE-2017-14502 https://access.redhat.com/security/cve/CVE-2019-2708 https://access.redhat.com/security/cve/CVE-2019-9169 https://access.redhat.com/security/cve/CVE-2019-13012 https://access.redhat.com/security/cve/CVE-2019-14866 https://access.redhat.com/security/cve/CVE-2019-25013 https://access.redhat.com/security/cve/CVE-2019-25032 https://access.redhat.com/security/cve/CVE-2019-25034 https://access.redhat.com/security/cve/CVE-2019-25035 https://access.redhat.com/security/cve/CVE-2019-25036 https://access.redhat.com/security/cve/CVE-2019-25037 https://access.redhat.com/security/cve/CVE-2019-25038 https://access.redhat.com/security/cve/CVE-2019-25039 https://access.redhat.com/security/cve/CVE-2019-25040 https://access.redhat.com/security/cve/CVE-2019-25041 https://access.redhat.com/security/cve/CVE-2019-25042 https://access.redhat.com/security/cve/CVE-2020-8231 https://access.redhat.com/security/cve/CVE-2020-8284 https://access.redhat.com/security/cve/CVE-2020-8285 https://access.redhat.com/security/cve/CVE-2020-8286 https://access.redhat.com/security/cve/CVE-2020-8927 https://access.redhat.com/security/cve/CVE-2020-9948 https://access.redhat.com/security/cve/CVE-2020-9951 https://access.redhat.com/security/cve/CVE-2020-9983 https://access.redhat.com/security/cve/CVE-2020-12362 https://access.redhat.com/security/cve/CVE-2020-12363 https://access.redhat.com/security/cve/CVE-2020-12364 https://access.redhat.com/security/cve/CVE-2020-13434 https://access.redhat.com/security/cve/CVE-2020-13543 https://access.redhat.com/security/cve/CVE-2020-13584 https://access.redhat.com/security/cve/CVE-2020-14344 https://access.redhat.com/security/cve/CVE-2020-14345 https://access.redhat.com/security/cve/CVE-2020-14346 https://access.redhat.com/security/cve/CVE-2020-14347 https://access.redhat.com/security/cve/CVE-2020-14360 https://access.redhat.com/security/cve/CVE-2020-14361 https://access.redhat.com/security/cve/CVE-2020-14362 https://access.redhat.com/security/cve/CVE-2020-14363 https://access.redhat.com/security/cve/CVE-2020-15358 https://access.redhat.com/security/cve/CVE-2020-25659 https://access.redhat.com/security/cve/CVE-2020-25712 https://access.redhat.com/security/cve/CVE-2020-26116 https://access.redhat.com/security/cve/CVE-2020-26137 https://access.redhat.com/security/cve/CVE-2020-27618 https://access.redhat.com/security/cve/CVE-2020-27619 https://access.redhat.com/security/cve/CVE-2020-28196 https://access.redhat.com/security/cve/CVE-2020-28935 https://access.redhat.com/security/cve/CVE-2020-29361 https://access.redhat.com/security/cve/CVE-2020-29362 https://access.redhat.com/security/cve/CVE-2020-29363 https://access.redhat.com/security/cve/CVE-2020-36242 https://access.redhat.com/security/cve/CVE-2021-3114 https://access.redhat.com/security/cve/CVE-2021-3177 https://access.redhat.com/security/cve/CVE-2021-3326 https://access.redhat.com/security/cve/CVE-2021-3516 https://access.redhat.com/security/cve/CVE-2021-3517 https://access.redhat.com/security/cve/CVE-2021-3518 https://access.redhat.com/security/cve/CVE-2021-3520 https://access.redhat.com/security/cve/CVE-2021-3537 https://access.redhat.com/security/cve/CVE-2021-3541 https://access.redhat.com/security/cve/CVE-2021-3560 https://access.redhat.com/security/cve/CVE-2021-20201 https://access.redhat.com/security/cve/CVE-2021-20271 https://access.redhat.com/security/cve/CVE-2021-23239 https://access.redhat.com/security/cve/CVE-2021-23240 https://access.redhat.com/security/cve/CVE-2021-23336 https://access.redhat.com/security/cve/CVE-2021-25215 https://access.redhat.com/security/cve/CVE-2021-25217 https://access.redhat.com/security/cve/CVE-2021-27219 https://access.redhat.com/security/cve/CVE-2021-28211 https://access.redhat.com/security/cve/CVE-2021-32399 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/cve/CVE-2021-33910 https://access.redhat.com/security/updates/classification/#moderate
Package List
Topic
Red Hat OpenShift Virtualization release 2.6.6 is now available withupdates to packages and images that fix several bugs and add enhancements.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Topic
Relevant Releases Architectures
Bugs Fixed
1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve
1945703 - "Guest OS Info" availability in VMI describe is flaky
1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster
1963275 - migration controller null pointer dereference
1965099 - Live Migration double handoff to virt-handler causes connection failures
1965181 - CDI importer doesn't report AwaitingVDDK like it used to
1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod
1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs
1969756 - Windows VMs fail to start on air-gapped environments
1970372 - Virt-handler fails to verify container-disk
1973227 - segfault in virt-controller during pdb deletion
1974084 - 2.6.6 containers1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted]
1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration
1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner
1982760 - [v2v] no kind VirtualMachine is registered for version \"kubevirt.io/v1\" i...
1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with <= 4.8