Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Red Hat OpenShift Virtualization 4.12.5 Security Advisory RHSA-2023:4421-01

red hat
Calendar Grey August 1, 2023
Dist Redhat Esm H88
The latest update 4.12.5 for Red Hat OpenShift Virtualization addresses significant vulnerabilities and fixes various bugs. Discover more information here.
Red Hat OpenShift Virtualization release 4.12.5 is now available with updates to packages and images that fix several bugs and add enhancements

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Summary

OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 4.12.5 images.
Security Fix(es):
* openshift: OCP & FIPS mode (CVE-2023-3089)
* golang: html/template: improper handling of JavaScript whitespace (CVE-2023-24540)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* [4.12] must-gather doesn't collect ruletebles (BZ#2208641)
* nft rules are not collected if the VMs are running in the node where must-gather is running (BZ#2214454)
* [cnv-4.12] kubevirt should allow setting cluster-wide virt-launcher runtimeclass (BZ#2217913)
* USB-redirection regression (BZ#2221222)

Topics%20covered

Topics Covered

security advisory Red Hat bug fix security impact important update virtualization OpenShift

References

https://access.redhat.com/security/cve/CVE-2020-24736 https://access.redhat.com/security/cve/CVE-2022-4304 https://access.redhat.com/security/cve/CVE-2022-41723 https://access.redhat.com/security/cve/CVE-2023-0215 https://access.redhat.com/security/cve/CVE-2023-0286 https://access.redhat.com/security/cve/CVE-2023-1667 https://access.redhat.com/security/cve/CVE-2023-2283 https://access.redhat.com/security/cve/CVE-2023-2828 https://access.redhat.com/security/cve/CVE-2023-3089 https://access.redhat.com/security/cve/CVE-2023-24329 https://access.redhat.com/security/cve/CVE-2023-24540 https://access.redhat.com/security/cve/CVE-2023-26604 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2023-001

Package List


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2023:4421-01
Product: OpenShift Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2023:4421
Issue date: 2023-08-01

Topic

Red Hat OpenShift Virtualization release 4.12.5 is now available withupdates to packages and images that fix several bugs and add enhancements.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory Red Hat bug fix security impact important update virtualization OpenShift

Relevant Releases Architectures

Bugs Fixed

2027959 - [RFE] virt-launcher pod of Windows VM stuck in terminating state, no button in the UI to force power off

2182056 - Cloned VM should not use the same PVC of the source VM

2196027 - CVE-2023-24540 golang: html/template: improper handling of JavaScript whitespace

2208641 - [4.12] must-gather doesn't collect ruletebles

2209318 - [4.12.z] VM connected to a VLAN is also receiving packets from VLAN 1

2209848 - OpenShift Virtualization Overview page shows no metrics for "All Projects"

2212085 - CVE-2023-3089 openshift: OCP & FIPS mode

2214454 - nft rules are not collected if the VMs are running in the node where must-gather is running

2216447 - must-gather: Multiple empty files under vms/ if the VM was live migrated

2216449 - must-gather is using unavailable brctl command

2217913 - [cnv-4.12] kubevirt should allow setting cluster-wide virt-launcher runtimeclass

2220843 - [4.12]Missing StorageProfile defaults for IBM and AWS EFS CSI provisioners

2221222 - USB-redirection regression

2222011 - [4.12]DataImportCron Garbage Collection can mistakenly delete latest PVC

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here