Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2023:3771 - Security Advisory
Issued:
2023-06-21
Updated:
2023-06-21

RHSA-2023:3771 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: Red Hat Virtualization security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8, Red Hat Virtualization 4 for Red Hat Enterprise Linux 8, and Red Hat Virtualization Engine 4.4.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection.

The following packages have been upgraded to a later upstream version: ovirt-dependencies (4.5.3), ovirt-engine (4.5.3.8), vdsm (4.50.3.8). (BZ#2180717)

Security Fix(es):

  • springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)
  • springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Previously, a host with Secure Intel Icelake Server Family could become non-operational because it did not provide the "taa-no" CPU feature.

In this release, the check has been fixed in the Manager, and such hosts work properly. (BZ#2184623)

  • Previously, when creating bonds on a host outside the Manager and adding the host without starting it, the Rx\Tx drop count is shown as null.

As a result, a Null Pointer Exception is thrown in the Administration Portal > Compute > Hosts > Network Interfaces tab.
With this release, null values are accepted, and there are no exceptions displayed in the Network Interfaces tab. (BZ#2180230)

  • Previously, the Volume Extend Logic method skipped sparse volumes. As a result, RAW sparse volumes (on file storage) were not extended properly.

In this release, RAW sparse volumes are extended as expected. (BZ#2210036)

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/2974891

Affected Products

  • Red Hat Virtualization Manager 4.4 x86_64
  • Red Hat Virtualization 4 for RHEL 8 x86_64
  • Red Hat Virtualization Host 4 for RHEL 8 x86_64
  • Red Hat Virtualization for IBM Power LE 4 for RHEL 8 ppc64le

Fixes

  • BZ - 2180230 - Network Interfaces is broken if tx_drop or rx_drop are empty in the DB
  • BZ - 2180528 - CVE-2023-20860 springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern
  • BZ - 2180530 - CVE-2023-20861 springframework: Spring Expression DoS Vulnerability
  • BZ - 2184623 - [RHV] Host Non-Operation after update Cluster CPU to Secure Intel Icelake Server. Missing CPU feature: taa-no
  • BZ - 2203132 - NullPointerException when creating a image transfer after a RHV-M reboot
  • BZ - 2210036 - Extend of the raw sparse disk (thin provisioned without incremental backup) is ignored

CVEs

  • CVE-2023-20860
  • CVE-2023-20861

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Virtualization Manager 4.4

SRPM
ovirt-dependencies-4.5.3-1.el8ev.src.rpm SHA-256: de6ce6f4c5366c5578f9a6a590dea9451b905797bdfbff3649e3138f5d7c28c6
ovirt-engine-4.5.3.8-2.el8ev.src.rpm SHA-256: d1d896ea51d06e2cec96664d7db8abe2204ec988cd7d97c274867d5ab96379e6
x86_64
ovirt-dependencies-4.5.3-1.el8ev.noarch.rpm SHA-256: 2c938e937cea40e4d651e1b50903102a09b849aac07a7ba6de7484bb8cef936d
ovirt-engine-4.5.3.8-2.el8ev.noarch.rpm SHA-256: c3ff60cff4ff13c94807cf394aad84681c9d4c2c4059077a4fb72a7eb3b524d8
ovirt-engine-backend-4.5.3.8-2.el8ev.noarch.rpm SHA-256: f043e3d484d84557c779fe4d07d05e79d91df9f72c83db0d73ce196aa6335713
ovirt-engine-dbscripts-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 779ffcd29d1a40c6da3a79ba529d8a93a217b1b1d702b1fd2b8843fca73a696c
ovirt-engine-health-check-bundler-4.5.3.8-2.el8ev.noarch.rpm SHA-256: fb547f8e0b923fe456dfa934a327bb04f2a2122f1ddb812279cd60598c9105e4
ovirt-engine-restapi-4.5.3.8-2.el8ev.noarch.rpm SHA-256: f2569a83d8f7bba7325a1cf041affc5ccf84bd503c440c96e3a50f940b7106df
ovirt-engine-setup-4.5.3.8-2.el8ev.noarch.rpm SHA-256: b76362615a5953aab0c7f919c1fbfa1172ad48e9a8a6ca5c3dd5eb86884ff881
ovirt-engine-setup-base-4.5.3.8-2.el8ev.noarch.rpm SHA-256: bbff9638a8dbeb4ee8188ffeee6af23c8568bd3a5b0d19a2c868039b742e5e7f
ovirt-engine-setup-plugin-cinderlib-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 83e5f9547bb936b12a35986eea4f1bede9ad6ceea99ff1b6b7a9520c3499ec53
ovirt-engine-setup-plugin-imageio-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 32c3267f61dc1e0dee400a877cbb1f7b68d4a5f1c994e9a605906e945fb5b2eb
ovirt-engine-setup-plugin-ovirt-engine-4.5.3.8-2.el8ev.noarch.rpm SHA-256: f2760bc2e09ad10ddd5d81f9951481062bd3d8394cfc5a3604592130c9759f52
ovirt-engine-setup-plugin-ovirt-engine-common-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 7e4f398273c2c52ea147ad4407d2757b5bbc55326156a922a8216f51f5b571b5
ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 4d1391abc4680f90f2e7aaf7ec402356bc28e953728c5c9c55810e9504a413ba
ovirt-engine-setup-plugin-websocket-proxy-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 26e6243e5394e98a4708a54470165a24fa888d6a9c9c343e165b147fe6186ddc
ovirt-engine-tools-4.5.3.8-2.el8ev.noarch.rpm SHA-256: a263f30a8bfbc4a54e50dfd8357cf69db2612c10b23333b0f72616a8f9ace5f6
ovirt-engine-tools-backup-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 1f717d9a95bd03d3c9ba67efeca0aa6cfe70989304efd49e726a936796683d25
ovirt-engine-vmconsole-proxy-helper-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 24a202db6df3153dccf13bf4aed8db745bd46185bc7d947cbd9b9fa7f6008cde
ovirt-engine-webadmin-portal-4.5.3.8-2.el8ev.noarch.rpm SHA-256: fb23c9c936086181cff8028215f621e406c2175d767210a5062d529238145dd2
ovirt-engine-websocket-proxy-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 74a9f51efe76da9b4bf00649aad66f1791b1c7fe79d8295784dc7e35a8ede741
python3-ovirt-engine-lib-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 3764bad571a132c478dc60c26f353069fc977e679564d20cd16309a26936dbbb
rhvm-4.5.3.8-2.el8ev.noarch.rpm SHA-256: 6e2a44a7bb582db16166e2ed4dcd12a0a8c474e04181f0512e796556a1ad0fb9

Red Hat Virtualization 4 for RHEL 8

SRPM
vdsm-4.50.3.8-1.el8ev.src.rpm SHA-256: 61a6922e97899d1755aa013deb0751ad1dafb56a853f0ca3c0dd94f179155ae8
x86_64
vdsm-4.50.3.8-1.el8ev.x86_64.rpm SHA-256: 46fccf4228e436828fcb5b6e1fb17eb150f8adbacc6800be6be1e30f4f475cb3
vdsm-api-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 93dba1bfa923f674e85ce23bd0e6fb08cd554ea16f2349d6dcb03614c27c7267
vdsm-client-4.50.3.8-1.el8ev.noarch.rpm SHA-256: d25b75ca303da1a39b733fd77ee029f637ebf6179b62be6bd7ca80f329d855a3
vdsm-common-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 9267becca065bddfdd0c967e3e51720926b8ca4e7936fa0fd244aa5a5e535138
vdsm-gluster-4.50.3.8-1.el8ev.x86_64.rpm SHA-256: b9c0c76f4932404261e2945ae0c0250fdefa63e4cc52be76a826c1aeed901c46
vdsm-hook-checkips-4.50.3.8-1.el8ev.x86_64.rpm SHA-256: 655b3b9b67de087bccf3b232d261d15a31f40219e78c5560c837a2f82f09c2c8
vdsm-hook-cpuflags-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 016a9f4ce3048b407bc6fbe8cad8a52e779422bbad73c4e5ab64d5795f413ce2
vdsm-hook-ethtool-options-4.50.3.8-1.el8ev.noarch.rpm SHA-256: d122546b22fe605b72292d9882ec581ab4f921ee3644c2f24c184c98466bd320
vdsm-hook-extra-ipv4-addrs-4.50.3.8-1.el8ev.x86_64.rpm SHA-256: 7142dcf749c4ec07c8a6093632b81d66276ea525bf712a63a46e1583b4da6f54
vdsm-hook-fcoe-4.50.3.8-1.el8ev.noarch.rpm SHA-256: d75004d0e2a0701a8c7d43d6c4c6523a5a5d2aed24443a8dc6c06a3d5ab38ea4
vdsm-hook-localdisk-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 91057b64b7b749e82a3aee56adb42d734dbbbaa3f001ab3086527d66368fea06
vdsm-hook-nestedvt-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 87546162abe7c1f213637e32a9159ba4e581d8acb90f5795b0ed9f5033a8437f
vdsm-hook-openstacknet-4.50.3.8-1.el8ev.noarch.rpm SHA-256: ca8fe4882e0e81aa8618710a2ccf2b6fe8689665f5e50615504873368800b146
vdsm-hook-vhostmd-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 53fa7db0ce441b5d9209d548ac37b31a7158fe1644873460698cd3cbb528b5f1
vdsm-http-4.50.3.8-1.el8ev.noarch.rpm SHA-256: b85281cbaa815a6c330023c4a0b4e1d6ea3e3c5992d6a400ae7ef952ea1c2bba
vdsm-jsonrpc-4.50.3.8-1.el8ev.noarch.rpm SHA-256: fec58b1645c9a4884e2d13be00f45097afab8f17ffad40455eec0142562b3f8e
vdsm-network-4.50.3.8-1.el8ev.x86_64.rpm SHA-256: 8b16527fd97b344655f22b1abed4c56697a905103bbba9d37d6f80ae38090f26
vdsm-python-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 0794d12643c7ed746f7f51870104394e4fcfa2ddb5d0019fe881822194001102
vdsm-yajsonrpc-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 9c86d1ed5b483190a5a5ec5d1413d5d24929f52c359f95400a444f61c0910b87

Red Hat Virtualization Host 4 for RHEL 8

SRPM
vdsm-4.50.3.8-1.el8ev.src.rpm SHA-256: 61a6922e97899d1755aa013deb0751ad1dafb56a853f0ca3c0dd94f179155ae8
x86_64
vdsm-hook-checkips-4.50.3.8-1.el8ev.x86_64.rpm SHA-256: 655b3b9b67de087bccf3b232d261d15a31f40219e78c5560c837a2f82f09c2c8
vdsm-hook-cpuflags-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 016a9f4ce3048b407bc6fbe8cad8a52e779422bbad73c4e5ab64d5795f413ce2
vdsm-hook-ethtool-options-4.50.3.8-1.el8ev.noarch.rpm SHA-256: d122546b22fe605b72292d9882ec581ab4f921ee3644c2f24c184c98466bd320
vdsm-hook-extra-ipv4-addrs-4.50.3.8-1.el8ev.x86_64.rpm SHA-256: 7142dcf749c4ec07c8a6093632b81d66276ea525bf712a63a46e1583b4da6f54
vdsm-hook-fcoe-4.50.3.8-1.el8ev.noarch.rpm SHA-256: d75004d0e2a0701a8c7d43d6c4c6523a5a5d2aed24443a8dc6c06a3d5ab38ea4
vdsm-hook-localdisk-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 91057b64b7b749e82a3aee56adb42d734dbbbaa3f001ab3086527d66368fea06
vdsm-hook-nestedvt-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 87546162abe7c1f213637e32a9159ba4e581d8acb90f5795b0ed9f5033a8437f
vdsm-hook-openstacknet-4.50.3.8-1.el8ev.noarch.rpm SHA-256: ca8fe4882e0e81aa8618710a2ccf2b6fe8689665f5e50615504873368800b146
vdsm-hook-vhostmd-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 53fa7db0ce441b5d9209d548ac37b31a7158fe1644873460698cd3cbb528b5f1

Red Hat Virtualization for IBM Power LE 4 for RHEL 8

SRPM
vdsm-4.50.3.8-1.el8ev.src.rpm SHA-256: 61a6922e97899d1755aa013deb0751ad1dafb56a853f0ca3c0dd94f179155ae8
ppc64le
vdsm-4.50.3.8-1.el8ev.ppc64le.rpm SHA-256: 29024f5bd050a7a0035b5ab6e0e0b233d8ededf41ef0d346803572967117f778
vdsm-api-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 93dba1bfa923f674e85ce23bd0e6fb08cd554ea16f2349d6dcb03614c27c7267
vdsm-client-4.50.3.8-1.el8ev.noarch.rpm SHA-256: d25b75ca303da1a39b733fd77ee029f637ebf6179b62be6bd7ca80f329d855a3
vdsm-common-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 9267becca065bddfdd0c967e3e51720926b8ca4e7936fa0fd244aa5a5e535138
vdsm-hook-checkips-4.50.3.8-1.el8ev.ppc64le.rpm SHA-256: f7527fe20194479ece48cecfebf92702839dfb7a9f274404a6f9b03d13174801
vdsm-hook-cpuflags-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 016a9f4ce3048b407bc6fbe8cad8a52e779422bbad73c4e5ab64d5795f413ce2
vdsm-hook-ethtool-options-4.50.3.8-1.el8ev.noarch.rpm SHA-256: d122546b22fe605b72292d9882ec581ab4f921ee3644c2f24c184c98466bd320
vdsm-hook-extra-ipv4-addrs-4.50.3.8-1.el8ev.ppc64le.rpm SHA-256: 56c330a4a9a6dc479cb2b5879a343148eda0af8f75af9e1d0be12701d8586aee
vdsm-hook-fcoe-4.50.3.8-1.el8ev.noarch.rpm SHA-256: d75004d0e2a0701a8c7d43d6c4c6523a5a5d2aed24443a8dc6c06a3d5ab38ea4
vdsm-hook-localdisk-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 91057b64b7b749e82a3aee56adb42d734dbbbaa3f001ab3086527d66368fea06
vdsm-hook-nestedvt-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 87546162abe7c1f213637e32a9159ba4e581d8acb90f5795b0ed9f5033a8437f
vdsm-hook-openstacknet-4.50.3.8-1.el8ev.noarch.rpm SHA-256: ca8fe4882e0e81aa8618710a2ccf2b6fe8689665f5e50615504873368800b146
vdsm-hook-vhostmd-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 53fa7db0ce441b5d9209d548ac37b31a7158fe1644873460698cd3cbb528b5f1
vdsm-http-4.50.3.8-1.el8ev.noarch.rpm SHA-256: b85281cbaa815a6c330023c4a0b4e1d6ea3e3c5992d6a400ae7ef952ea1c2bba
vdsm-jsonrpc-4.50.3.8-1.el8ev.noarch.rpm SHA-256: fec58b1645c9a4884e2d13be00f45097afab8f17ffad40455eec0142562b3f8e
vdsm-network-4.50.3.8-1.el8ev.ppc64le.rpm SHA-256: cf2ed23b2c4f99d781ca32581ed4a64a239ec3f381388418151443755d6146f2
vdsm-python-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 0794d12643c7ed746f7f51870104394e4fcfa2ddb5d0019fe881822194001102
vdsm-yajsonrpc-4.50.3.8-1.el8ev.noarch.rpm SHA-256: 9c86d1ed5b483190a5a5ec5d1413d5d24929f52c359f95400a444f61c0910b87

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility