- Issued:
- 2024-11-26
- Updated:
- 2024-11-26
RHSA-2024:10389 - Security Advisory
Synopsis
Moderate: OpenShift Virtualization 4.13.11 Images
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Virtualization release 4.13.11 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Description
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 4.13.11 images.
Security Fix(es):
- net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Container Native Virtualization 4.13 for RHEL 9 x86_64
Fixes
- BZ - 2295310 - CVE-2024-24791 net/http: Denial of service due to improper 100-continue handling in net/http
- CNV-45851 - [CNV 4.13.z] - Remove DataImportCron for CentOS 7 and Stream 8
- CNV-49144 - [4.13.11] DataImportCron still showing after enable: "false"
CVEs
- CVE-2019-12900
- CVE-2021-3903
- CVE-2023-20584
- CVE-2023-31356
- CVE-2023-37920
- CVE-2023-52522
- CVE-2024-1737
- CVE-2024-1975
- CVE-2024-2236
- CVE-2024-2398
- CVE-2024-2511
- CVE-2024-3596
- CVE-2024-4032
- CVE-2024-4603
- CVE-2024-4741
- CVE-2024-5535
- CVE-2024-6232
- CVE-2024-6345
- CVE-2024-6923
- CVE-2024-7409
- CVE-2024-24791
- CVE-2024-26640
- CVE-2024-26656
- CVE-2024-26772
- CVE-2024-26870
- CVE-2024-26906
- CVE-2024-31076
- CVE-2024-34397
- CVE-2024-37891
- CVE-2024-38428
- CVE-2024-39331
- CVE-2024-40931
- CVE-2024-41039
- CVE-2024-42271
- CVE-2024-46858
- CVE-2024-50602
aarch64
| container-native-virtualization/bridge-marker-rhel9@sha256:089c25d2b3f886dcf22534ca69c566bde0ca51cadfc80444270e868646edb8e2 |
| container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:94a9c66bdc9ddfa078409fc5bb020bf58fe1c70ea6c8d34f38f70e0e84551b36 |
| container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:5e50121b138e4f8a53cee59672d24b1d03e6fc18c12d790e6adf38d4051977a0 |
| container-native-virtualization/cnv-must-gather-rhel9@sha256:464f3d1be563e741019695a27cbc991b3f3652f00978529806c61789ed916c21 |
| container-native-virtualization/hco-bundle-registry-rhel9@sha256:22bd92545f684e965a4132aadefff5a072f25f08c334a3952e8707573b819ce1 |
| container-native-virtualization/hostpath-csi-driver-rhel9@sha256:edf592292859040b76628ba6da206b09aca2bc932f159e928d665c6e834813b4 |
| container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:930766a12809ca551660160f45c31f67b65ea40c42aa76fd9df8630d9196f1c2 |
| container-native-virtualization/hostpath-provisioner-rhel9@sha256:aa7379960f05371917c83d4ee45226556369980268bdb855b1f22cb5203d121e |
| container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:87e28422d25a8891388f70a48d85b8e3804febdb52983c75fa948a96897a9b0f |
| container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:f97ead4fdf0406f4f3fbf8ca0807c70c4b4aac1c1fa7564a3289acb5f44a9cf8 |
| container-native-virtualization/kubemacpool-rhel9@sha256:20cc00ba6dbcdf8006212ebde3aab7b6b218cd64978a6adcab941f1d759c3fb8 |
| container-native-virtualization/kubesecondarydns-rhel9@sha256:822c88be0da05ef1ce2df31ebb97bbd1e32cdaccaef926223cb32e1348e7b06c |
| container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:4668355e36b24d33574498183fd786b3f0692a661aeffc3ec3b63bec5a1803a1 |
| container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:d5810e6854ed1b59e55d675be8ff6248c6528ddd89fe5251c093f0a457039d74 |
| container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:d3fb6c83d8122804586db54fbebd5468961fd077b2072babdbfb062fdd0abe92 |
| container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:4764fe20161fb001ecee9e5271d41d290e075e7c5c3e726f839b3c579145c88f |
| container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:1e660b337fdce5e58fae365ddb701f82fe7ea5d7d0a9f8c6c985ae8b2c9742a0 |
| container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:0fb8dd292d766cc478218f40405c62b0b8dbc8b6e20efa714dd7ad070abcf2ea |
| container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:021a992ab6c10d66558a7bf6c1960427d9e3e53071a0480cd9504af1af1d2596 |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:7310fe0e956cc105aeb4bd9c0ebea9d755786977e9297114d58023d809c64567 |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d1e3d9377f84e383d5d137681d9498741367db327cd300e1cc394db60631fb46 |
| container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:abfbe834a2da1191cc68b96362be76aca223b6b8d358d3e4c7b6413d64f752a3 |
| container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:06668d6337f9ae57e7992aa8990827cb9bb2bd054873fbbff01075d0a13b4e25 |
| container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:ffbc6e5543cdd760ee4fe9aeb209ca8759204edc5284475f58b4a27e5fa923da |
| container-native-virtualization/kubevirt-template-validator-rhel9@sha256:1bbdad1e2bbbc658bd832d4ef3e8a8f67cb46f2b33884dfe481a2923834fad3f |
| container-native-virtualization/libguestfs-tools-rhel9@sha256:630d20c800a8f8caf114b55708ee69162a90e2bb54bffed35e8bb4455023b50e |
| container-native-virtualization/multus-dynamic-networks-rhel9@sha256:f59208fbc7c03681ec527e98c6e0c1befc6502fe9f153a119186554e8cafaf24 |
| container-native-virtualization/ovs-cni-plugin-rhel9@sha256:b00dfaa39dc2efa1f815ffe7b875a732fba33e4f00abc714473c531c0b204c11 |
| container-native-virtualization/virt-api-rhel9@sha256:6387f1eaba14a3e8da897b30079486a1f5e10eeda82aa3d17f905521e1fac675 |
| container-native-virtualization/virt-artifacts-server-rhel9@sha256:79acc508a0401c713b4e58449a7e0a5accd6ab371aab1faf7cc5c48c166288e9 |
| container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:1ee29ea482bea411bd1d3188363ecf1fb196a925e523c9c87e11f19debc11185 |
| container-native-virtualization/virt-cdi-cloner-rhel9@sha256:1066c801d9230cb8afd47961715514ac39f154cf0fab6f99906c3162acc8566a |
| container-native-virtualization/virt-cdi-controller-rhel9@sha256:845ee94ddf0319ecfea67dd3d2f9d9aa4582ba317eb8d2d77e02af5a49fd50ee |
| container-native-virtualization/virt-cdi-importer-rhel9@sha256:2c949c7e50625c8a304e3447348fe56adbcf7777ac594487fb179612887730c5 |
| container-native-virtualization/virt-cdi-operator-rhel9@sha256:f045c4e118fcb4a6c44934ea2b344825d608fcd448b830701ea59e0580816a11 |
| container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:d4cd2483260093ae1d8e5342c3412b27a31084798debfd2a3f5ba7a3022de73f |
| container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:eb029cf93cd13133204e907af31261613a4f8717f9a2159f8ddabc8d8074a55f |
| container-native-virtualization/virt-controller-rhel9@sha256:77ae2bad3d1cb8a2bb5e94127dd8fe53e9d7a57afd5ef281047b5b453e7771bc |
| container-native-virtualization/virt-exportproxy-rhel9@sha256:08d63e6e3c9165990397bada26792b62eb0b2095154095c1fe6095d5ae5dcac6 |
| container-native-virtualization/virt-exportserver-rhel9@sha256:a0fde633a94759e4b068ad3fc730f12bed366debbe64a4ada898f0b478587588 |
| container-native-virtualization/virt-handler-rhel9@sha256:fbb34279bca4433b5e11575183f0336e5cb881cad3e7fb3c3f86a1104078803d |
| container-native-virtualization/virt-launcher-rhel9@sha256:68147bc26c5d6be76ebae52b35a350de170243677d1348e9e3ed2711e3f67eb0 |
| container-native-virtualization/virt-operator-rhel9@sha256:325d9bd92c8d9cbeeb3e648d42f2c6986471b0c7800a5e198f24f24f4c25b18e |
| container-native-virtualization/virtio-win-rhel9@sha256:256b2f1074dabd7a3a6b166c5a418cf6aeab6c2c77e8fd01b193479f5c47cc38 |
| container-native-virtualization/vm-console-proxy-rhel9@sha256:3fa2297c779676f669b11a40700b9a8bebdf598ff289457eb2841ce44db2c25b |
| container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:eb615c03258bd282abf98a07613f7c0f81835139b3ac667c29efb2f5371bce5c |
x86_64
| container-native-virtualization/bridge-marker-rhel9@sha256:ddeb7e909587a7137aa9be647dcb8f0ba308d319c0a0c07afdd6688977af96cc |
| container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:5995c45d7f9a8439b20f5f2e5fbd82b612cab7feab936fcd5faddc592fb391fe |
| container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:8811abce9181f5ea2e5d41e9566ba8d36b17f245737cb88ad159c9ba3e015ef7 |
| container-native-virtualization/cnv-must-gather-rhel9@sha256:e2ade0fa11d6993069c4bd13bd287c015d909f8f0c56154499fb6d4bcc4bb970 |
| container-native-virtualization/hco-bundle-registry-rhel9@sha256:20dec84a59726803fc8b911260e6c1fed397315c2a310b7909f6d125605f1bc6 |
| container-native-virtualization/hostpath-csi-driver-rhel9@sha256:00778f97dd392715a4f2734bce8edffcbddd720abbf67b4ea1918a0d57ccf175 |
| container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:3f953e25f07470a22d4b60ef8c35b7abdf40271a94a8d205fade59547861141c |
| container-native-virtualization/hostpath-provisioner-rhel9@sha256:e8164e83e19e9c5afdc1dfedca650009530875d93234f951a2e113c2e57cb62a |
| container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:b6fb215db236c1474cbfd6bfb80ee1e17075f3a4f130afb75acf8ec040ac8b1f |
| container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:ba9326da361503acb5d7b454876ef0d1e0faf45a4f44d94cc09d593ad5e98fe8 |
| container-native-virtualization/kubemacpool-rhel9@sha256:66ee640a0db3d4a0cfcfc6dda04acc58a57088c218ee930e353f0e85db56ed42 |
| container-native-virtualization/kubesecondarydns-rhel9@sha256:247145e607a439366bce1bfc207b33e9fa53b48c477e3d98005774963e48886a |
| container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:6fa8e3017a736096f25d3a9f997c2db60af42d6251059a3055328057ba8a18a3 |
| container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:e4b5968625addc2ca26d0b3557d6ebfe03f0744138493591fe3b16130e2f1adf |
| container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:c9b5953a20f4a8ae42feddb02e97a24a8f915158b5b4df5a24136f162926c4cd |
| container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:173d3f36b0421f08ba39bc5d83f662542f0804eecf8f073a3302aea3a666dccc |
| container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:f998142a3e623efa1dfc532f7a9bdbd7881518de1fea31df279646e0e6fa540a |
| container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:8003a503a57d28c6f6f3f160a2e22153e5f9297d37322413849d3a65fed45c02 |
| container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:d95b2bd55fef1c4c9ffc0fd41b7fb29e6f4058c26fd8a3f17d7807f5f757bfd1 |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:054f36c33279291b6ffe95cb50add225c34388155975b2e8717aa6590999b362 |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:64fd74ff97c1577acdbe9cd384c98e483eea7dff2c7e9a41ab3f258d80e97cd2 |
| container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:70f8d2d2d0835a4a7fed782aff7f1200990ad8ef1e9059ae72b9eaebd3a88d60 |
| container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:238970acd3dcdbdb3d8a4a52b4abff7a0edde8ef863798faf1d76346265b79fb |
| container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:ab0a5c6f05588d0d8ce0e8fec3e0d0cf6c74cc5cdf62a2727db21153f92279fd |
| container-native-virtualization/kubevirt-template-validator-rhel9@sha256:1a38d1e5b2975d5b3bbc4f53934db55e952501659b9659eca9efd3bcdee292a3 |
| container-native-virtualization/libguestfs-tools-rhel9@sha256:13e5630c588701c9331215c6816e1b645cb18d204a3014e56374d5b9fcf0eca8 |
| container-native-virtualization/multus-dynamic-networks-rhel9@sha256:575247d4ff1cfc83e125f8dcd386849d705c6b242aa699604a62c5a66f1d30d8 |
| container-native-virtualization/ovs-cni-plugin-rhel9@sha256:35ec3ba9579dceb5440f26414e9cf9c8196ace66134d53b806958053b829f963 |
| container-native-virtualization/virt-api-rhel9@sha256:dbf58bc5eccf9978091a77c9fe486752548b1833233873ee95beb9e0422b3997 |
| container-native-virtualization/virt-artifacts-server-rhel9@sha256:b5abd1c76bed2a7bf87f8acc7c8021f38a8f0292beb4983ce662e97789cb683f |
| container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:e18d0cbd608b991360f5f793a5b2b5b36aa5e920f7a73f1947f98525999a0474 |
| container-native-virtualization/virt-cdi-cloner-rhel9@sha256:f1406e1756a23a93c3b786a3460b442c2993ff69986daf911e58748e01c021e3 |
| container-native-virtualization/virt-cdi-controller-rhel9@sha256:55f76e7ee00b669b95df1371b64a21851f5865c9f6f9e077df95c179edb03558 |
| container-native-virtualization/virt-cdi-importer-rhel9@sha256:be37fa14265fc3563bf9976b8631d9c533f440b71104a30058893f25e80283ee |
| container-native-virtualization/virt-cdi-operator-rhel9@sha256:fe2ed6f2cf977436f350961f7119d251b7aca7cbcec8284854231c2c1ee453c2 |
| container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:4b8e2a14b8a9b4322c942bbd741e119656c97a33be4b023b59f1ec32859a029a |
| container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:3b8855dc9d7d027348e97c1a3a35ae095e38e4918d2d69918d66156793170169 |
| container-native-virtualization/virt-controller-rhel9@sha256:8c7fc49df770b9ce04cfedd5f853a7e5a13d7c33e80bae5904f9796617e93d14 |
| container-native-virtualization/virt-exportproxy-rhel9@sha256:b3cea0b9189f3506f08793bab4737812a776397d3912c53e57e17641a8914e4f |
| container-native-virtualization/virt-exportserver-rhel9@sha256:dd12fcac74e2bbc4321c88252a0be50ad522ebe85604ab99a8b2a615b7805c91 |
| container-native-virtualization/virt-handler-rhel9@sha256:9a3a4c1892dea746e6cd8ebb968b5e3f2b44c78496b90dba365e6546812bc7a6 |
| container-native-virtualization/virt-launcher-rhel9@sha256:c8019a7131b08be92e22bfce6c5b374a964d6e11b72aaa57b8bd308fdaace845 |
| container-native-virtualization/virt-operator-rhel9@sha256:d13a7152b5f8013ac5dee3273f550837260e1a9a9632ce9465e90cc91f649e5d |
| container-native-virtualization/virtio-win-rhel9@sha256:3b55f2343d5e4255bb73229cf993dc8c1133159d8aeb547c64ca236c06a51d20 |
| container-native-virtualization/vm-console-proxy-rhel9@sha256:243f2cbb078aad1ad91f6522f2adac585d12a9881f200d58614b6550265fbf08 |
| container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:e5b21966959e0602dd1ecd569e992b28fb2abeee1964df41aba898b1106fc2b9 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
