- Issued:
- 2024-05-23
- Updated:
- 2024-05-23
RHSA-2024:3315 - Security Advisory
Synopsis
Important: OpenShift Virtualization 4.13.9 Images security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4.13.9 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 4.13.9 images.
Security Fix(es):
- golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Container Native Virtualization 4.13 for RHEL 9 x86_64
Fixes
- BZ - 2268273 - CVE-2023-45288 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS
CVEs
aarch64
| container-native-virtualization/bridge-marker-rhel9@sha256:ba1e64ed8fa10a0296fd4be542bf33db460a95ba7b681a6715227c5d3669d522 |
| container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:7c27f9ed6c464d7d1156fa10571cda758d96482c64ac2dbdde782dff4f11142a |
| container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:dc072fceba2d988e979a439519d7b5a761dccebdd2e890473a0faf19b4c0f0df |
| container-native-virtualization/cnv-must-gather-rhel9@sha256:1eb68e0b0ba45452795bbbc441e0c739ec77d62ca5209367ef1bbe2aafb8e151 |
| container-native-virtualization/hco-bundle-registry-rhel9@sha256:08e70ace08c71c1d73a680a1f7225e2eb5aa81bd3b3faada8d89eb5e7a91e693 |
| container-native-virtualization/hostpath-csi-driver-rhel9@sha256:ae088594ce07499834b625144a37ea6963e08d4133b4406df7c26ce5bf2831b6 |
| container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:b5dbb45e69050612ff324f5a8e3c6fc0acd9320ebd1117bb65dbf565fb4461f8 |
| container-native-virtualization/hostpath-provisioner-rhel9@sha256:a4272c69cf81355dad651e8c694c3b62747023decb6cd1ae22d16cc36f0bad74 |
| container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:b4aed92d20372b9bcbf8c97a8e9426c61d213fbcf380fdfc7c42c64503a50496 |
| container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:226e6b33ac719000a1e3fddfbef50fa4c6a798f04b4986ab37d8765108d00fd3 |
| container-native-virtualization/kubemacpool-rhel9@sha256:eb914756fe26e8a7e7d41d00ab150b9fcb94902051c2a2387b13ea7a8f1eae77 |
| container-native-virtualization/kubesecondarydns-rhel9@sha256:ded7baf0552eb7c9b23f9e09e5723f93d935230418f30a3d3311680ea5238c7d |
| container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:0558e4f507e084012205721f6dc7cf6eb2a4fd2a158070e8a2e5d82cbd84bda0 |
| container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:9ab866dbb135fb76d6458f4485cd9784932c52e5c1c4417115a2ed19ea399fd4 |
| container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:9250f70a014303cebc379aef3cffdfaae863cddf9ea79f1fe1f11fe46bcd9bb5 |
| container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:b41149e99d7ca5138635835644405aa9d95417aad03f01c316a75a5886c55df4 |
| container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:2abff506e706dd3447d2cc0a61f6a20285bee1bc235ad3314ae7e208f876a2b8 |
| container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:46b50d835480351c188e86b71a31d9bc6cfc5f5489a1b226ef807eb5cd2223d7 |
| container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:b781f9a21eb1b61fc9080d65a6a1fb18bf152c51f6ea49b78d20535936c158f4 |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:a9c213fe4d310091d1d73017d958305c3a1a40ac57829645bf9c54c116e01b23 |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:5f113c4b5d2b6c1e37f0a6c09e68dcd613bea916e427d1c6ccc9d179c3ce305e |
| container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:855f2159eb6f51bce8154b85dbef3bc70abd7631104ccceebf31561f32344921 |
| container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:ffe7793dcf7887339d4c47d18f75b70f648cc46af410f5808633ae1327f7845b |
| container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:d09e282991464ee935d9992deae9594d7997bcd6fd2b215e86ca2669550e0951 |
| container-native-virtualization/kubevirt-template-validator-rhel9@sha256:31dcc58238626f998f6c0a4abcfee277b21032c25ef1ca75aa38328b3ac74298 |
| container-native-virtualization/libguestfs-tools-rhel9@sha256:173a52e5bd552da60b9f57f590a56d32f09e7e6a237e09067ab66de53d7ddb86 |
| container-native-virtualization/multus-dynamic-networks-rhel9@sha256:17fe64761c9b05da7e8ba3cc3397df31ac9c39104c539404f05586da83d60b67 |
| container-native-virtualization/ovs-cni-plugin-rhel9@sha256:8fd6d59d80eeb1ba032efd1ddbcbf40f3d354b39b527cdb1ce3c01358820206a |
| container-native-virtualization/virt-api-rhel9@sha256:78fb8099fe014819c7bc422de61f92986f8068e3e6a06ae666bebfb4f5d90f90 |
| container-native-virtualization/virt-artifacts-server-rhel9@sha256:5bb8fe7f9ef74ac8052f136d73b60ee694b8f8fc4c35162451ebe0fb322fd9e6 |
| container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:6bf887a04453cb84a7c0744df7e17b7b9ab3ad44baadad21fdeaf498366635f8 |
| container-native-virtualization/virt-cdi-cloner-rhel9@sha256:b03bf552e7afe5d2994eae5b62462e2f761b9f38d0df2dfda832cfa21afc3b46 |
| container-native-virtualization/virt-cdi-controller-rhel9@sha256:50299f21c155f3d8ca6298230aafc34fc03fddde35c004e6af528a2455eff8de |
| container-native-virtualization/virt-cdi-importer-rhel9@sha256:e01570b8129f56086544cb3c0e2f016ac89715b8f64a4530036eb03dc7c008eb |
| container-native-virtualization/virt-cdi-operator-rhel9@sha256:3a72b9dfe8ea562bec9934beca0d80b5e350e6d0035e74b5b28c3cc1be34091c |
| container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:635e222302aa3c9ff9eed7d1de03c7622b30d07ee0bf2d5c8628e8fbc4324d1a |
| container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:c2bccabb2db8b4f4e08c8f0c232a7320662390f286de769f9c76fde9c0968728 |
| container-native-virtualization/virt-controller-rhel9@sha256:16649d3fe495284d1107ab29abd678441ebfbb51295f503a8844dbab0022224e |
| container-native-virtualization/virt-exportproxy-rhel9@sha256:3c092f36a42f714d70d4b0eec329c88becd71a29fe9416541b0d9eea48d22e7d |
| container-native-virtualization/virt-exportserver-rhel9@sha256:ff73f214788ff58745135454c7701444ac29fe57b9b3e116df15470443aa010a |
| container-native-virtualization/virt-handler-rhel9@sha256:7c693c85aa6e4d570544f8ed2670ae54cf795dd1fd9e2c7b29110b9758ec456f |
| container-native-virtualization/virt-launcher-rhel9@sha256:ab4632c2c755e61dd812b01499b7eaa281bea25265d43179730919c913112bb9 |
| container-native-virtualization/virt-operator-rhel9@sha256:778849b13484991336d35690fbcefd09242137ba1a541f70914ccda264d3aab5 |
| container-native-virtualization/virtio-win-rhel9@sha256:c6cfda129dce20427672be1a16c887de5f87f60e17df9f36248f52c14a266b7f |
| container-native-virtualization/vm-console-proxy-rhel9@sha256:47f5bbf5fdfbb79d1aaaf7b30629e8c3e601a505c86690c4d950ba7ec5d0bc40 |
| container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:31ef5365fb5a3f8e6660cf976c127733d549f385c7d146bb0bcaf1fb5b3e260b |
x86_64
| container-native-virtualization/bridge-marker-rhel9@sha256:7a8c5cb9a2d181655afdcaf5ee03e73cfb19cc5aa48fa83141b0ec23fd15479c |
| container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:73efe44afd508b223523d6685f7e2da6eff256e7bf396dcb791a9ec0f1e7b683 |
| container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:7b38384488e4c21fe71ccfa04d05da97b7f8536576313d673cb226d9b60e7ebf |
| container-native-virtualization/cnv-must-gather-rhel9@sha256:55959ccbf537de95f356bfb866d0e94132c1a1f202cb62a14418b50cd4ea2792 |
| container-native-virtualization/hco-bundle-registry-rhel9@sha256:af63a779a48897bb0a72070dcce26174696b6ea50e2bafc129745d8a57005c29 |
| container-native-virtualization/hostpath-csi-driver-rhel9@sha256:7bdbe06d810af21ff028bfe466b372578a3aa5b2312fbe883b02f12a887c284d |
| container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:03c178c83c0aea8091ed4122fae030febfddd6422d15d7dc5df19ddd08a70907 |
| container-native-virtualization/hostpath-provisioner-rhel9@sha256:254f6b5aa19be44e492c57eac47874fcc332242953c923753de317c90dcb8c96 |
| container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:aac94783f1fc202506bca64f8e85cf964e7751c073cf7f1210864928f74ced6f |
| container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:8bb87dd1cfd8bc5d922a8716ac623a2d4b340da95c4aaf51eafab722a684b94e |
| container-native-virtualization/kubemacpool-rhel9@sha256:fa52bd6689370d0ed46ad57bf33680f349c7c6348acced6d6d8a49ed064d8acd |
| container-native-virtualization/kubesecondarydns-rhel9@sha256:c96e6a66f612c2fcfa71daba2134874282d0fbdc94f037c50a82ab5a18f1abd9 |
| container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:bb9622ab311b1c5517fd674373fd9ea8a6a934551820a9d64f645732fd18f459 |
| container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:e2f2f00a19444062091c8187dad71eff592155d3c568b6604b3394d1ac6f07eb |
| container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:13f9b9c2e36aa67f71ba9ac08684072714118b4e8350db376e98c83845b31bd0 |
| container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9@sha256:a12d2f9b2f85615ac1997b9e037afda56ea005fd14037cb12dd3176170c85cd0 |
| container-native-virtualization/kubevirt-tekton-tasks-copy-template-rhel9@sha256:08f3e00b455fd109a9a8a8fbb76890a86af80d7f46f10dab5c07b3ba20cc196b |
| container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:6798dd6e67cf7d6b9566869e086cc8b23a62e2c3f1b616793acf2a456f3d8468 |
| container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template-rhel9@sha256:bb3a8ec2b500d07f7acb65be52ea3687e37f26e4b9f90af8d765bc88fc09525d |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:0a5ad7e9d9ef1ec0809cb0e69814087de930f39830d7bbeff2ef7c545382e5fe |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep-rhel9@sha256:d9da9b41f046485f2066695935827a30a7be0db384fbc07a5449abc26f577ae8 |
| container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:191a138401370cc59ecd78c94758eb02ff606454a7ecbe90514699cf5b016c56 |
| container-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:0cebe01a9941036a812f97ff27d919694e1dd8acbba87eb2c9876eb03535e4ea |
| container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:8c94db93bb9a927357e61a58b57605c923c61d46987b928aab9915a9f8971a6b |
| container-native-virtualization/kubevirt-template-validator-rhel9@sha256:2f4ffe6bd04fb7f7afb3e0c7acfbb154003b758550459fa9000cee6c78bb8826 |
| container-native-virtualization/libguestfs-tools-rhel9@sha256:dcf2209734f4f48cf369cb19a731e98f91919b109b304c8a56509c6569a52f0f |
| container-native-virtualization/multus-dynamic-networks-rhel9@sha256:dbc4543ab5909479e5a4ab24eff11a35c65c3ce5327081aa1d57a9f718cb6de0 |
| container-native-virtualization/ovs-cni-plugin-rhel9@sha256:0198b1de73184e4676790862b3dddeae8021283512bf81f50abb320a1e64535d |
| container-native-virtualization/virt-api-rhel9@sha256:febcff6ac696bda3a8d8d89443702ea97d50eefc3fa7eca55e0f47cc6e00909d |
| container-native-virtualization/virt-artifacts-server-rhel9@sha256:cc5c01e84c800b9cd74a788b5410c8d5a7fe89246c1fc80541edbf2949ba3f86 |
| container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:edc3b0ec61318157ee3c17581c3c1f3118cf8902832dd28c49ae7ad45ae71cd0 |
| container-native-virtualization/virt-cdi-cloner-rhel9@sha256:1425240abe59acf75ff314e0f3005eb50bb70fd68b72cc792cec8fb88a93bdfc |
| container-native-virtualization/virt-cdi-controller-rhel9@sha256:268a60f25c69e0b64fec59bbbe51c5a63626449e371c140b80bac131a404a736 |
| container-native-virtualization/virt-cdi-importer-rhel9@sha256:40ffde76cf4195a8573fb49e48fbaec62dd1786dd5d52857737ed0eddd27a396 |
| container-native-virtualization/virt-cdi-operator-rhel9@sha256:5235f8e6ae6b9239405cc19a2d6d9f3e8dba240e092d78f166200d62e8326df3 |
| container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:77b82ef52ccb6b70056710da4bffdf9a3436ca4291f61bf13d61f5c0d3d216e9 |
| container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:e7ad1ec04f37cee55bade906be4845d02e79b2a8c8764af427ce0372c42d159f |
| container-native-virtualization/virt-controller-rhel9@sha256:3bd4c4263f53b14f3f4249ae1c22d5ddbaab4d0faf2de7b3a6c4b999cdd4707d |
| container-native-virtualization/virt-exportproxy-rhel9@sha256:66aeb594f9c025db4953badc04e4d0ffc092c75d6b87d57e3f38fb680c468df0 |
| container-native-virtualization/virt-exportserver-rhel9@sha256:e2719ddc698ce8e07a23307ef5dd23cfb7489b645f0022a0c4c958a43d1ef0be |
| container-native-virtualization/virt-handler-rhel9@sha256:4ca05944ba113748633c5dfd37a2bd2ea63695ac23dd2dc72cfac868b536b4f2 |
| container-native-virtualization/virt-launcher-rhel9@sha256:19248e93dc1b75c1d627193e6fe13b1071674879792663e68f958651e889d09e |
| container-native-virtualization/virt-operator-rhel9@sha256:a4158367bb21c75ce4aad9306abe3c8a95797428d941a9d6b4d9562fbd280280 |
| container-native-virtualization/virtio-win-rhel9@sha256:8755df3c22f2712a583bfe2c11ce7500cd0f33a3f5ce59cbb56c517fa2ac2739 |
| container-native-virtualization/vm-console-proxy-rhel9@sha256:c7267124fdc6945b2ee84180e76d9baa0c4b15c987d32998532420c0fa891bcb |
| container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:afc690670e69a06464c5a0fcd5ab598450dc5c279d5f54d38d579dea04fdfc27 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
