Issued:: 2024-07-02
Updated:: 2024-07-02

RHSA-2024:4272 - Security Advisory

Overview
Updated Packages

Synopsis

Critical: Red Hat OpenStack Platform 17.1.3 security update

Type/Severity

Security Advisory: Critical

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openstack-nova, openstack-glance, and openstack-cinder is now
available for Red Hat OpenStack Platform 17.1 (Wallaby).

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

Description

Cinder is the replacement of nova-volume in Folsom and beyond, use d for
block storage.

OpenStack Image Service (code-named Glance) provides
discovery,registration, and delivery services for virtual disk images. The
Image Service API server provides a standard REST interface for querying
information about virtual disk images stored in a variety of back-end
stores, including OpenStack Object Storage. Clients can register new
virtual disk images with the Image Service, query for information on
publicly available disk images, and use the Image Service's client library
for streaming virtual disk images.

OpenStack Compute (codename Nova) is open source software designed
to provision and manage large networks of virtual machines,creating a
redundant and scalable cloud computing platform. It gives you the software,
control panels, and APIs required to orchestrate a cloud, including running
instances, managing networks, and controlling access through users and
projects.OpenStack Compute strives to be both hardware and hypervisor
agnostic, currently supporting a variety of standard hardware
configurations and seven major hypervisors.

Security Fix(es):

CVE-2024-32498 OpenStack: malicious qcow2/vmdk images

(CVE-2024-32498)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

Solution

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat OpenStack 17.1 for RHEL 9 x86_64

Fixes

BZ - 2278663 - CVE-2024-32498 OpenStack: malicious qcow2/vmdk images

CVEs

CVE-2024-32498

References

https://access.redhat.com/security/updates/classification/#critical

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 17.1 for RHEL 9

SRPM
openstack-cinder-18.2.2-17.1.20231011140829.el9ost.src.rpm	SHA-256: 0d7fc4935116f727a27013ca59c66f5e6a6e552de3721493197d5513725a7e00
openstack-glance-22.1.2-17.1.20230621071326.el9ost.src.rpm	SHA-256: a2b5928adac34ece583602b6c85c6ee2d75dfe972ae9848677ea0426d57f98c7
openstack-nova-23.2.3-17.1.20231018130828.el9ost.src.rpm	SHA-256: 997f136502ab6a3a3c5cb3b0cbc46507d412af5ff796de1c49e852567a447da7
x86_64
openstack-cinder-18.2.2-17.1.20231011140829.el9ost.noarch.rpm	SHA-256: d0761c07921a68825e312b28ae85b8f1030280e10316299ee437bad3625928c9
openstack-glance-22.1.2-17.1.20230621071326.el9ost.noarch.rpm	SHA-256: 2ef4ad0ae840350d3eb1509e23c6350e412b5da9ee9aaaab890b0a6672c8a33f
openstack-nova-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: 3f315524d64a121cc4d740ce86256c8350693ff39aef424114331ced430aa960
openstack-nova-api-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: fcb49f32c7857cd714350ba0b3e1330d65a2b1bd30ed1ffa59942c14f4ec9680
openstack-nova-common-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: 6b7fd1856f17af07979f8b9eb56e529b1cac949316b4e71604fce85f2898559e
openstack-nova-compute-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: 91840a54c33a04376ce81c05284412ecd2a82a93cfd229f47fe94095fcd0fe10
openstack-nova-conductor-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: 8b0a35159bd82c8fc82ffa1fec6d3bd4ea5082e0f1b87501855aed97ba3df177
openstack-nova-migration-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: 02f18a7f78ba1ab089810e45781fe62bb6c3ec59275c6d083b9cb1f2c1f4b65c
openstack-nova-novncproxy-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: 1221deca5be624475663b5597f92d9406f4a85d3bbf7ff05b6bb7fc2dd1e46fe
openstack-nova-scheduler-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: d349f624ea11a82b6cca1bb868a607d82e58641920aa9477fd312c902ae92b28
openstack-nova-serialproxy-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: 1eb3b60c24e85dddc0e68f1351d2d30e862a8ddf8ad18fda3920b71dcc668568
openstack-nova-spicehtml5proxy-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: 0296bea551ed2aaf95a5aedf72e30cba4a03aa240673716d30690dcf0147d5d3
python3-cinder-18.2.2-17.1.20231011140829.el9ost.noarch.rpm	SHA-256: 7f391e2b0b1a7f32a8ec41401d6186d737d2e4c9272bbbed04c87aaf559ce753
python3-cinder-common-18.2.2-17.1.20231011140829.el9ost.noarch.rpm	SHA-256: e26be04793be56c0f846ef9f309491cd3f4f0f6ffafdaf0f92ea1f1d9c43600d
python3-glance-22.1.2-17.1.20230621071326.el9ost.noarch.rpm	SHA-256: a4807ae8d1dc66fc782b272fa3fe55fb3b96ca8e910b384bed91bbc7d9b33416
python3-nova-23.2.3-17.1.20231018130828.el9ost.noarch.rpm	SHA-256: 3f563f15345220735e3aff5253d4d1263153b071cecdc618fb0528bfb5633137

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation