- Issued:
- 2025-01-07
- Updated:
- 2025-01-07
RHSA-2025:0048 - Security Advisory
Synopsis
Important: OpenShift Virtualization 4.17.3 Images
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4.17.3 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Description
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 4.17.3 images.
Security Fix(es):
- golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Container Native Virtualization 4.17 for RHEL 9 x86_64
Fixes
- BZ - 2333122 - CVE-2024-45338 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html
- CNV-50452 - Setting secureBoot to false does not disable it on VM with VMCP
- CNV-39213 - CDI volume cloning expands sparse images which results in wasted storage space
- CNV-52434 - [cnv-4.17] New migration overwrites older VMIM data
- CNV-49568 - EBS io2: can't clone a dv Filesystem to Block
- CNV-50914 - UI crash when viewing VM network details if the VM self add network interfaces
- CNV-53960 - [4.17] PVs of the prime and scratch PVCs are stuck Terminating
CVEs
aarch64
container-native-virtualization/aaq-controller-rhel9@sha256:6d79f821598a83c8fddb2b9c374ce5581c368dd822ab0d71e1d27fe401fe677a |
container-native-virtualization/aaq-operator-rhel9@sha256:b3d427f02fb1623163502b47a02d6a89bce38779752eb071e4e6630df4175a5c |
container-native-virtualization/aaq-server-rhel9@sha256:b13826d51509e2b0b5b6045fee215221e96bd33d4d541a614cbae0b0b7f47537 |
container-native-virtualization/bridge-marker-rhel9@sha256:2106bd46e5a367b160498dd98471faf8a1ad863f3ab8edd9f2430501565ffb3b |
container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:5094f561e06816b860c5db674b6718435893ab361d5aa792b0de73f7928fb7c4 |
container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:358a0d79d82251f38cfe63009393d4c1097efb2ed808bf77cf83ad078e0e9b0f |
container-native-virtualization/cnv-must-gather-rhel9@sha256:1e3ccfd4a1adaa03061e1a5a66e78be630c7d55bf66e90cadf846b0536eb6295 |
container-native-virtualization/hco-bundle-registry-rhel9@sha256:a70eab181589e48d5a1f84c0efd3cbe5d285a818b1884675ade1daa0a00cadc1 |
container-native-virtualization/hostpath-csi-driver-rhel9@sha256:06a17a7217c9ca87054dda956fea22dbaaa55f00cfb5c37c7b4db5e16866c4b8 |
container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:b753935e79e571782568bce66d28f9e6fa823b20de2a27b35607f880e7438d20 |
container-native-virtualization/hostpath-provisioner-rhel9@sha256:18f32d75ae52344d06d26ef973ba0d3a46ff1a3dd1adef6c69fab6e740462351 |
container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:07e43f8982eedf782359324919b7241daf82ad5d64d3a8866fd65c2d8d4569c0 |
container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:f41cf0bff2d5db2102d829d5fe7ce16c5d3d0454610afb14de42a820db824fc7 |
container-native-virtualization/kubemacpool-rhel9@sha256:b1d7371658df9ef066132509b0b088d2e812fed100d10a6246bf1497db452979 |
container-native-virtualization/kubesecondarydns-rhel9@sha256:fe4af31f8dc528682dbd6f6d2542b24d8c24487a570b8fd7c388680274d3cef4 |
container-native-virtualization/kubevirt-apiserver-proxy-rhel9@sha256:f0423a4d0b5a3155d2d8beca4855dcb6d78f9c53f581199abf4eb9e7676a97fc |
container-native-virtualization/kubevirt-common-instancetypes-rhel9@sha256:ba5dfa531bcc26d9225ba6d675d489949b01c082b9d8e64b8cd290a077bafd4e |
container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:a126325911946efe8dce8b3695b764cbd3e71102a664f9641c8f6bae0e75804f |
container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:c10b33fd03da5f09713aef36e00a2615e39cc935f70ab37654e9846e5152baf0 |
container-native-virtualization/kubevirt-ipam-controller-rhel9@sha256:c7aa29bc91d54e6d67389d8a7539d0f1e51ddea0891096a325069a287b27fd55 |
container-native-virtualization/kubevirt-realtime-checkup-rhel9@sha256:92286f410b8c7b5f01b78186d53ee9ef28251fc528b00fddbe2457ceeed86261 |
container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:5d9c86f483f2dcb24133f9389d2d5a87f451729be1a340f49685eb71607e4ded |
container-native-virtualization/kubevirt-storage-checkup-rhel9@sha256:1f6fa705dbbc2cdde65e2cb690f72d89bf67f9159a184a388dd30a3243213120 |
container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:713fd2a1a24a2ae4b50b73bb767abb2c2b4c8377c8c27cb019957f79a7f5f23b |
container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:69c345ca2bc142997321543ba545fbb56cb601e6934a7c3f751e82f3406a3dee |
container-native-virtualization/kubevirt-template-validator-rhel9@sha256:25a6bcd0ee14dced2873d9b9051c76d71de2445e0e75ab744c2739afa65270dc |
container-native-virtualization/libguestfs-tools-rhel9@sha256:ebe38cd118e8f10aa89513ef08b2bdf34dc2dbdf09c4bcee705b0f20b244bfab |
container-native-virtualization/multus-dynamic-networks-rhel9@sha256:2e7cf0f142dea63c19932715d82ddf07ebb27de577a4fd1de5da7333ec09562f |
container-native-virtualization/ovs-cni-plugin-rhel9@sha256:4c138ba70e173d9af112ffc459d91cd78cc2d52479ea54fd9b111e9d380cfad8 |
container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:7db31a5389585a148343a31736fbf8818c2eee107e3d72f8c286d1b9876d7f54 |
container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:f45921310c5991610d6fd93ec054cdcbce782b497807078fc6498f741d2c2131 |
container-native-virtualization/pr-helper-rhel9@sha256:c92baa1f9e9d54d28975f721bf891494446756d1ec471b5da882a14e43c18a88 |
container-native-virtualization/sidecar-shim-rhel9@sha256:0908b2a7072de75ab2310606813c328290b2fe692aef07954ec4f44c9b1c52ee |
container-native-virtualization/virt-api-rhel9@sha256:c82cca1924d079eed604f2c18c8a2315cff82d268cb10fab8bcbdd16b409b1ed |
container-native-virtualization/virt-artifacts-server-rhel9@sha256:8509ddde2952975996ed2d66ff3092e3c48c2207ecc1822f09f742232bce7d81 |
container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:126883caf139b65ec4d399fcda86bf4bdc384f4d7afd2e507370d0f5911b439f |
container-native-virtualization/virt-cdi-cloner-rhel9@sha256:59f6e344445e9edc5d9c8752517aba2fa9b9eba98cc895b1c24aded318654ead |
container-native-virtualization/virt-cdi-controller-rhel9@sha256:edbc6d0028f02b67719c1a7d34f8a77906b51862cb8eb6e9681885a919677f54 |
container-native-virtualization/virt-cdi-importer-rhel9@sha256:966fbec8180eb4021e30f5399d9dba5bbc0eb690bc2cc663b88c62862402d274 |
container-native-virtualization/virt-cdi-operator-rhel9@sha256:a10aafcbfe82da8f5121630a1770395dd0070f447c7394e7c439303e486073df |
container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:8921ba711d47e3e18478fa9529c0bc737a50ccde21b06512001ffd9b9a73f3ff |
container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:f6de5eb94345111a78fe54b0b68eeb4a64873f8ad0d02fb63700052d94cb6c87 |
container-native-virtualization/virt-controller-rhel9@sha256:cf04cfa75451109ec2e39ec5eb44b676a22d4937a1c25277d1ab68f627992d7a |
container-native-virtualization/virt-exportproxy-rhel9@sha256:0205b95d4a03efeca8a13a72070c7b7824f547e739d9bf78dd57f969c5ad8b6c |
container-native-virtualization/virt-exportserver-rhel9@sha256:e2ba85afe9986a999b2a4a25cc23463148c0e94a1e8c9ed5c17a00e4521f3a3f |
container-native-virtualization/virt-handler-rhel9@sha256:5f3aaa96514b2a4c4af28af9966554e9080a5cbf06ca87ae766b29043b6c2d77 |
container-native-virtualization/virt-launcher-rhel9@sha256:1acfa733ffb0805e90fc5d9927abbeac5ffa8bc0a5e7c268d95309bd28449e60 |
container-native-virtualization/virt-operator-rhel9@sha256:5b3530c97e9372a24b75258d503fe18fa96855e8e43c10e4d748b71075f4756f |
container-native-virtualization/virtio-win-rhel9@sha256:fd1f0e7ecd9c06d758276f6326d0b803be164541cb57795f792a0f60fc828c78 |
container-native-virtualization/vm-console-proxy-rhel9@sha256:87ca8ff8758e87c0ed800aa6e7e298a622e9a0e96b85c863d6e73091a6c8bee2 |
container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:2e0cea0a2ce448703649749dab1407a0c9766aebb4d46350e430bf2c7a37c35f |
container-native-virtualization/wasp-agent-rhel9@sha256:4e076da4731976c7ead74be27146d204425cdfed7ab8e0897e38674e7b5221c8 |
x86_64
container-native-virtualization/aaq-controller-rhel9@sha256:cc3b097a083d3265372704174de2f226e7e4f7c5b6e752038b5347e0b46cff6f |
container-native-virtualization/aaq-operator-rhel9@sha256:7d74e64cd3c4948be5f87790f9d24b88cc9e6958268f4d84479fe9b1318943e2 |
container-native-virtualization/aaq-server-rhel9@sha256:9435ad6589bd35972e63b13eae8f5a229a1293655cc9af47988db33f51a3f4d2 |
container-native-virtualization/bridge-marker-rhel9@sha256:5d53db4e9c9c99737daa814098a98c9047908b82c6edca6d14ba44950e20f90f |
container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:69e0c1f26f9155be9086e15adc0f33d3fd3107ced1b3444a7afb216d5e040a77 |
container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:4c53479e1d1b445554ce32974971e711530e960995c916348780bc14bf448cf7 |
container-native-virtualization/cnv-must-gather-rhel9@sha256:269a9e78959373d31724016bba0b9bf1c9b874268b718daad1ab7ce730784183 |
container-native-virtualization/hco-bundle-registry-rhel9@sha256:ed79a543749c28e8145630bba509d0cc234ac217e0078c0e0fe50dd66239356f |
container-native-virtualization/hostpath-csi-driver-rhel9@sha256:faad8963b607e473f6c988a715cd6450d9515cdb489c28b01a393da53fce13d3 |
container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:38aec192c37020ef9ad3fab341ce710708c3c5e6fbe7ed9aa160f0e9bba91c12 |
container-native-virtualization/hostpath-provisioner-rhel9@sha256:cce485a29e32f46df7ce123cd098f771b01c9423820b6a67e030316cc4473756 |
container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:c0cfca9d6a3452f87378724657438ce2bfd3f95dd1cf920f4f072df3dce23dd5 |
container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:361ae99ca98c06f6e7a4c9ad67564218428f1c5af751d32c35676edded9ab4cd |
container-native-virtualization/kubemacpool-rhel9@sha256:6d24f32c76961931fa54aa408281a259036f643fee1f379346d658d41556add8 |
container-native-virtualization/kubesecondarydns-rhel9@sha256:b8fee27947cee0f203cdfb4ad7e133926e2644196db507972fbb4cd942a1cb6a |
container-native-virtualization/kubevirt-apiserver-proxy-rhel9@sha256:306ae66d62b9420a197f618500c004aabeef34dc7f4d33a9e9607527feef52e2 |
container-native-virtualization/kubevirt-common-instancetypes-rhel9@sha256:7015342422b3012306ae866ecc5d108db894619718a51eb1aee18a343aaac27a |
container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:42b8f88d39ae343555d1f71bfac44fbbe64eaba04db16c053a5f52e7845f554d |
container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:fad2812ac06011ba2919e9e11ac0f68301ab933b1761079717735463cc71fab7 |
container-native-virtualization/kubevirt-ipam-controller-rhel9@sha256:c03c9b5dfa7ed9b58ef447963cf559d45d1999568b6ff0a753a2f7a6cd2eeb1f |
container-native-virtualization/kubevirt-realtime-checkup-rhel9@sha256:f1b5deaef13b1e50b43801e04d8acfd4b36c4d6bde26caccd0016065c14923cd |
container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:3ebfb2825f1f7269903ba101643aad70788bde5a8e9891dc41326a10126a4b8a |
container-native-virtualization/kubevirt-storage-checkup-rhel9@sha256:61bee8aac0d8e6921eb6059e2aef54c6ba7f4a4abfa33423a8d6f82841dedd85 |
container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:5ade6d0da1c70e379a82df21615ce84af42d15060e905ef22d3ad2114d6ceb40 |
container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:85348d6657560de115709892b22646098f3e8e95f0ae82bf67b3a456f0b64eb7 |
container-native-virtualization/kubevirt-template-validator-rhel9@sha256:bd9836493cb983cb9d7736eb33b38df14388f15b45cd0ba964eb176390a0e4fe |
container-native-virtualization/libguestfs-tools-rhel9@sha256:96177000cd33377b92c9c2b0d1cb561ae0152c83f41f0c5bfb9bf2e3babb5064 |
container-native-virtualization/multus-dynamic-networks-rhel9@sha256:e682611f2cf159e549a4eddacb9f7b088406f50745d50d2380c5174f5c3f7cce |
container-native-virtualization/ovs-cni-plugin-rhel9@sha256:bb362c216f1f9c18efd717e75786da6be48c95abe1392d052121c871e6937348 |
container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:8d69d1e7c967f3a8c897c739528a530a019a4f2425304c08c82006df8ff339d9 |
container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:99677656d1699b36d51619513b8e155f2bea4233de08aa6203a0c9f6323d571b |
container-native-virtualization/pr-helper-rhel9@sha256:cf97407bf35e8469373e2d46bf4b35ccf1f4a162d8b48f269e0ef72ccf2e9f63 |
container-native-virtualization/sidecar-shim-rhel9@sha256:1c435b810d2da9ee6d5f7b1d8379ab503e6f81c1f4f13c1f939feecdbcc98c7d |
container-native-virtualization/virt-api-rhel9@sha256:09955bf0ebdefd66bdd54bdf21869bb0f35add5bb6f262546f76c1abac3f5edb |
container-native-virtualization/virt-artifacts-server-rhel9@sha256:a9aa6cc7ab38454dd56c31bb4e5df39d16d29833c833688ad814511f823e8974 |
container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:c8033a522b045aeafeb7f1e251e52fe3c40bdbdd574053cea1248056a056b938 |
container-native-virtualization/virt-cdi-cloner-rhel9@sha256:1d178411341f4ddf53686350b426edd56c7e31157c969a46786a948e2cb1755a |
container-native-virtualization/virt-cdi-controller-rhel9@sha256:062a5640f35c0178b0c78b06fa1d4c3b7bbb4d9578d7e644e7dcb442332a1f3b |
container-native-virtualization/virt-cdi-importer-rhel9@sha256:9ec0add3ced4ee498d40bd16550a7e759cb11f08b4550294920a5562b66c1c9b |
container-native-virtualization/virt-cdi-operator-rhel9@sha256:22fe4d798a8cd6767389fdb80633a2b121c41a65e237e01c3535d74aa15aa7c6 |
container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:164a889bae91932f9472fb7b3d868de45bf95631661cb9e9bf4d195771ba98fc |
container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:284caea0cc937247e8d2a60ed53cc814102afba6d024c05fe6dbd079e9e88421 |
container-native-virtualization/virt-controller-rhel9@sha256:50239466241c953c9369187096b8f4fb328d665e392ea894dbf42856acdf397c |
container-native-virtualization/virt-exportproxy-rhel9@sha256:26ea3aab3ce2324a0da5a450c45e73ba61fa7fdf3f96d0e90b98776b28965f4b |
container-native-virtualization/virt-exportserver-rhel9@sha256:03bc2ed763856281f32e52991e62d890376094ccd4931fdffc8e4c88c61f1d46 |
container-native-virtualization/virt-handler-rhel9@sha256:01b51f7186db55d1b890dc37f77db56d824ff21867c45ee47d3950410e75eb1b |
container-native-virtualization/virt-launcher-rhel9@sha256:a409561cf4cff7c08acb6f7914839780a5963843e4af82bbd3d993616d21d857 |
container-native-virtualization/virt-operator-rhel9@sha256:4b4edc5f0067cc8c58fe60c12d50778727e357208ef65ec6f0500fb50b58664b |
container-native-virtualization/virtio-win-rhel9@sha256:a765caab7ccb4ea5d1c2c3f951fa50380a649e4396c77b81b3c5e422923fab65 |
container-native-virtualization/vm-console-proxy-rhel9@sha256:3773ae1ab1b8df8c0866abd2a7a0b932233258b1b45373a758efc428a69eb47d |
container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:df2f1cb82c7c5161d29dd8ea5ef086c6c3c82af00bdb1e846161c0de6acbcaa0 |
container-native-virtualization/wasp-agent-rhel9@sha256:749eb94ae92fc6e8984e24e748fa9ae8f02dcfa7b5dcaeaa16c67db890994362 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.