- Issued:
- 2025-03-11
- Updated:
- 2025-03-11
RHSA-2025:2658 - Security Advisory
Synopsis
Important: OpenShift Virtualization 4.15.9 Images
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4.15.9 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Description
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 4.15.9 images.
Security Fix(es):
- golang.org/x/net/html: Non-linear parsing of case-insensitive content in
golang.org/x/net/html (CVE-2024-45338)
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Container Native Virtualization 4.15 for RHEL 9 x86_64
Fixes
- BZ - 2272951 - CVE-2024-31420 cnv: DoS through repeatedly calling vm-dump-metrics until virt handler crashes
- BZ - 2333122 - CVE-2024-45338 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html
- CNV-52436 - [cnv-4.15] New migration overwrites older VMIM data
- CNV-54248 - [4.15] User defined labels deleted after Priorityclass change
- CNV-54608 - [4.15] Storage checkup failed reason is not consistent for pvc and snapshot source format
- CNV-55279 - [4.15] Add Support for AIO Buffer Configuration in Warm Migration
- CNV-39708 - [cnv-4.15]Update Windows-11 templates to reflect TPM to be persistent:True
- CNV-52440 - [cnv-4.15] Target pod requires a longer time than needed to go in succeeded status
- CNV-56875 - [4.15] VirtualMachineCRCErrors alert should fire only for clusters with Win VMs
CVEs
aarch64
| container-native-virtualization/aaq-controller-rhel9@sha256:1093f0dc6c9b9c41fe6adf8ac3e90b2a416f8e4acfb4db9528f57fc2e470f6f2 |
| container-native-virtualization/aaq-operator-rhel9@sha256:1d12c39cb4d34dac1c98adc326c1016717efd245b452b2693d1c725cfd25a8cf |
| container-native-virtualization/aaq-server-rhel9@sha256:6ca50f572d8f57bff2c3539d731d21051ec74662b26a5391d30159090c6da82a |
| container-native-virtualization/bridge-marker-rhel9@sha256:a98a6b3a7b21500f89fd4f9cb7f1ec9c9499a470eb65ac769a56f380564284fe |
| container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:35a848f67c471e04275d19e3481b0b42dff6e1a0c8d29275b8648315f38f0f46 |
| container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:5ee77b8c763873e9fb1dec0071f4515a45c021de6fb040ecd3c67c5694a9c668 |
| container-native-virtualization/cnv-must-gather-rhel9@sha256:1970f41af9a6e58241a0055a94ac5136a65c18e31bd97ff57a22b706ba4bebe9 |
| container-native-virtualization/hco-bundle-registry-rhel9@sha256:fb1891016fb365a830f910816473c7ebc3a92c0d2f5c92c8a174fa24082bd8c5 |
| container-native-virtualization/hostpath-csi-driver-rhel9@sha256:65b7923b5039d38347385e207fc0379ce712ebbf1b3fbbad823880e786753cb0 |
| container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:f3691040624e4a75319d3048d75d39f8c094ec45a476ba9596fe503349ddc367 |
| container-native-virtualization/hostpath-provisioner-rhel9@sha256:a02a09dd591e539530f4d87686538e76e7f48c0b7394241998fe33f1d3798799 |
| container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:c8ae94c28b56a7a72f2fe249df5944b5a56fa7d10c65b8a5a0016d241c8eb1d7 |
| container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:3d9077839a3d626f807d2132c9d081a2e27f40a07463f868a76c821c79d67c2d |
| container-native-virtualization/kubemacpool-rhel9@sha256:f148d1e2b8954feda6f101cdfb367f9d974e3ce409f2e6ce98c1ae6fec30cf15 |
| container-native-virtualization/kubesecondarydns-rhel9@sha256:cee6458f6a25b2e8d61e8f5d35124592cf664310aa9f05d0330f219ba1c39591 |
| container-native-virtualization/kubevirt-apiserver-proxy-rhel9@sha256:3847550beab6b7425936ca90d00d99ee7d1e5419dbb896a48c31e294a9e31e70 |
| container-native-virtualization/kubevirt-common-instancetypes-rhel9@sha256:3a634d57461c7ea3e0843aaddc02a121ff5b113f1b50883f060b326fb790f2f6 |
| container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:4b07bec38c6d43cd717bc03dbf8fe7a3f277f7a1b0a72e1f968211785a42ec44 |
| container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:7d326b7c1286699350ec09f067b61030a7a3f5f5ca02e43e739a1c70f9726613 |
| container-native-virtualization/kubevirt-realtime-checkup-rhel9@sha256:23776b581d794ea54367dfd946ea55d6f38b78465b4f838360b83c968b3ff943 |
| container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:09a598c79211c13acf6edf7ed290b6d94ec91d54aaf1072089659773fc16b1be |
| container-native-virtualization/kubevirt-storage-checkup-rhel9@sha256:c9a02d13f59ce481931dc8b2747fe9be1b5fe576c7e675a5ebfe9a76202ef1a6 |
| container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:72eec546eb1490bb95b02806c22ba31bec7325d6777d868a7e167f1ac36564ce |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:034fe02f082a6afe4fd629168405cc19808de845a92fa0e7472719d196e5b6ea |
| container-native-virtualization/kubevirt-template-validator-rhel9@sha256:1e561a41c65c72976ec36bd7d625ad4a4dcb93bfd5b9c7ff2cc6a4862f03d17e |
| container-native-virtualization/libguestfs-tools-rhel9@sha256:cb2f4154585c5d0d110599db634db41f9af06ef710c236e55372443ce64369db |
| container-native-virtualization/mtq-controller-rhel9@sha256:9f084bd19aa7b9a03b7ddb962d2131709eef52d0245e95ef54b43506f00f563f |
| container-native-virtualization/mtq-lock-server-rhel9@sha256:66197731f33044ff5806d97bdd5674314967946296f38151d320746302b0d073 |
| container-native-virtualization/mtq-operator-rhel9@sha256:583d20c3e6898692b57ad838dcae5a993617df738e14c05395d28e572406dd49 |
| container-native-virtualization/multus-dynamic-networks-rhel9@sha256:8006a1c107071f2a0c669312312a8dfe4346d847f7b92aa5c9451c1cdb7bff60 |
| container-native-virtualization/ovs-cni-plugin-rhel9@sha256:733e5c8ed03cbdf068841d7ba7326def7d98bebf4124135ab6c3eaaf018832fd |
| container-native-virtualization/pr-helper-rhel9@sha256:ec9528bc59482284655fd69c4eb17c8920da62df9d8487b926df8d6d489efc75 |
| container-native-virtualization/virt-api-rhel9@sha256:abd82eccd1834ea6b90dba542b1af04d9e8222d5a2023eb421fffd9ad59a6470 |
| container-native-virtualization/virt-artifacts-server-rhel9@sha256:4e7fe215779de396c6ff225a880903ccdded999f40ab3f098ba1452491e4ecf8 |
| container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:b27c4157eec8cc1ca8c2ac5e0367c4ed97138a5e359299380a8ad2ce201d4ac1 |
| container-native-virtualization/virt-cdi-cloner-rhel9@sha256:cfdd5eac7d7c12c8ee6525fe0dd79de0c8efe1a83c9cc666cdfadd8be3724bbd |
| container-native-virtualization/virt-cdi-controller-rhel9@sha256:bdd932dc82fa4857b4fd7be7b79776b5d457071d635254bbfe4d4fb2e42c07b0 |
| container-native-virtualization/virt-cdi-importer-rhel9@sha256:d23e6d3feeb2826083f0ba72d62cbf3aa307080dd84f333f2c56aae850a1ce6b |
| container-native-virtualization/virt-cdi-operator-rhel9@sha256:3621bb75b3b7cbd77269354b5dfd8e4907ebd9e7b8669624d97287d67b01c2e6 |
| container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:45a2c5606ecd3af871ac2b6adf6aeaa170483708afb7e307d7b93fe61537cdd5 |
| container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:97698168c673209b17d041c075f42369d55a0cf53d90a1ed6a3647340d7c5448 |
| container-native-virtualization/virt-controller-rhel9@sha256:9c317830aac34b075816abe25e6cc50e15c6fe074703c9e9ae359f9c0cf37486 |
| container-native-virtualization/virt-exportproxy-rhel9@sha256:efae972941ee0dc440c6346a832b81d9b05b5aab8e5186b7f59141337c034af7 |
| container-native-virtualization/virt-exportserver-rhel9@sha256:b1a184eba121a3a99145cff08eeb68bfd92b9f29868942022fad083ee57f173a |
| container-native-virtualization/virt-handler-rhel9@sha256:911e6fc8153b6ad10ef6c9abc5486466d032eee61c7803f9a7dc2aa2b25de616 |
| container-native-virtualization/virt-launcher-rhel9@sha256:a92fb14e500402c0218416727cfd6ce2b41a46eb35023992571a62c7249cff75 |
| container-native-virtualization/virt-operator-rhel9@sha256:7600079f5e1e1d07b8fed3e11c482053e85b882871ee5f43170a15fa8b564a06 |
| container-native-virtualization/virtio-win-rhel9@sha256:ac8d5bd0b45972a5142a1a44d9ed5d1e331bcf00717b4f406be08db75384142d |
| container-native-virtualization/vm-console-proxy-rhel9@sha256:65da6957677c6b21c90555acb7695a38854b908c0f6b4b6de65032561af4caf1 |
| container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:beb73e9d979b9f34c22764ddf0e962f22c36d6a032bf3a2f588e82912493a3a3 |
x86_64
| container-native-virtualization/aaq-controller-rhel9@sha256:4a642f6451657955ba2fe74dfa7079da4cd92096c83bca0a614713b999d30ec8 |
| container-native-virtualization/aaq-operator-rhel9@sha256:de4e43620b9f55a6f3a113dc85d9d9bcf96529166f956b76651adfde49e093b3 |
| container-native-virtualization/aaq-server-rhel9@sha256:031af4c1ac500876dd746a73bc5c12832e8fcf8cb4a76f367dea6251e10a1b3e |
| container-native-virtualization/bridge-marker-rhel9@sha256:fb848b4d96c38bcf2a259b7fd956447c53876b13f2551d941eb51614f56670f2 |
| container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:cc639a501bcbd57e44d8c672e4fb71dcb98b4f94c506179d3e9be27773c48520 |
| container-native-virtualization/cnv-containernetworking-plugins-rhel9@sha256:db20c9db9237f4e0e20ed79df3c132b33e74171f8dd1478a536aeb23339c1d68 |
| container-native-virtualization/cnv-must-gather-rhel9@sha256:6d04556b1224e50ab04ba0e0ac7907cfb10862715e63e1d88b6a917d495928fb |
| container-native-virtualization/hco-bundle-registry-rhel9@sha256:6a9873fa23416c1d036f9e625a1e20a3eac8b5f70a91c583e1e08c86fc53fe2e |
| container-native-virtualization/hostpath-csi-driver-rhel9@sha256:9f391178bd44bddb3b0069fd4a60b44eef780aac6303d65174e7f2cc63a86a9a |
| container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:319d7b4b19a95a39220d49bf21b6fb810c0e7886e69ab336c8af4025a7326e0c |
| container-native-virtualization/hostpath-provisioner-rhel9@sha256:1b0c15eb040a37c729d981fd1e510614ee79aefbbf527ce08e92c74797f56f8c |
| container-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:02b463100bd9704bd023610cb7b55539ed20471341e9eefed9832aecdfbf0dd5 |
| container-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:128321cd0df54385f16e868908d116617cfa14746d67184cfcda8af3aa74d2f0 |
| container-native-virtualization/kubemacpool-rhel9@sha256:0b97d2dea7060da615326e40c9b520cb40ef02f96fa37f85aeff32ba1db853a7 |
| container-native-virtualization/kubesecondarydns-rhel9@sha256:a2fb6c1eca2c9603f068d778bf6f4713c558c7b5aa6becf449de17a73de9eb1e |
| container-native-virtualization/kubevirt-apiserver-proxy-rhel9@sha256:1c9e05a36b6dda67ee0822b25b04704d124556eb3787ef9c0024b2ffee6a2c7b |
| container-native-virtualization/kubevirt-common-instancetypes-rhel9@sha256:dc7c666e9df8e487ba72af28823b4ca7af1b1b7b13841d04fca5d952b4a33bde |
| container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:5301f8caabed4bd533863e0471594abc705ac9d0d8c0bdcbe22bee21dd945366 |
| container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:4ce1429c8c6469f12edfdb0cfc5bc7082f844feb257f1a75be2395afb336e394 |
| container-native-virtualization/kubevirt-realtime-checkup-rhel9@sha256:fd29d43e06aa04ef92069cc8dc1a0b1421cff3ddc725f92e91b0dad0f7d7461a |
| container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:8de7052970074787646211e724b81f824ad80cbe9d3753aa5fcab3047b4ce9dd |
| container-native-virtualization/kubevirt-storage-checkup-rhel9@sha256:4a348d2dcf7e1088bfd2a37f7826ff8ecf0ca26cf64a90985dbfe5fa68b96b0b |
| container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9@sha256:d093177d0f4cfb762945c84ee201b94b353e6d80aa9bce97eb8aaeeddb9f11fe |
| container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:4df0b706ec40aa31b663f286cbf355624f42042abdd637f2881f195d9cf852a2 |
| container-native-virtualization/kubevirt-template-validator-rhel9@sha256:e8c4f0160d4d4d3087eedd517a9b96f999df2c5ecfaec72eff51499e313347e2 |
| container-native-virtualization/libguestfs-tools-rhel9@sha256:cec725a3f6b68f41553b6dc0fb28ebb6c9809145571a70b02dcc248e1bcd058a |
| container-native-virtualization/mtq-controller-rhel9@sha256:1486eb6aad29c89a1b59137632fcb591874b219669cebf66f8be9ef93fdb1a5f |
| container-native-virtualization/mtq-lock-server-rhel9@sha256:ee77fbe272b16db2dac0eaebbe538596fd4e5fa6bc2c334eb3b4ca2e4db04315 |
| container-native-virtualization/mtq-operator-rhel9@sha256:c7be47f1ba8c6dfbe68da9e97ab0389e2134292d227eb369d8afdd471c87a365 |
| container-native-virtualization/multus-dynamic-networks-rhel9@sha256:1bd2b56311b2b996c0b002f1e25aa3b8cb607157c0499aa810df0f0683d08b92 |
| container-native-virtualization/ovs-cni-plugin-rhel9@sha256:e2d218c306d223022de220344aedd5735aea386deaa94472cf94c2cd2456bcba |
| container-native-virtualization/pr-helper-rhel9@sha256:6a3079b5b1350218ad3764ed872f9d39318bddb4d2132aea043d111ff56582c7 |
| container-native-virtualization/virt-api-rhel9@sha256:a979e072e40dad006d6d472fbe6bbd4f64203133b3a149cc8386cafa641a6765 |
| container-native-virtualization/virt-artifacts-server-rhel9@sha256:8bd08c73ecb14d65b2afb9af560fd203262ead9637df8d6443f46803fe118bf3 |
| container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:8ce30ab22ae21288d0fb89ad90341df973be5235fe6f6586ddc6ef1fe67c85fc |
| container-native-virtualization/virt-cdi-cloner-rhel9@sha256:72cf2194ffec9265e69fee07ae9628e67eb1a4483413fdd11426a7258698715f |
| container-native-virtualization/virt-cdi-controller-rhel9@sha256:884bbbc57b059de6b879743f1fcfd7d0059ee228c353f7f06b7d358a542e61d8 |
| container-native-virtualization/virt-cdi-importer-rhel9@sha256:9bdf470438457a1b1d4507e419220afa08982905908f212e64f53a701e0f6f19 |
| container-native-virtualization/virt-cdi-operator-rhel9@sha256:67d10c79a906bb560e47f378e81319197bb40fbb9fbd5173e61a0d5b22a30c7f |
| container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:7f340d77e22c1131c3846b4f0eb5e7b7b4fb5549929d7f64a1ae65f5815fc3a1 |
| container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:63922a718e94944f2f012bb1633654296f0d32d27a1d585b04b631425aeecc27 |
| container-native-virtualization/virt-controller-rhel9@sha256:f3456f5802fe3e1569ecf1e27310097c5d5cd48c51424cefc9315fb01e07aea2 |
| container-native-virtualization/virt-exportproxy-rhel9@sha256:3fee6cdb97a2f360998ecfd2e337bf0b2b2c6d14f65afaa81832f502c08d68d4 |
| container-native-virtualization/virt-exportserver-rhel9@sha256:d805aaac9a2b55efb1d2d037807710d09efd0411c649a0393c4636ee0ad961e6 |
| container-native-virtualization/virt-handler-rhel9@sha256:75c4930c1329c146374361a1488036c634f90e188772fd0ccbddcb3f119cae88 |
| container-native-virtualization/virt-launcher-rhel9@sha256:215ff4c5f6cf008a26706978f8d2750cfca44fab3c224a48fee6a9eea4ace796 |
| container-native-virtualization/virt-operator-rhel9@sha256:22acdd4ab9001dc6c997f70add8cab5eb9bc7d72c7fe6e1ea89522f3aa297a5f |
| container-native-virtualization/virtio-win-rhel9@sha256:822f703eab1d7f4acacae7ef5fff6b165b3750b6e633c7381f6ad4b06121c3b9 |
| container-native-virtualization/vm-console-proxy-rhel9@sha256:d0ff0f17e6b409f69dfb867fb3f3e42349838fac81b0ecb44f9a99321577ee14 |
| container-native-virtualization/vm-network-latency-checkup-rhel9@sha256:fe907b777473a17cf266a2afe5cf50f34c96b9e83cae198e08bcb3b9db3bef06 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
