Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-7374 (GCVE-0-2026-7374)
Vulnerability from cvelistv5 – Published: 2026-05-26 13:14 – Updated: 2026-05-28 02:39
VLAI
EPSS
Title
Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability
Summary
A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
12 references
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Container Native Virtualization 4.12 |
Unaffected:
1779375376 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.12::el8 |
|
| Red Hat | Red Hat Container Native Virtualization 4.13 |
Unaffected:
1778999881 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.13::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.14 |
Unaffected:
1779321599 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.14::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.15 |
Unaffected:
1778859977 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.15::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.16 |
Unaffected:
1778861274 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.16::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.17 |
Unaffected:
1779174925 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.17::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.18 |
Unaffected:
1778887155 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.18::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.19 |
Unaffected:
1779289071 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.19::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.2 |
Unaffected:
1779288737 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.20::el9 |
|
| Red Hat | Red Hat Container Native Virtualization 4.21 |
Unaffected:
1779420069 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.21::el9 |
Date Public
2026-05-26 12:30
Credits
This issue was discovered by Sarah Bennert (Red Hat) and Stoyan Nikolov (Red Hat).
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:39.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.12::el8"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler",
"product": "Red Hat Container Native Virtualization 4.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779375376",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.13::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778999881",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779321599",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778859977",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778861274",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779174925",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778887155",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779289071",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779288737",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/virt-handler-rhel9",
"product": "Red Hat Container Native Virtualization 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779420069",
"versionType": "rpm"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Sarah Bennert (Red Hat) and Stoyan Nikolov (Red Hat)."
}
],
"datePublic": "2026-05-26T12:30:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T02:39:19.160Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2026:20720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20720"
},
{
"name": "RHSA-2026:20736",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20736"
},
{
"name": "RHSA-2026:20763",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20763"
},
{
"name": "RHSA-2026:20767",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20767"
},
{
"name": "RHSA-2026:20782",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20782"
},
{
"name": "RHSA-2026:20825",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20825"
},
{
"name": "RHSA-2026:20866",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20866"
},
{
"name": "RHSA-2026:20886",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20886"
},
{
"name": "RHSA-2026:20890",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20890"
},
{
"name": "RHSA-2026:20975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20975"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"name": "RHBZ#2463728",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463728"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-22T07:20:25.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-26T12:30:00.000Z",
"value": "Made public."
}
],
"title": "Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability",
"workarounds": [
{
"lang": "en",
"value": "Update cluster RBAC to not allow exec into virt-launcher pods."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2026-7374",
"datePublished": "2026-05-26T13:14:53.851Z",
"dateReserved": "2026-04-29T06:46:44.106Z",
"dateUpdated": "2026-05-28T02:39:19.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-7374",
"date": "2026-06-13",
"epss": "0.00121",
"percentile": "0.30923"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-7374\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2026-05-26T14:16:40.717\",\"lastModified\":\"2026-05-28T03:16:44.047\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20720\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20736\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20763\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20767\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20782\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20825\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20866\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20886\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20890\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20975\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-7374\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2463728\",\"source\":\"secalert@redhat.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-7374\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-26T13:37:35.060833Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-26T13:37:38.502Z\"}}], \"cna\": {\"title\": \"Kubevirt: kubevirt virt-handler: privilege escalation and node compromise via symlink following vulnerability\", \"credits\": [{\"lang\": \"en\", \"value\": \"This issue was discovered by Sarah Bennert (Red Hat) and Stoyan Nikolov (Red Hat).\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 9.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.12::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.12\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779375376\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1778999881\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.14\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779321599\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.15\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1778859977\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.16\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1778861274\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.17\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779174925\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.18\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1778887155\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.19\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779289071\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779288737\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4.21::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Container Native Virtualization 4.21\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1779420069\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"container-native-virtualization/virt-handler-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-04-22T07:20:25.000Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-26T12:30:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2026-05-26T12:30:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2026:20720\", \"name\": \"RHSA-2026:20720\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20736\", \"name\": \"RHSA-2026:20736\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20763\", \"name\": \"RHSA-2026:20763\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20767\", \"name\": \"RHSA-2026:20767\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20782\", \"name\": \"RHSA-2026:20782\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20825\", \"name\": \"RHSA-2026:20825\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20866\", \"name\": \"RHSA-2026:20866\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20886\", \"name\": \"RHSA-2026:20886\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20890\", \"name\": \"RHSA-2026:20890\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20975\", \"name\": \"RHSA-2026:20975\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2026-7374\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2463728\", \"name\": \"RHBZ#2463728\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Update cluster RBAC to not allow exec into virt-launcher pods.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-59\", \"description\": \"Improper Link Resolution Before File Access (\u0027Link Following\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-05-28T02:39:19.160Z\"}, \"x_redhatCweChain\": \"CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-7374\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-28T02:39:19.160Z\", \"dateReserved\": \"2026-04-29T06:46:44.106Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2026-05-26T13:14:53.851Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:20866
Vulnerability from csaf_redhat - Published: 2026-05-26 11:28 - Updated: 2026-05-28 02:56Summary
Red Hat Security Advisory: OpenShift Virtualization v4.15 Images
Severity
Important
Notes
Topic: Red Hat OpenShift Virtualization release v4.15 is now available with updates to packages and images that fix several bugs and add enhancements.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization v4.15 images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.
9.9 (Critical)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64 | — |
Workaround
|
Threats
Impact
Important
References
8 references
Acknowledgments
Red Hat
Sarah Bennert
Stoyan Nikolov
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release v4.15 is now available with updates to packages and images that fix several bugs and add enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains OpenShift Virtualization v4.15 images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20866",
"url": "https://access.redhat.com/errata/RHSA-2026:20866"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-7374",
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20866.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization v4.15 Images",
"tracking": {
"current_release_date": "2026-05-28T02:56:10+00:00",
"generator": {
"date": "2026-05-28T02:56:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:20866",
"initial_release_date": "2026-05-26T11:28:00+00:00",
"revision_history": [
{
"date": "2026-05-26T11:28:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-27T05:30:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T02:56:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Container Native Virtualization 4.15",
"product": {
"name": "Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Container Native Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3A69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pr-helper-rhel9@sha256%3Adb054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3A0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859938"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3A5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859907"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3Aec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859955"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3Ab5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859908"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3A8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778860002"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3A745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3A636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859975"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3A0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859885"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3Ac21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pr-helper-rhel9@sha256%3A494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3A98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859938"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3Aa7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859907"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3Ac0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859955"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3A9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859908"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3Ac8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778860002"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3A150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3A08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859975"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3Aba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778859885"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64 as a component of Red Hat Container Native Virtualization 4.15",
"product_id": "Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.15"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Sarah Bennert",
"Stoyan Nikolov"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-7374",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2026-04-22T07:20:25+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463728"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important privilege escalation flaw in KubeVirt\u0027s virt-handler component. An authenticated OpenShift user with edit permissions in a single namespace can exploit improper symlink validation to hijack virt-handler\u0027s privileged connection. This allows access to any Unix socket on the host, leading to potential full control of the node and the entire cluster.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64"
],
"known_not_affected": [
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"category": "external",
"summary": "RHBZ#2463728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-7374",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7374"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7374",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7374"
}
],
"release_date": "2026-05-26T12:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:28:00+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20866"
},
{
"category": "workaround",
"details": "Update cluster RBAC to not allow exec into virt-launcher pods.",
"product_ids": [
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:69e3be623e1a2a8dd2c601a36e06ac0614760cef133b1041209802766ce84244_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:c21abdaa83c34b79b8ad84927844c1b3d66063e883924aab9104e21153d3f3b1_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:494e7ad93a6750731662684e6057c330f65b9b9d5904bf359e9cb90419c175dd_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:db054ea430cddd12d2a8760a5d7ab2878026891c777f1be6fb682915d4a8539e_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:0b817bd92fed9f13dc995590b33c245a0031f8a7a3fc0cfe868b5174ef6e48ff_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:98c1ab049b34fe94978dbe48c673f6bdc3fd5f3cb7c02479b8e99df26663cadc_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:5883055be1ec5976a064eab6864f777d32676dfee75f514418d124f19c591048_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a7829e988a31412b3dc58bbd9fca49dac9dbb916462809878a630927bd198deb_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:c0a812723505511c50b8c1bfb2eb22633b36ae3129dd0957ae2d3ae3c2498d64_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:ec7da083282a4c9465529139a5cfe29c456e7caff7187ba9f027c936b16528f7_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:9d50595d4a3cf8c53ccc50a6b52a0d325a292f155b494fe0637e5a090d664f5f_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:b5aa3a6bb65703b77755dccbaa01bee659ab75bbfcf521b6d5d5bd79ae274d96_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:8eaa2bb71213b75886fcfd256f94ef0b0df2094dbdd6bce298f895724cc33fcb_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c8eb889b2f8016bad49610a9ef83e6577bdbe389c59824182756b83c95c40ad3_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:150e16ca964b4afd80b41d0ec2f3551e31ed6f18e07aaa91b49c39312a10c799_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:745e83f3037d1720236942e6afc46c2c8bd2e4cd12b1401ae49ef551acfa18fa_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:08f8ece3d5fbfbe9ea25b5d71046db1ec6268d3cc1901f511780bc01479c0fa6_arm64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:636bff27785b58e38b31ca3fa7d07a1a58f8537e9d72600e05a073a1e9131fb0_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:0a78119c30f8ffdf86f23d8e0c544450d19bbfe01029c52e7e4c5a978e0ab441_amd64",
"Red Hat Container Native Virtualization 4.15:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:ba29973c2c9343e725fc82d84b44b258c7b95ba78ff84b9fbe3132cdbdf4e34e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability"
}
]
}
RHSA-2026:20886
Vulnerability from csaf_redhat - Published: 2026-05-26 11:33 - Updated: 2026-05-28 02:56Summary
Red Hat Security Advisory: OpenShift Virtualization v4.13 Images
Severity
Important
Notes
Topic: Red Hat OpenShift Virtualization release v4.13 is now available with updates to packages and images that fix several bugs and add enhancements.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization v4.13 images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.
9.9 (Critical)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64 | — |
Workaround
|
Threats
Impact
Important
References
8 references
Acknowledgments
Red Hat
Sarah Bennert
Stoyan Nikolov
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release v4.13 is now available with updates to packages and images that fix several bugs and add enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains OpenShift Virtualization v4.13 images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20886",
"url": "https://access.redhat.com/errata/RHSA-2026:20886"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-7374",
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20886.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization v4.13 Images",
"tracking": {
"current_release_date": "2026-05-28T02:56:10+00:00",
"generator": {
"date": "2026-05-28T02:56:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:20886",
"initial_release_date": "2026-05-26T11:33:33+00:00",
"revision_history": [
{
"date": "2026-05-26T11:33:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-27T05:30:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T02:56:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Container Native Virtualization 4.13",
"product": {
"name": "Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Container Native Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3Ab35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999982"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3Ad4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999883"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3A6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999883"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3A5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999879"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3A5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999880"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3A6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999880"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3A496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999881"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3A494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999979"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3Ae2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999879"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3A4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999982"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3Af615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999883"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3Aa09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999883"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3A300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999879"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3A3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999880"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3A94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999880"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3Aefceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999881"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3A346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999979"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3A2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1778999879"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64 as a component of Red Hat Container Native Virtualization 4.13",
"product_id": "Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.13"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Sarah Bennert",
"Stoyan Nikolov"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-7374",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2026-04-22T07:20:25+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463728"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important privilege escalation flaw in KubeVirt\u0027s virt-handler component. An authenticated OpenShift user with edit permissions in a single namespace can exploit improper symlink validation to hijack virt-handler\u0027s privileged connection. This allows access to any Unix socket on the host, leading to potential full control of the node and the entire cluster.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64"
],
"known_not_affected": [
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"category": "external",
"summary": "RHBZ#2463728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-7374",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7374"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7374",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7374"
}
],
"release_date": "2026-05-26T12:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:33:33+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20886"
},
{
"category": "workaround",
"details": "Update cluster RBAC to not allow exec into virt-launcher pods.",
"product_ids": [
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:4df8ff903ba9d497fa31b868fde60e395c650afaad83abe0d962f9e67e759837_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:b35e9caa43d5be32a669641b6f1b9bb3469470d6fa5031f5d2b7ee76e1f5ad15_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:d4a5efb5a48f189534a22b2d0629fb3b1efa0b4275ecd80d70115aeb5ac4b700_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:f615a636ab94fffe11b2ea630f94e8a03d67d703db64200d34b0f2beb55b243e_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:6f00da8e5170fd7cf2086e4ee276327b3830891f22b57961ae15a4c1b736df18_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:a09ea726150f34343ae6ae7e6c46f1644074bc7e465b22a7b669a2cf3c909ec7_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:300a50d81bd713402abd8c8d49d66f745afd7727c2b5f518a40835dc8d356ccb_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:5b5fd323fe20dced9941f1e94f4d5059912bf0ec8b37be24c14934e16bc2d4b5_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:3666682aaebb95e4a3427c988f66ff4a53ebd46880f0878c38f92efdf7bb61dc_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:5e94348041cce2061b35f5db722bbf7344064b2587059146fda490cfa088949d_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:6760420bed13672373bd657685e5ef58a0afe33083d0f20c5de41d6b660f9055_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:94063473d116562e4b248ca04af3d5fb1ed728414675c75bb57d0af9d80a305b_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:496bb7164546ea472905bc301a8a4ae9194ec0b300ae847c30bb5a775af5d546_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:efceda8b0057ff086bad77398e617d31e2fbe8c051d865eb529fa5573d3ce4ad_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:346f31b1a107133d3a09cc4b5fee2280fab1f7492eb7de06ddd4a28f3736005c_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:494c0b69213b4a3e2a82a4d46bdee65793bb631d9d036d19bdf911be30e59d6f_amd64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:2b01a10d96ddc80027b162b82b5dd5f3244317db32761d9186d9b61640ce75fd_arm64",
"Red Hat Container Native Virtualization 4.13:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:e2d08bfdd903a982b5856269690cba90ff61b868fc2f27c931c810bb421d039b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability"
}
]
}
RHSA-2026:20890
Vulnerability from csaf_redhat - Published: 2026-05-26 11:34 - Updated: 2026-05-28 02:56Summary
Red Hat Security Advisory: OpenShift Virtualization v4.14 Images
Severity
Important
Notes
Topic: Red Hat OpenShift Virtualization release v4.14 is now available with updates to packages and images that fix several bugs and add enhancements.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization v4.14 images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.
9.9 (Critical)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64 | — |
Workaround
|
Threats
Impact
Important
References
8 references
Acknowledgments
Red Hat
Sarah Bennert
Stoyan Nikolov
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release v4.14 is now available with updates to packages and images that fix several bugs and add enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains OpenShift Virtualization v4.14 images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20890",
"url": "https://access.redhat.com/errata/RHSA-2026:20890"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-7374",
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20890.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization v4.14 Images",
"tracking": {
"current_release_date": "2026-05-28T02:56:10+00:00",
"generator": {
"date": "2026-05-28T02:56:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:20890",
"initial_release_date": "2026-05-26T11:34:22+00:00",
"revision_history": [
{
"date": "2026-05-26T11:34:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-27T05:30:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T02:56:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Container Native Virtualization 4.14",
"product": {
"name": "Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Container Native Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3Af8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pr-helper-rhel9@sha256%3A66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321475"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3A69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321557"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3Acad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321575"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3Ab409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3Ae9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321406"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3A14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321531"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3A7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321599"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3A1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321622"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3A1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321472"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3A7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pr-helper-rhel9@sha256%3A9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321475"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3A60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321557"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3A63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321575"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3Ad4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321446"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3Af7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321406"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3Ac6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321531"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3A136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321599"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3A65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321622"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3A8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization\u0026tag=1779321472"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64 as a component of Red Hat Container Native Virtualization 4.14",
"product_id": "Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.14"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Sarah Bennert",
"Stoyan Nikolov"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-7374",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2026-04-22T07:20:25+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463728"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important privilege escalation flaw in KubeVirt\u0027s virt-handler component. An authenticated OpenShift user with edit permissions in a single namespace can exploit improper symlink validation to hijack virt-handler\u0027s privileged connection. This allows access to any Unix socket on the host, leading to potential full control of the node and the entire cluster.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64"
],
"known_not_affected": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"category": "external",
"summary": "RHBZ#2463728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-7374",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7374"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7374",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7374"
}
],
"release_date": "2026-05-26T12:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20890"
},
{
"category": "workaround",
"details": "Update cluster RBAC to not allow exec into virt-launcher pods.",
"product_ids": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:7544ebe278319575f271515132bcb8f38738f69fd67f20264bef291f4ba678c4_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:f8b8ced889bfbb090f24612be140cba9c844d5e232078868f21c2834785cd45b_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:66b1038270059c399b70eda7c652e6f235e9229848ffe4a99f9c7e3a01bf4fe5_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:9848cf40c43e015e81e577b1b3edc2a8274093ed3f24c84e1a374ef1acfce538_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:60a632f64ad139fd2c1647dc76dfb288232c83ca6c1786c7653d6d5e1dbbd90c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:69d382de9dd596e18d123809dc5aaaf249ba88444edf38f60770e94a36c3cf31_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:63ddbc45da0474b5543c8ab4d1801f2d89415a9afc5c799f21f517212d43cb96_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:cad2524c9a025cb89647fbabdff7815d89a1a29c4dfb1a5903937efa4283621e_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b409c5d30eb925291af46505647f7ac0c3966d59506fdee1e233cc773a8f9d95_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:d4689fa0755d3003dc0b42754641677a161c0f307a496399022412a7dc032496_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:e9f2391e096ca68407ca0ff0694e5e96408fb5189f8db0c6353bd3017a13b14c_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:f7dbaf3e1fcdf19ac944bf97b4376116f9073fc94f8a50d83c7dc74600fcf1e2_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:14bce82fd9c7b7e0c35142228c89e184fea03134c8a710f8e478cd63af5cbdcc_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:c6731323059e26a672afbf9ddb08292f97dd79814a6d09bae53ff75bf51924ac_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:136f6df755b01ebc36a1d395b9afa45d3f8100bcdee95e9ead614bb6795348d0_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:7c090185b0d5e89ce52076de7774557581bddb4bbca04763695589cb3bc4c33d_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:1e6e40e659da6f55601d3109f6980550c876ffe780774d5a619e6edf673f80ea_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:65dd5d374df30a567aaf21633b5f3d619a841172c23e92477b26c984bee46d8c_arm64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:1f04caa2c54df86a12e5de05d1628a9dca26cfcea9de0e3e80451d61de3c6c07_amd64",
"Red Hat Container Native Virtualization 4.14:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:8e382cd3bdb92b62eccdcd9e46e58a75debb6b6a75db1faee879b3b430028b70_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability"
}
]
}
RHSA-2026:20975
Vulnerability from csaf_redhat - Published: 2026-05-26 15:39 - Updated: 2026-05-28 02:56Summary
Red Hat Security Advisory: OpenShift Virtualization v4.16 Images
Severity
Important
Notes
Topic: Red Hat OpenShift Virtualization release v4.16 is now available with updates to packages and images that fix several bugs and add enhancements.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization v4.16 images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.
9.9 (Critical)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64 | — |
Workaround
|
Threats
Impact
Important
References
8 references
Acknowledgments
Red Hat
Sarah Bennert
Stoyan Nikolov
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release v4.16 is now available with updates to packages and images that fix several bugs and add enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains OpenShift Virtualization v4.16 images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20975",
"url": "https://access.redhat.com/errata/RHSA-2026:20975"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-7374",
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20975.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization v4.16 Images",
"tracking": {
"current_release_date": "2026-05-28T02:56:10+00:00",
"generator": {
"date": "2026-05-28T02:56:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:20975",
"initial_release_date": "2026-05-26T15:39:10+00:00",
"revision_history": [
{
"date": "2026-05-26T15:39:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-27T05:30:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T02:56:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Container Native Virtualization 4.16",
"product": {
"name": "Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Container Native Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3A01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9\u0026tag=1778861357"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/passt-network-binding-plugin-cni-rhel9@sha256%3Abad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9\u0026tag=1778861273"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/passt-network-binding-plugin-sidecar-rhel9@sha256%3Aac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9\u0026tag=1778861269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pr-helper-rhel9@sha256%3A81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/pr-helper-rhel9\u0026tag=1778861243"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/sidecar-shim-rhel9@sha256%3Af6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9\u0026tag=1778861270"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3A717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api-rhel9\u0026tag=1778999683"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3A48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9\u0026tag=1778861265"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3A3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller-rhel9\u0026tag=1778999678"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3A0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9\u0026tag=1778861264"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3A9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9\u0026tag=1778861268"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3A3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler-rhel9\u0026tag=1778861274"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3A8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher-rhel9\u0026tag=1778861279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3Ac431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator-rhel9\u0026tag=1778861265"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools-rhel9@sha256%3A23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9\u0026tag=1778861357"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/passt-network-binding-plugin-cni-rhel9@sha256%3A97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9\u0026tag=1778861273"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64",
"product_identification_helper": {
"purl": "pkg:oci/passt-network-binding-plugin-sidecar-rhel9@sha256%3Ae15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9\u0026tag=1778861269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pr-helper-rhel9@sha256%3Abda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/pr-helper-rhel9\u0026tag=1778861243"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64",
"product_identification_helper": {
"purl": "pkg:oci/sidecar-shim-rhel9@sha256%3Abf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9\u0026tag=1778861270"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api-rhel9@sha256%3A74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api-rhel9\u0026tag=1778999683"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server-rhel9@sha256%3Af3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9\u0026tag=1778861265"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller-rhel9@sha256%3Ab19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller-rhel9\u0026tag=1778999678"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportproxy-rhel9@sha256%3A6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9\u0026tag=1778861264"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-exportserver-rhel9@sha256%3A833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9\u0026tag=1778861268"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler-rhel9@sha256%3A6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler-rhel9\u0026tag=1778861274"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher-rhel9@sha256%3Ac847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher-rhel9\u0026tag=1778861279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64",
"product": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64",
"product_id": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator-rhel9@sha256%3A96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea?arch=arm64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator-rhel9\u0026tag=1778861265"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64 as a component of Red Hat Container Native Virtualization 4.16",
"product_id": "Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64"
},
"product_reference": "registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64",
"relates_to_product_reference": "Red Hat Container Native Virtualization 4.16"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Sarah Bennert",
"Stoyan Nikolov"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-7374",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2026-04-22T07:20:25+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463728"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important privilege escalation flaw in KubeVirt\u0027s virt-handler component. An authenticated OpenShift user with edit permissions in a single namespace can exploit improper symlink validation to hijack virt-handler\u0027s privileged connection. This allows access to any Unix socket on the host, leading to potential full control of the node and the entire cluster.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64"
],
"known_not_affected": [
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-7374"
},
{
"category": "external",
"summary": "RHBZ#2463728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-7374",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7374"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7374",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7374"
}
],
"release_date": "2026-05-26T12:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T15:39:10+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20975"
},
{
"category": "workaround",
"details": "Update cluster RBAC to not allow exec into virt-launcher pods.",
"product_ids": [
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:01d8b8805fd275229eed0d6dbc477f779fcb9302409538948fd6856701d16b90_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/libguestfs-tools-rhel9@sha256:23b0fe8fd19443d08469b8fe93a471f79039c87ca94408f6dd675407048a70ec_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:97493024b6620540c053d89c6a3b02e8ae8008a2342d95bb8f5dc1ca4abf9a5e_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-cni-rhel9@sha256:bad30ab59a88284693f07d1129e47d7a9251325d6f120a644808049c63858b26_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:ac61513d0d8d184be43cd58f3c700226b2090384b3ee1ac5b891b03dfe91aed7_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9@sha256:e15f0631d5a8883221df836f3dffece8ceddd797d1f3156a5ff3d7f822040fda_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:81a4fa07ba02640943a15612736d32c164b10c208c107ff261ed9399cb0c32fc_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/pr-helper-rhel9@sha256:bda0942d9948e2576cd941c73b1c90197c26842c78b1dd0f9930cce10601f889_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:bf3c69bb43e28fc348101888da5cd3103468a9b5194c80263a4c3c2f590d5017_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/sidecar-shim-rhel9@sha256:f6a80e08fba710719264d4c1faafe36e5c4155cbfdd51a79de1e55e9997b46a0_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:717f3d3fc2d767f4c25b4e9f410eb2da697cd2672b830ec3e8c9a9ff76c79dfe_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-api-rhel9@sha256:74c1d0bdb69e09e17359e1f7ded96fe59c89adc8563aefb18702bd14eac5bf1a_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:48d09ebba3d0c513a9ccf1bd0eab5e7bce4aa42a23d8cb620ce6dd8d95e65c05_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-artifacts-server-rhel9@sha256:f3141446e09b1f9660d7eb57728a5a7c255df9292ad7a6879b7d44fd9e14c982_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:3f69586b231ff1b95ed8805f734465ebb2cb1b2a50132836d8d2bd2e253b2407_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-controller-rhel9@sha256:b19b005a015d85dcf3da7dd54a07b1e6f9e4eee84db1cba9e44808611dc496e5_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:0d13f9c5f619ff3d58d363214fc45625ce64833bc62d66c33efb2ef191090316_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportproxy-rhel9@sha256:6eadcf10463c5789188d3638e30a809ac2a4cdc9014c6f6e82b4d8f4bea967a7_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:833e84f48ae091129fd3967488cb59e1dcef6ad240e4fe1580af4f640c524a1c_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-exportserver-rhel9@sha256:9ce927232dbc0fd2427ca5990801013c1ba92b2af466eabafb99b0eaa405c900_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:3f39822dbf9a5ad965f4e09b66ad4319c95e38492095e1a5265033d3d245c060_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-handler-rhel9@sha256:6b730620ed5a6f37170c7ef44a5883e6d8787e30862525fc8ff605ec5e612235_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:8bd7de7b45ae11dd92debd4cb98ef01082bfc46e79ded2ac0529bd8f8f08dd59_amd64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-launcher-rhel9@sha256:c847a1c36e65c2096e964ab53e47f4bb6490cba74073ab25665c7d6250f78503_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:96bbb1af0c87e73b6d5fad7803e1625be6dcaef1021e8e7e53305a37fa0ab8ea_arm64",
"Red Hat Container Native Virtualization 4.16:registry.redhat.io/container-native-virtualization/virt-operator-rhel9@sha256:c431ca45ea5e2185c00cfb051d6ddbac9dd14dc2e3bf064354f71af61709331c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kubevirt: KubeVirt virt-handler: Privilege escalation and node compromise via symlink following vulnerability"
}
]
}
SUSE-SU-2026:2077-1
Vulnerability from csaf_suse - Published: 2026-05-26 13:44 - Updated: 2026-05-26 13:44Summary
Security update for kubevirt
Severity
Critical
Notes
Title of the patch: Security update for kubevirt
Description of the patch:
This update for kubevirt fixes the following issue:
CVE-2026-7374: Fixed privilege escalation and node compromise via symlink following vulnerability (bsc#1265467)
Patchnames: SUSE-2026-2077,SUSE-SLE-Module-Containers-15-SP7-2026-2077
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.9 (Critical)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubevirt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for kubevirt fixes the following issue:\n\nCVE-2026-7374: Fixed privilege escalation and node compromise via symlink following vulnerability (bsc#1265467)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2077,SUSE-SLE-Module-Containers-15-SP7-2026-2077",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2077-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2077-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262077-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2077-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046774.html"
},
{
"category": "self",
"summary": "SUSE Bug 1265467",
"url": "https://bugzilla.suse.com/1265467"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-7374 page",
"url": "https://www.suse.com/security/cve/CVE-2026-7374/"
}
],
"title": "Security update for kubevirt",
"tracking": {
"current_release_date": "2026-05-26T13:44:50Z",
"generator": {
"date": "2026-05-26T13:44:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2077-1",
"initial_release_date": "2026-05-26T13:44:50Z",
"revision_history": [
{
"date": "2026-05-26T13:44:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-container-disk-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-container-disk-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-container-disk-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-manifests-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-manifests-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-manifests-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-pr-helper-conf-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-pr-helper-conf-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-pr-helper-conf-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-tests-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-tests-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-tests-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-api-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-virt-api-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-virt-api-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-controller-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-virt-controller-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-virt-controller-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportproxy-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-virt-exportproxy-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-virt-exportproxy-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportserver-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-virt-exportserver-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-virt-exportserver-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-handler-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-virt-handler-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-virt-handler-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-launcher-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-virt-launcher-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-virt-launcher-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-operator-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-virt-operator-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-virt-operator-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-synchronization-controller-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-virt-synchronization-controller-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-virt-synchronization-controller-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64",
"product_id": "kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt_containers_meta-1.7.0-150700.3.21.1.aarch64",
"product": {
"name": "obs-service-kubevirt_containers_meta-1.7.0-150700.3.21.1.aarch64",
"product_id": "obs-service-kubevirt_containers_meta-1.7.0-150700.3.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-container-disk-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-container-disk-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-container-disk-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-manifests-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-manifests-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-manifests-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-pr-helper-conf-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-pr-helper-conf-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-pr-helper-conf-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-tests-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-tests-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-tests-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-api-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-virt-api-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-virt-api-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-controller-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-virt-controller-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-virt-controller-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportproxy-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-virt-exportproxy-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-virt-exportproxy-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-exportserver-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-virt-exportserver-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-virt-exportserver-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-handler-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-virt-handler-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-virt-handler-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-launcher-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-virt-launcher-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-virt-launcher-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-operator-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-virt-operator-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-virt-operator-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virt-synchronization-controller-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-virt-synchronization-controller-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-virt-synchronization-controller-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64",
"product_id": "kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt_containers_meta-1.7.0-150700.3.21.1.x86_64",
"product": {
"name": "obs-service-kubevirt_containers_meta-1.7.0-150700.3.21.1.x86_64",
"product_id": "obs-service-kubevirt_containers_meta-1.7.0-150700.3.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.7.0-150700.3.21.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.aarch64"
},
"product_reference": "kubevirt-manifests-1.7.0-150700.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-manifests-1.7.0-150700.3.21.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.x86_64"
},
"product_reference": "kubevirt-manifests-1.7.0-150700.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64"
},
"product_reference": "kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64"
},
"product_reference": "kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-7374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-7374"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in KubeVirt\u0027s virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host\u0027s container runtime (CRI-O) socket, an attacker can hijack virt-handler\u0027s privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-7374",
"url": "https://www.suse.com/security/cve/CVE-2026-7374"
},
{
"category": "external",
"summary": "SUSE Bug 1265467 for CVE-2026-7374",
"url": "https://bugzilla.suse.com/1265467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-manifests-1.7.0-150700.3.21.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:kubevirt-virtctl-1.7.0-150700.3.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-26T13:44:50Z",
"details": "critical"
}
],
"title": "CVE-2026-7374"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…