rhsa-2022_6526
Vulnerability from csaf_redhat
Published
2022-09-14 19:28
Modified
2024-09-18 14:41
Summary
Red Hat Security Advisory: OpenShift Virtualization 4.11.0 Images security and bug fix update
Notes
Topic
Red Hat OpenShift Virtualization release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 4.11.0 images:
RHEL-8-CNV-4.11
===============
hostpath-provisioner-container-v4.11.0-21
kubevirt-tekton-tasks-operator-container-v4.11.0-29
kubevirt-template-validator-container-v4.11.0-17
bridge-marker-container-v4.11.0-26
hostpath-csi-driver-container-v4.11.0-21
cluster-network-addons-operator-container-v4.11.0-26
ovs-cni-marker-container-v4.11.0-26
virtio-win-container-v4.11.0-16
ovs-cni-plugin-container-v4.11.0-26
kubemacpool-container-v4.11.0-26
hostpath-provisioner-operator-container-v4.11.0-24
cnv-containernetworking-plugins-container-v4.11.0-26
kubevirt-ssp-operator-container-v4.11.0-54
virt-cdi-uploadserver-container-v4.11.0-59
virt-cdi-cloner-container-v4.11.0-59
virt-cdi-operator-container-v4.11.0-59
virt-cdi-importer-container-v4.11.0-59
virt-cdi-uploadproxy-container-v4.11.0-59
virt-cdi-controller-container-v4.11.0-59
virt-cdi-apiserver-container-v4.11.0-59
kubevirt-tekton-tasks-modify-vm-template-container-v4.11.0-7
kubevirt-tekton-tasks-create-vm-from-template-container-v4.11.0-7
kubevirt-tekton-tasks-copy-template-container-v4.11.0-7
checkup-framework-container-v4.11.0-67
kubevirt-tekton-tasks-cleanup-vm-container-v4.11.0-7
kubevirt-tekton-tasks-disk-virt-sysprep-container-v4.11.0-7
kubevirt-tekton-tasks-wait-for-vmi-status-container-v4.11.0-7
kubevirt-tekton-tasks-disk-virt-customize-container-v4.11.0-7
vm-network-latency-checkup-container-v4.11.0-67
kubevirt-tekton-tasks-create-datavolume-container-v4.11.0-7
hyperconverged-cluster-webhook-container-v4.11.0-95
cnv-must-gather-container-v4.11.0-62
hyperconverged-cluster-operator-container-v4.11.0-95
kubevirt-console-plugin-container-v4.11.0-83
virt-controller-container-v4.11.0-105
virt-handler-container-v4.11.0-105
virt-operator-container-v4.11.0-105
virt-launcher-container-v4.11.0-105
virt-artifacts-server-container-v4.11.0-105
virt-api-container-v4.11.0-105
libguestfs-tools-container-v4.11.0-105
hco-bundle-registry-container-v4.11.0-587
Security Fix(es):
* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)
* kubeVirt: Arbitrary file read on the host from KubeVirt VMs (CVE-2022-1798)
* golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561)
* golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)
* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)
* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)
* golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773)
* golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806)
* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)
* golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)
* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.11.0 images:\n\nRHEL-8-CNV-4.11\n===============\nhostpath-provisioner-container-v4.11.0-21\nkubevirt-tekton-tasks-operator-container-v4.11.0-29\nkubevirt-template-validator-container-v4.11.0-17\nbridge-marker-container-v4.11.0-26\nhostpath-csi-driver-container-v4.11.0-21\ncluster-network-addons-operator-container-v4.11.0-26\novs-cni-marker-container-v4.11.0-26\nvirtio-win-container-v4.11.0-16\novs-cni-plugin-container-v4.11.0-26\nkubemacpool-container-v4.11.0-26\nhostpath-provisioner-operator-container-v4.11.0-24\ncnv-containernetworking-plugins-container-v4.11.0-26\nkubevirt-ssp-operator-container-v4.11.0-54\nvirt-cdi-uploadserver-container-v4.11.0-59\nvirt-cdi-cloner-container-v4.11.0-59\nvirt-cdi-operator-container-v4.11.0-59\nvirt-cdi-importer-container-v4.11.0-59\nvirt-cdi-uploadproxy-container-v4.11.0-59\nvirt-cdi-controller-container-v4.11.0-59\nvirt-cdi-apiserver-container-v4.11.0-59\nkubevirt-tekton-tasks-modify-vm-template-container-v4.11.0-7\nkubevirt-tekton-tasks-create-vm-from-template-container-v4.11.0-7\nkubevirt-tekton-tasks-copy-template-container-v4.11.0-7\ncheckup-framework-container-v4.11.0-67\nkubevirt-tekton-tasks-cleanup-vm-container-v4.11.0-7\nkubevirt-tekton-tasks-disk-virt-sysprep-container-v4.11.0-7\nkubevirt-tekton-tasks-wait-for-vmi-status-container-v4.11.0-7\nkubevirt-tekton-tasks-disk-virt-customize-container-v4.11.0-7\nvm-network-latency-checkup-container-v4.11.0-67\nkubevirt-tekton-tasks-create-datavolume-container-v4.11.0-7\nhyperconverged-cluster-webhook-container-v4.11.0-95\ncnv-must-gather-container-v4.11.0-62\nhyperconverged-cluster-operator-container-v4.11.0-95\nkubevirt-console-plugin-container-v4.11.0-83\nvirt-controller-container-v4.11.0-105\nvirt-handler-container-v4.11.0-105\nvirt-operator-container-v4.11.0-105\nvirt-launcher-container-v4.11.0-105\nvirt-artifacts-server-container-v4.11.0-105\nvirt-api-container-v4.11.0-105\nlibguestfs-tools-container-v4.11.0-105\nhco-bundle-registry-container-v4.11.0-587\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* kubeVirt: Arbitrary file read on the host from KubeVirt VMs (CVE-2022-1798)\n\n* golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561)\n\n* golang: syscall: don\u0027t close fd 0 on ForkExec error (CVE-2021-44717)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)\n\n* golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773)\n\n* golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806)\n\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n\n* golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)\n\n* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)\n\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6526",
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1937609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937609"
},
{
"category": "external",
"summary": "1945593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945593"
},
{
"category": "external",
"summary": "1968514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1968514"
},
{
"category": "external",
"summary": "1993109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993109"
},
{
"category": "external",
"summary": "1994604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994604"
},
{
"category": "external",
"summary": "2001385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001385"
},
{
"category": "external",
"summary": "2009793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009793"
},
{
"category": "external",
"summary": "2010318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010318"
},
{
"category": "external",
"summary": "2025276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025276"
},
{
"category": "external",
"summary": "2025401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025401"
},
{
"category": "external",
"summary": "2026357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026357"
},
{
"category": "external",
"summary": "2029349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029349"
},
{
"category": "external",
"summary": "2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "2031857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031857"
},
{
"category": "external",
"summary": "2033077",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033077"
},
{
"category": "external",
"summary": "2035344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035344"
},
{
"category": "external",
"summary": "2036676",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036676"
},
{
"category": "external",
"summary": "2039976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039976"
},
{
"category": "external",
"summary": "2040766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040766"
},
{
"category": "external",
"summary": "2041467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041467"
},
{
"category": "external",
"summary": "2042402",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042402"
},
{
"category": "external",
"summary": "2042809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042809"
},
{
"category": "external",
"summary": "2045086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045086"
},
{
"category": "external",
"summary": "2045880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
},
{
"category": "external",
"summary": "2047186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047186"
},
{
"category": "external",
"summary": "2051899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051899"
},
{
"category": "external",
"summary": "2052094",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052094"
},
{
"category": "external",
"summary": "2052466",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052466"
},
{
"category": "external",
"summary": "2052689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052689"
},
{
"category": "external",
"summary": "2053429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
},
{
"category": "external",
"summary": "2053532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
},
{
"category": "external",
"summary": "2053541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
},
{
"category": "external",
"summary": "2056467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056467"
},
{
"category": "external",
"summary": "2057157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057157"
},
{
"category": "external",
"summary": "2057310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057310"
},
{
"category": "external",
"summary": "2058149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058149"
},
{
"category": "external",
"summary": "2058925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058925"
},
{
"category": "external",
"summary": "2059121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059121"
},
{
"category": "external",
"summary": "2060485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060485"
},
{
"category": "external",
"summary": "2060585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060585"
},
{
"category": "external",
"summary": "2061208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061208"
},
{
"category": "external",
"summary": "2061723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061723"
},
{
"category": "external",
"summary": "2063540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063540"
},
{
"category": "external",
"summary": "2063792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063792"
},
{
"category": "external",
"summary": "2064034",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064034"
},
{
"category": "external",
"summary": "2064702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064702"
},
{
"category": "external",
"summary": "2064857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064857"
},
{
"category": "external",
"summary": "2064936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064936"
},
{
"category": "external",
"summary": "2065014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065014"
},
{
"category": "external",
"summary": "2065019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065019"
},
{
"category": "external",
"summary": "2066768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066768"
},
{
"category": "external",
"summary": "2067246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067246"
},
{
"category": "external",
"summary": "2069287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069287"
},
{
"category": "external",
"summary": "2069388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069388"
},
{
"category": "external",
"summary": "2070366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070366"
},
{
"category": "external",
"summary": "2070864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070864"
},
{
"category": "external",
"summary": "2071488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2071488"
},
{
"category": "external",
"summary": "2071549",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2071549"
},
{
"category": "external",
"summary": "2071611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2071611"
},
{
"category": "external",
"summary": "2071921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2071921"
},
{
"category": "external",
"summary": "2073669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073669"
},
{
"category": "external",
"summary": "2073679",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073679"
},
{
"category": "external",
"summary": "2073982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073982"
},
{
"category": "external",
"summary": "2074337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074337"
},
{
"category": "external",
"summary": "2075200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075200"
},
{
"category": "external",
"summary": "2075409",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075409"
},
{
"category": "external",
"summary": "2076292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076292"
},
{
"category": "external",
"summary": "2076379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076379"
},
{
"category": "external",
"summary": "2076790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076790"
},
{
"category": "external",
"summary": "2076908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076908"
},
{
"category": "external",
"summary": "2077688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
},
{
"category": "external",
"summary": "2077689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
},
{
"category": "external",
"summary": "2078700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078700"
},
{
"category": "external",
"summary": "2078703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078703"
},
{
"category": "external",
"summary": "2078709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078709"
},
{
"category": "external",
"summary": "2078728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078728"
},
{
"category": "external",
"summary": "2079366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079366"
},
{
"category": "external",
"summary": "2079674",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079674"
},
{
"category": "external",
"summary": "2079783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079783"
},
{
"category": "external",
"summary": "2080132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080132"
},
{
"category": "external",
"summary": "2080155",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080155"
},
{
"category": "external",
"summary": "2080547",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080547"
},
{
"category": "external",
"summary": "2080833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080833"
},
{
"category": "external",
"summary": "2080835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080835"
},
{
"category": "external",
"summary": "2081182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081182"
},
{
"category": "external",
"summary": "2081202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081202"
},
{
"category": "external",
"summary": "2081409",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081409"
},
{
"category": "external",
"summary": "2081671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081671"
},
{
"category": "external",
"summary": "2081831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081831"
},
{
"category": "external",
"summary": "2082008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082008"
},
{
"category": "external",
"summary": "2082164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082164"
},
{
"category": "external",
"summary": "2082912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082912"
},
{
"category": "external",
"summary": "2083093",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083093"
},
{
"category": "external",
"summary": "2083097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083097"
},
{
"category": "external",
"summary": "2083100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083100"
},
{
"category": "external",
"summary": "2083101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083101"
},
{
"category": "external",
"summary": "2083135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083135"
},
{
"category": "external",
"summary": "2083256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083256"
},
{
"category": "external",
"summary": "2083595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083595"
},
{
"category": "external",
"summary": "2084102",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084102"
},
{
"category": "external",
"summary": "2084122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084122"
},
{
"category": "external",
"summary": "2084418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084418"
},
{
"category": "external",
"summary": "2084431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084431"
},
{
"category": "external",
"summary": "2084476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084476"
},
{
"category": "external",
"summary": "2084532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084532"
},
{
"category": "external",
"summary": "2084610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084610"
},
{
"category": "external",
"summary": "2085320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085320"
},
{
"category": "external",
"summary": "2085322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085322"
},
{
"category": "external",
"summary": "2086272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086272"
},
{
"category": "external",
"summary": "2086278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086278"
},
{
"category": "external",
"summary": "2086281",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086281"
},
{
"category": "external",
"summary": "2086286",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086286"
},
{
"category": "external",
"summary": "2086293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086293"
},
{
"category": "external",
"summary": "2086294",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086294"
},
{
"category": "external",
"summary": "2086303",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086303"
},
{
"category": "external",
"summary": "2086479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086479"
},
{
"category": "external",
"summary": "2086486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086486"
},
{
"category": "external",
"summary": "2086488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086488"
},
{
"category": "external",
"summary": "2086769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086769"
},
{
"category": "external",
"summary": "2086803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086803"
},
{
"category": "external",
"summary": "2086825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086825"
},
{
"category": "external",
"summary": "2086849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086849"
},
{
"category": "external",
"summary": "2087188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087188"
},
{
"category": "external",
"summary": "2087189",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087189"
},
{
"category": "external",
"summary": "2087232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087232"
},
{
"category": "external",
"summary": "2087546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087546"
},
{
"category": "external",
"summary": "2087547",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087547"
},
{
"category": "external",
"summary": "2087559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087559"
},
{
"category": "external",
"summary": "2087566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087566"
},
{
"category": "external",
"summary": "2087570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087570"
},
{
"category": "external",
"summary": "2087577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087577"
},
{
"category": "external",
"summary": "2087578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087578"
},
{
"category": "external",
"summary": "2087582",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087582"
},
{
"category": "external",
"summary": "2087583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087583"
},
{
"category": "external",
"summary": "2087584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087584"
},
{
"category": "external",
"summary": "2087587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087587"
},
{
"category": "external",
"summary": "2087589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087589"
},
{
"category": "external",
"summary": "2087590",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087590"
},
{
"category": "external",
"summary": "2087593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087593"
},
{
"category": "external",
"summary": "2087603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087603"
},
{
"category": "external",
"summary": "2087616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087616"
},
{
"category": "external",
"summary": "2087701",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087701"
},
{
"category": "external",
"summary": "2087717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087717"
},
{
"category": "external",
"summary": "2088034",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088034"
},
{
"category": "external",
"summary": "2088355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088355"
},
{
"category": "external",
"summary": "2088361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088361"
},
{
"category": "external",
"summary": "2088379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088379"
},
{
"category": "external",
"summary": "2088407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088407"
},
{
"category": "external",
"summary": "2088471",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088471"
},
{
"category": "external",
"summary": "2088472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088472"
},
{
"category": "external",
"summary": "2088477",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088477"
},
{
"category": "external",
"summary": "2088849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088849"
},
{
"category": "external",
"summary": "2089078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089078"
},
{
"category": "external",
"summary": "2089271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089271"
},
{
"category": "external",
"summary": "2089327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089327"
},
{
"category": "external",
"summary": "2089376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089376"
},
{
"category": "external",
"summary": "2089477",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089477"
},
{
"category": "external",
"summary": "2089700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089700"
},
{
"category": "external",
"summary": "2089745",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089745"
},
{
"category": "external",
"summary": "2089789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089789"
},
{
"category": "external",
"summary": "2089825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089825"
},
{
"category": "external",
"summary": "2089836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089836"
},
{
"category": "external",
"summary": "2089840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089840"
},
{
"category": "external",
"summary": "2089877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089877"
},
{
"category": "external",
"summary": "2089932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089932"
},
{
"category": "external",
"summary": "2089942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089942"
},
{
"category": "external",
"summary": "2089954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089954"
},
{
"category": "external",
"summary": "2089963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089963"
},
{
"category": "external",
"summary": "2089967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089967"
},
{
"category": "external",
"summary": "2089970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089970"
},
{
"category": "external",
"summary": "2089972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089972"
},
{
"category": "external",
"summary": "2089979",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089979"
},
{
"category": "external",
"summary": "2089982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089982"
},
{
"category": "external",
"summary": "2090035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090035"
},
{
"category": "external",
"summary": "2090036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090036"
},
{
"category": "external",
"summary": "2090037",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090037"
},
{
"category": "external",
"summary": "2090038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090038"
},
{
"category": "external",
"summary": "2090042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090042"
},
{
"category": "external",
"summary": "2090043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090043"
},
{
"category": "external",
"summary": "2090046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090046"
},
{
"category": "external",
"summary": "2090048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090048"
},
{
"category": "external",
"summary": "2090054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090054"
},
{
"category": "external",
"summary": "2090055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090055"
},
{
"category": "external",
"summary": "2090056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090056"
},
{
"category": "external",
"summary": "2090057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090057"
},
{
"category": "external",
"summary": "2090059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090059"
},
{
"category": "external",
"summary": "2090064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090064"
},
{
"category": "external",
"summary": "2090066",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090066"
},
{
"category": "external",
"summary": "2090068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090068"
},
{
"category": "external",
"summary": "2090131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090131"
},
{
"category": "external",
"summary": "2090350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090350"
},
{
"category": "external",
"summary": "2091003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091003"
},
{
"category": "external",
"summary": "2091058",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091058"
},
{
"category": "external",
"summary": "2091309",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091309"
},
{
"category": "external",
"summary": "2091406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091406"
},
{
"category": "external",
"summary": "2091754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091754"
},
{
"category": "external",
"summary": "2091755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091755"
},
{
"category": "external",
"summary": "2091756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091756"
},
{
"category": "external",
"summary": "2091758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091758"
},
{
"category": "external",
"summary": "2091760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091760"
},
{
"category": "external",
"summary": "2091761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091761"
},
{
"category": "external",
"summary": "2091762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091762"
},
{
"category": "external",
"summary": "2091764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091764"
},
{
"category": "external",
"summary": "2091765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091765"
},
{
"category": "external",
"summary": "2091766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091766"
},
{
"category": "external",
"summary": "2091853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091853"
},
{
"category": "external",
"summary": "2091863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091863"
},
{
"category": "external",
"summary": "2091868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091868"
},
{
"category": "external",
"summary": "2091889",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091889"
},
{
"category": "external",
"summary": "2091897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091897"
},
{
"category": "external",
"summary": "2091904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091904"
},
{
"category": "external",
"summary": "2091911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091911"
},
{
"category": "external",
"summary": "2091940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091940"
},
{
"category": "external",
"summary": "2091945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091945"
},
{
"category": "external",
"summary": "2091946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091946"
},
{
"category": "external",
"summary": "2091982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091982"
},
{
"category": "external",
"summary": "2092048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092048"
},
{
"category": "external",
"summary": "2092052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092052"
},
{
"category": "external",
"summary": "2092071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092071"
},
{
"category": "external",
"summary": "2092079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092079"
},
{
"category": "external",
"summary": "2092158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092158"
},
{
"category": "external",
"summary": "2092228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092228"
},
{
"category": "external",
"summary": "2092230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092230"
},
{
"category": "external",
"summary": "2092306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092306"
},
{
"category": "external",
"summary": "2092337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092337"
},
{
"category": "external",
"summary": "2092359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092359"
},
{
"category": "external",
"summary": "2092654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092654"
},
{
"category": "external",
"summary": "2092662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092662"
},
{
"category": "external",
"summary": "2092663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092663"
},
{
"category": "external",
"summary": "2092664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092664"
},
{
"category": "external",
"summary": "2092781",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092781"
},
{
"category": "external",
"summary": "2092783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092783"
},
{
"category": "external",
"summary": "2092787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092787"
},
{
"category": "external",
"summary": "2092789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092789"
},
{
"category": "external",
"summary": "2092951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092951"
},
{
"category": "external",
"summary": "2093282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093282"
},
{
"category": "external",
"summary": "2093691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093691"
},
{
"category": "external",
"summary": "2093713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093713"
},
{
"category": "external",
"summary": "2093715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093715"
},
{
"category": "external",
"summary": "2093716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093716"
},
{
"category": "external",
"summary": "2093772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093772"
},
{
"category": "external",
"summary": "2093773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093773"
},
{
"category": "external",
"summary": "2093866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093866"
},
{
"category": "external",
"summary": "2093867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093867"
},
{
"category": "external",
"summary": "2094202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094202"
},
{
"category": "external",
"summary": "2094207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094207"
},
{
"category": "external",
"summary": "2094208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094208"
},
{
"category": "external",
"summary": "2094217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094217"
},
{
"category": "external",
"summary": "2094222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094222"
},
{
"category": "external",
"summary": "2094323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094323"
},
{
"category": "external",
"summary": "2094405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094405"
},
{
"category": "external",
"summary": "2094440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094440"
},
{
"category": "external",
"summary": "2094451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094451"
},
{
"category": "external",
"summary": "2094453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094453"
},
{
"category": "external",
"summary": "2094465",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094465"
},
{
"category": "external",
"summary": "2094471",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094471"
},
{
"category": "external",
"summary": "2094481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094481"
},
{
"category": "external",
"summary": "2094486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094486"
},
{
"category": "external",
"summary": "2094491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094491"
},
{
"category": "external",
"summary": "2094495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094495"
},
{
"category": "external",
"summary": "2094646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094646"
},
{
"category": "external",
"summary": "2094665",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094665"
},
{
"category": "external",
"summary": "2094678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094678"
},
{
"category": "external",
"summary": "2094727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094727"
},
{
"category": "external",
"summary": "2094807",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094807"
},
{
"category": "external",
"summary": "2094813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094813"
},
{
"category": "external",
"summary": "2094848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094848"
},
{
"category": "external",
"summary": "2095125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095125"
},
{
"category": "external",
"summary": "2095129",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095129"
},
{
"category": "external",
"summary": "2095224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095224"
},
{
"category": "external",
"summary": "2095529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095529"
},
{
"category": "external",
"summary": "2095530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095530"
},
{
"category": "external",
"summary": "2095532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095532"
},
{
"category": "external",
"summary": "2095537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095537"
},
{
"category": "external",
"summary": "2095570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095570"
},
{
"category": "external",
"summary": "2095573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095573"
},
{
"category": "external",
"summary": "2095953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095953"
},
{
"category": "external",
"summary": "2095955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095955"
},
{
"category": "external",
"summary": "2096166",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096166"
},
{
"category": "external",
"summary": "2096206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096206"
},
{
"category": "external",
"summary": "2096208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096208"
},
{
"category": "external",
"summary": "2096263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096263"
},
{
"category": "external",
"summary": "2096333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096333"
},
{
"category": "external",
"summary": "2096492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096492"
},
{
"category": "external",
"summary": "2096502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096502"
},
{
"category": "external",
"summary": "2096510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096510"
},
{
"category": "external",
"summary": "2096511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096511"
},
{
"category": "external",
"summary": "2096620",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096620"
},
{
"category": "external",
"summary": "2096781",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096781"
},
{
"category": "external",
"summary": "2096801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096801"
},
{
"category": "external",
"summary": "2096845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096845"
},
{
"category": "external",
"summary": "2097328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097328"
},
{
"category": "external",
"summary": "2097370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097370"
},
{
"category": "external",
"summary": "2097465",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097465"
},
{
"category": "external",
"summary": "2097586",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097586"
},
{
"category": "external",
"summary": "2098134",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098134"
},
{
"category": "external",
"summary": "2098135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098135"
},
{
"category": "external",
"summary": "2098282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098282"
},
{
"category": "external",
"summary": "2099443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099443"
},
{
"category": "external",
"summary": "2099533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099533"
},
{
"category": "external",
"summary": "2099535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099535"
},
{
"category": "external",
"summary": "2099539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099539"
},
{
"category": "external",
"summary": "2099566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099566"
},
{
"category": "external",
"summary": "2099608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099608"
},
{
"category": "external",
"summary": "2099633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099633"
},
{
"category": "external",
"summary": "2099639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099639"
},
{
"category": "external",
"summary": "2099802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099802"
},
{
"category": "external",
"summary": "2100054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100054"
},
{
"category": "external",
"summary": "2100284",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100284"
},
{
"category": "external",
"summary": "2100415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100415"
},
{
"category": "external",
"summary": "2100495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100495"
},
{
"category": "external",
"summary": "2101164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101164"
},
{
"category": "external",
"summary": "2101192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101192"
},
{
"category": "external",
"summary": "2101430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101430"
},
{
"category": "external",
"summary": "2101454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101454"
},
{
"category": "external",
"summary": "2101485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101485"
},
{
"category": "external",
"summary": "2101628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101628"
},
{
"category": "external",
"summary": "2101954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101954"
},
{
"category": "external",
"summary": "2102076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102076"
},
{
"category": "external",
"summary": "2102116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102116"
},
{
"category": "external",
"summary": "2102117",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102117"
},
{
"category": "external",
"summary": "2102122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102122"
},
{
"category": "external",
"summary": "2102124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102124"
},
{
"category": "external",
"summary": "2102125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102125"
},
{
"category": "external",
"summary": "2102127",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102127"
},
{
"category": "external",
"summary": "2102129",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102129"
},
{
"category": "external",
"summary": "2102131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102131"
},
{
"category": "external",
"summary": "2102135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102135"
},
{
"category": "external",
"summary": "2102143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102143"
},
{
"category": "external",
"summary": "2102256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102256"
},
{
"category": "external",
"summary": "2102448",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102448"
},
{
"category": "external",
"summary": "2102543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102543"
},
{
"category": "external",
"summary": "2102544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102544"
},
{
"category": "external",
"summary": "2102545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102545"
},
{
"category": "external",
"summary": "2104617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104617"
},
{
"category": "external",
"summary": "2106175",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106175"
},
{
"category": "external",
"summary": "2106258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106258"
},
{
"category": "external",
"summary": "2110178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2110178"
},
{
"category": "external",
"summary": "2111359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111359"
},
{
"category": "external",
"summary": "2111562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111562"
},
{
"category": "external",
"summary": "2117872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117872"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_6526.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 4.11.0 Images security and bug fix update",
"tracking": {
"current_release_date": "2024-09-18T14:41:18+00:00",
"generator": {
"date": "2024-09-18T14:41:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:6526",
"initial_release_date": "2022-09-14T19:28:51+00:00",
"revision_history": [
{
"date": "2022-09-14T19:28:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-09-14T19:28:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:41:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.11 for RHEL 8",
"product": {
"name": "CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.11::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"product": {
"name": "container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"product_id": "container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.11.0-26"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"product": {
"name": "container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"product_id": "container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"product_identification_helper": {
"purl": "pkg:oci/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/checkup-framework\u0026tag=v4.11.0-67"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"product": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.11.0-26"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"product": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.11.0-26"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"product": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.11.0-63"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"product": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"product_id": "container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.11.0-601"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"product": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"product_id": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver-rhel8\u0026tag=v4.11.0-21"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"product": {
"name": "container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"product_id": "container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver\u0026tag=v4.11.0-21"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.11.0-21"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.11.0-24"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.11.0-96"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.11.0-96"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"product": {
"name": "container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"product_id": "container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.11.0-26"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"product_id": "container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-console-plugin\u0026tag=v4.11.0-83"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.11.0-54"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm\u0026tag=v4.11.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-copy-template\u0026tag=v4.11.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-create-datavolume\u0026tag=v4.11.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template\u0026tag=v4.11.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize\u0026tag=v4.11.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep\u0026tag=v4.11.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template\u0026tag=v4.11.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-operator\u0026tag=v4.11.0-29"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"product_id": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status\u0026tag=v4.11.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"product_id": "container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.11.0-17"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"product": {
"name": "container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"product_id": "container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.11.0-106"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"product_id": "container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.11.0-26"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"product_id": "container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.11.0-26"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"product": {
"name": "container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"product_id": "container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.11.0-106"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"product": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"product_id": "container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.11.0-106"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.11.0-59"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"product_id": "container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.11.0-59"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"product_id": "container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.11.0-59"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"product_id": "container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.11.0-59"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"product_id": "container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.11.0-59"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.11.0-59"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.11.0-59"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"product": {
"name": "container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"product_id": "container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.11.0-106"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"product": {
"name": "container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"product_id": "container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.11.0-106"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"product": {
"name": "container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"product_id": "container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.11.0-16"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"product": {
"name": "container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"product_id": "container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.11.0-106"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"product": {
"name": "container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"product_id": "container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.11.0-106"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64",
"product": {
"name": "container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64",
"product_id": "container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-network-latency-checkup\u0026tag=v4.11.0-67"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64"
},
"product_reference": "container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64"
},
"product_reference": "container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64"
},
"product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64"
},
"product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64"
},
"product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64"
},
"product_reference": "container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64"
},
"product_reference": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64"
},
"product_reference": "container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64"
},
"product_reference": "container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64"
},
"product_reference": "container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64"
},
"product_reference": "container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64"
},
"product_reference": "container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64"
},
"product_reference": "container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64"
},
"product_reference": "container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64"
},
"product_reference": "container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64"
},
"product_reference": "container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64"
},
"product_reference": "container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64 as a component of CNV 4.11 for RHEL 8",
"product_id": "8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
},
"product_reference": "container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64",
"relates_to_product_reference": "8Base-CNV-4.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-38561",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2022-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2100495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: out-of-bounds read in golang.org/x/text/language leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw may be triggered only by accepting untrusted user input to the vulnerable golang\u0027s library. The overall DoS attack vector depends directly on how the library\u0027s input is exposed by the consuming application, thus Red Hat rates impact as Moderate.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) 2.5 version, the registration-operator, lighthouse-coredns, lighthouse-agent, gatekeeper-operator, and discovery-operator components are affected by this flaw, but the rest of the components are using an already patched version and are unaffected. For 2.4 and previous versions of Red Hat Advanced Cluster Management for Kubernetes (RHACM), most of the components are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-38561"
},
{
"category": "external",
"summary": "RHBZ#2100495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38561"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2021-0113",
"url": "https://pkg.go.dev/vuln/GO-2021-0113"
}
],
"release_date": "2021-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: out-of-bounds read in golang.org/x/text/language leads to DoS"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030806"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "RHBZ#2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
},
{
"category": "workaround",
"details": "This bug can be mitigated by raising the per-process file descriptor limit.",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
},
{
"acknowledgments": [
{
"names": [
"Oliver Brooks and James Klopchic"
],
"organization": "NCC Group"
}
],
"cve": "CVE-2022-1798",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-08-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117872"
}
],
"notes": [
{
"category": "description",
"text": "An arbitrary file read vulnerability was found in the kubeVirt API. This flaw makes it possible to use the kubeVirt API to provide access to host files (like /etc/passwd, for example) in a KubeVirt VM as a disk device that can be written to and read from.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubeVirt: Arbitrary file read on the host from KubeVirt VMs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1798"
},
{
"category": "external",
"summary": "RHBZ#2117872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1798",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1798"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-cvx8-ppmc-78hm",
"url": "https://github.com/google/security-research/security/advisories/GHSA-cvx8-ppmc-78hm"
}
],
"release_date": "2022-08-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kubeVirt: Arbitrary file read on the host from KubeVirt VMs"
},
{
"cve": "CVE-2022-21698",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2022-01-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2045880"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a moderate impact for two main reasons. The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. Additionally, this is in alignment with upstream\u0027s (the Prometheus project) impact rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21698"
},
{
"category": "external",
"summary": "RHBZ#2045880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698"
},
{
"category": "external",
"summary": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p",
"url": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p"
}
],
"release_date": "2022-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter"
},
{
"cve": "CVE-2022-23772",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-02-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053532"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23772"
},
{
"category": "external",
"summary": "RHBZ#2053532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
"url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
}
],
"release_date": "2022-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString"
},
{
"cve": "CVE-2022-23773",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"discovery_date": "2022-02-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053541"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go package of the cmd library in golang. The go command could be tricked into accepting a branch, which resembles a version tag. This issue could allow a remote unauthenticated attacker to bypass security restrictions and introduce invalid or incorrect tags, reducing the integrity of the environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23773"
},
{
"category": "external",
"summary": "RHBZ#2053541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
"url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
}
],
"release_date": "2022-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control"
},
{
"cve": "CVE-2022-23806",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"discovery_date": "2022-02-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053429"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined behavior, affecting the availability and integrity of the resource.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8 and 9 are affected because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having a Moderate security impact. The issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7; hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16 \u0026 1.17), will not be addressed in future updates as shipped only in RHEL-7, hence, marked as Out-of-Support-Scope.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23806"
},
{
"category": "external",
"summary": "RHBZ#2053429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
"url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
}
],
"release_date": "2022-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements"
},
{
"cve": "CVE-2022-24675",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-04-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2077688"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was found in Golang\u0027s library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: encoding/pem: fix stack overflow in Decode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope.\n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24675"
},
{
"category": "external",
"summary": "RHBZ#2077688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
}
],
"release_date": "2022-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: encoding/pem: fix stack overflow in Decode"
},
{
"cve": "CVE-2022-24921",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064857"
}
],
"notes": [
{
"category": "description",
"text": "A stack overflow flaw was found in Golang\u0027s regexp module, which can crash the runtime if the application using regexp accepts very long or arbitrarily long regexps from untrusted sources that have sufficient nesting depths. To exploit this vulnerability, an attacker would need to send large regexps with deep nesting to the application. Triggering this flaw leads to a crash of the runtime, which causes a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp: stack exhaustion via a deeply nested expression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as a Moderate impact flaw because the exploitation of this flaw requires that an affected application accept arbitrarily long regexps from untrusted sources, which has inherent risks (even without this flaw), especially involving impacts to application availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24921"
},
{
"category": "external",
"summary": "RHBZ#2064857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064857"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24921",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24921"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk",
"url": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk"
}
],
"release_date": "2022-03-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp: stack exhaustion via a deeply nested expression"
},
{
"cve": "CVE-2022-27191",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064702"
}
],
"notes": [
{
"category": "description",
"text": "A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crash in a golang.org/x/crypto/ssh server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP) the vulnerable golang.org/x/crypto/ssh package is bundled in many components. The affected code is in the SSH server portion that is not used, hence the impact by this vulnerability is reduced. Additionally the OCP installer components, that also bundle vulnerable golang.org/x/crypto/ssh package, are used only during the cluster installation process, hence for already deployed and running OCP clusters the installer components are considered as affected by this vulnerability but not impacted.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27191"
},
{
"category": "external",
"summary": "RHBZ#2064702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ"
}
],
"release_date": "2022-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crash in a golang.org/x/crypto/ssh server"
},
{
"cve": "CVE-2022-28327",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-04-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2077689"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw was found in Golang\u0027s crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/elliptic: panic caused by oversized scalar",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
],
"known_not_affected": [
"8Base-CNV-4.11:container-native-virtualization/checkup-framework@sha256:055aa6e280af9bfec4c8864f4d9ed79c22bd864829cff855650ef7fed092c815_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-must-gather-rhel8@sha256:3d364b59962f15123ba6ce8b2d49b1cd38b3f1d540b3b4c0a1858e93b6cba011_amd64",
"8Base-CNV-4.11:container-native-virtualization/hco-bundle-registry@sha256:b83c2f51067335600cc20a39a9d911ad110d700ef46f53e7a18af4e534a77534_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-operator@sha256:9522cee60c82b120a4dd131f6dc690786740dd85ce5e7f83171823c4b7aa93e0_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-console-plugin@sha256:884d54355a5e3f66f2916a4fd6bb182a2450f2c6a800176befc7a74b7b5cd5c9_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-ssp-operator@sha256:989137caa24e0604c230e84a7a65b7efc38ef68ef55ffe78353c51c58dd63e14_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:b4151b401146f609a0647886845233d6bd1561aaaba72866fcad6d3f4539f950_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:34e68039c045ac22068a557d548b420ab04cda5fa755404ee1c850aa6817747f_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:56de4ec139a88c5f61a0cd87dc405e208992a9cf343cc6925094cbefb533f2ce_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:7c16943b0da0e7c886c2cad5a87c92db111a96b842f66971862d2d81df0a92f2_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:c0fd52ef347d2cd496a98ea67ed432074127cb6f86e64798f452968d26e39594_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:da18128194e3574952655b623395d330fd82912fc598b0804762f039cd7bd713_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:4747611e2b2648b3d765e6c728d80d339a25dd20664ecc57b70a1e09d71eee64_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:2c008c250adad10a90fad4a7be1825ba4d950a7fbf9134c7a08346c5e0483c26_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:afe3a2b76c42e27399cb71fb3c02317e89cb5f3201f9f95ec0bfa9e74c4775c4_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubevirt-template-validator@sha256:b8122af35a7695f7cf99e4d36546920570e408cfba2b45c90ffd4dd2ddf47c77_amd64",
"8Base-CNV-4.11:container-native-virtualization/libguestfs-tools@sha256:083c332bd90cb8fbb02182926985accff8ba9a4ca351a6a7c049cb173e2cea00_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-marker@sha256:612d67e74b6b682ea1d6358c7e766c2c499ac747ec6778a45f289ea597da736d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-api@sha256:e47dc1188b335a23bbaf9aec8df03fd78dc4b62b3e41f06bc67a408363016e05_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-artifacts-server@sha256:412af0af13fb583eb59bf00c544b2feef9f02bfcec9776ccce1750d781a35341_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-apiserver@sha256:6481694e07d022162c4512c3e346bd10718219c6ed78bed0bdbb759c9be3d434_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-controller@sha256:474a57191da17d55a2a4c85fc6babbf6a052a244cd6edaa8bb67cb3987be8e7c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-importer@sha256:722bdbb1303c5c631dc574fd4d5873623f2b5cee18f14970ddd224a50c819b9f_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-operator@sha256:f2371c3df8800ed745ee00b2037c932e9889271d6b47f5fd4df72c0dd4559f70_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadproxy@sha256:69fbd2dee5cad3adfd2b85584e1c095a5896346497e0a58def70806f77687386_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-uploadserver@sha256:056d9fa9dff8ba2eca829403a5d0190a3bf2767e6ab37e7b46b4cc1885e1e2df_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-controller@sha256:a07a7931e8778971d6e3a73fdd0cabb442e057505d6364d98adcfa2d088b4858_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-handler@sha256:81840626baefd6558db56a060ad37ecbd21378b3a96bfe525727f8ab64b02462_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-launcher@sha256:ca64a5d33cae1ddec96abde09f97ef0845a40bf2676a319dd3fb1f1737b1826d_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-operator@sha256:69c97e3d7f039edc5a8c7075dde0114ebdb56d62cf9e4d921b40ef3847f0c75c_amd64",
"8Base-CNV-4.11:container-native-virtualization/virtio-win@sha256:3f4a86de5c9046c44a792a75fe056976dd6763afdba22a9aededa9ed2ab781d9_amd64",
"8Base-CNV-4.11:container-native-virtualization/vm-network-latency-checkup@sha256:b7e272aa99af11856b4a2d6a7f1cea4258aef13e02e0b34c7e076b3798c8169d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28327"
},
{
"category": "external",
"summary": "RHBZ#2077689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
}
],
"release_date": "2022-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6526"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.11:container-native-virtualization/bridge-marker@sha256:faa1f729980217c7ffefa2134d5e8d851a6fb7913be7c6edf8ab7c3277b6f53d_amd64",
"8Base-CNV-4.11:container-native-virtualization/cluster-network-addons-operator@sha256:c7475f5f5d2c24bffc410c39168d4eba8bffa64b7e220a51291ed4e6bf053c6f_amd64",
"8Base-CNV-4.11:container-native-virtualization/cnv-containernetworking-plugins@sha256:af41f3c3f2b88a74bfe29c6001ca5e472bb9673150bfc0be35ffad66a012a573_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-csi-driver@sha256:562548cfd4fd0327e3cd25365251eed5abe1aafbf394b0a112b79039c802c3c3_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:37cb86f8d15856f112cff0440638cd976572216a84afac2d11c8a2188f86be34_amd64",
"8Base-CNV-4.11:container-native-virtualization/hostpath-provisioner-rhel8@sha256:ef1f3bfc036762d9060f490912fd1b43d9ce3b9c542a347b77f505ba92a51906_amd64",
"8Base-CNV-4.11:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:5a70d43a90d0860ca367c004fedc7a3b82132327a9d9e6bbb1d1244cd7fddb13_amd64",
"8Base-CNV-4.11:container-native-virtualization/kubemacpool@sha256:9eb14ac44a379de4a6fe8583f582b2e39fd056beeab9951cd783e31340c0ce6a_amd64",
"8Base-CNV-4.11:container-native-virtualization/ovs-cni-plugin@sha256:3cffc89502ab45e9b47721cbca140d7946fd8afab6f1f9c6f17c17ea24374869_amd64",
"8Base-CNV-4.11:container-native-virtualization/virt-cdi-cloner@sha256:578e2134d5a174249a374de5c26532db98fca13a571e81ac6839ba88beb19a01_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/elliptic: panic caused by oversized scalar"
}
]
}
Loading...