Red Hat Security Advisory 2023-4982-01 – Torchsec

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: OpenShift Virtualization 4.12.6 Images
Advisory ID: RHSA-2023:4982-01
Product: OpenShift Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2023:4982
Issue date: 2023-09-05
CVE Names: CVE-2016-3709 CVE-2022-4304 CVE-2022-4450
CVE-2023-0215 CVE-2023-0361 CVE-2023-2602
CVE-2023-2603 CVE-2023-3899 CVE-2023-27536
CVE-2023-28321 CVE-2023-28484 CVE-2023-29469
CVE-2023-32681 CVE-2023-34969 CVE-2023-38408
=====================================================================

1. Summary:

Red Hat OpenShift Virtualization release 4.12.6 is now available with
updates to packages and images that fix several bugs and add enhancements.

2. Description:

OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.

This advisory contains OpenShift Virtualization 4.12.6 images.

3. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2139896 - Requested TSC frequency outside tolerance range & TSC scaling not supported
2145146 - CDI operator is not creating PrometheusRule resource with alerts if CDI resource is incorrect
2148383 - Migration metrics values are not sum up values from all VMIs
2149409 - HPP mounter deployment can't mount as unprivileged
2168489 - Overview -> Migrations - The ?Bandwidth consumption? Graph display with wrong values
2184435 - [cnv-4.12] virt-handler should not delete any pre-configured mediated devices i these are provided by an external provider
2222191 - [cnv-4.12] manually increasing the number of virt-api pods does not work

5. References:

https://access.redhat.com/security/cve/CVE-2016-3709
https://access.redhat.com/security/cve/CVE-2022-4304
https://access.redhat.com/security/cve/CVE-2022-4450
https://access.redhat.com/security/cve/CVE-2023-0215
https://access.redhat.com/security/cve/CVE-2023-0361
https://access.redhat.com/security/cve/CVE-2023-2602
https://access.redhat.com/security/cve/CVE-2023-2603
https://access.redhat.com/security/cve/CVE-2023-3899
https://access.redhat.com/security/cve/CVE-2023-27536
https://access.redhat.com/security/cve/CVE-2023-28321
https://access.redhat.com/security/cve/CVE-2023-28484
https://access.redhat.com/security/cve/CVE-2023-29469
https://access.redhat.com/security/cve/CVE-2023-32681
https://access.redhat.com/security/cve/CVE-2023-34969
https://access.redhat.com/security/cve/CVE-2023-38408
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJk93zLAAoJENzjgjWX9erET5YP/3/bMYvKrQ7K/QB7At5G+PIT
8EQxWqh89HAiprRaAs+Q0cemAC+7Ea0ygmWfvFySYqUPqMGgDBKuB/Tzj2fcPcXg
F+oS+LGHXktJojB8AbC23W8eXAv9iJeHghbld9SL8r7uV1TyGeIkNSkiPL+SpnN3
wT3zNRDIQBkGLtRkTBqsuueFDnaHvi5XZw+DwBIsbHYWe9GwuPs7rXNO06hdnDmn
M2xFQrWiDUaQ28a/uvnSOGWDufqPXNJtcJ6glRTfgvYOujo0alB81PKfBV2xdl9e
KFZvUuUzFyWzoFlUYv9GX6Hg8qEf41jFU0bpGiVw30E4yRMBz4XWwPwXiuhNTos4
M7nNsvNZ2EIjrBCOsCG2k9dLRnMZMWsLouVSZg1b1oUzfIUOgWYcGkEHvK2ha2lj
Z+p94qhnaYb8c8SXXkt7kKPkhLpbs/W18OZ/Yj0kV6Fkn2CiDPfvYwKGbL97l7Th
OzEHXOPk/2Zz6znXfu6xj2jPjvpo0Va3ifDaP6QklNq8BLaDpafWnUgPrPAGgH1v
ubJGt1bvfwzd1IRxBETcD87lvTf4kHTcVu2Ob1ahzuKoEJ+/xMER6fVxmRcwibms
YsM5ehtFjWheW6Emmqpl5jl1TzTUolvsjexp5VVlw7SlUlOxQscM9G8ot/w+qyBw
25dyyOR2sqtSeW6+p5e4
=LWjT
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce