Published on September 12th, 2023 📆 | 5413 Views ⚑0
Red Hat Security Advisory 2023-5103-01 – Torchsec
Red Hat Security Advisory
Synopsis: Moderate: OpenShift Virtualization 4.11.6 security and bug fix update
Advisory ID: RHSA-2023:5103-01
Product: OpenShift Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2023:5103
Issue date: 2023-09-12
CVE Names: CVE-2016-3709 CVE-2022-4304 CVE-2022-4450
CVE-2023-0215 CVE-2023-0286 CVE-2023-0361
CVE-2023-2828 CVE-2023-3089 CVE-2023-3899
Red Hat OpenShift Virtualization release 4.11.6 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section
OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 4.11.6 images.
* openshift: OCP & FIPS mode (CVE-2023-3089)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
* Requested TSC frequency outside tolerance range & TSC scaling not
* User cannot get resource "virtualmachineinstances/portforward" in API
group "subresources.kubevirt.io" (BZ#2160673)
* 4.11.4 containers (BZ#2173835)
* VMI with x86_Icelake fail when mpx feature is missing (BZ#2218193)
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
4. Bugs fixed (https://bugzilla.redhat.com/):
2151169 - Requested TSC frequency outside tolerance range & TSC scaling not supported
2160673 - User cannot get resource "virtualmachineinstances/portforward" in API group "subresources.kubevirt.io"
2173835 - 4.11.4 containers
2212085 - CVE-2023-3089 openshift: OCP & FIPS mode
2218193 - VMI with x86_Icelake fail when mpx feature is missing
The Red Hat security contact is
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
RHSA-announce mailing list