Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.6290
OpenShift Virtualization 4.11.1 security and bug fix update
2 December 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: OpenShift Virtualization 4.11.1
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-40674 CVE-2022-38178 CVE-2022-38177
CVE-2022-37434 CVE-2022-34903 CVE-2022-32208
CVE-2022-32206 CVE-2022-30699 CVE-2022-30698
CVE-2022-30629 CVE-2022-30293 CVE-2022-29154
CVE-2022-28327 CVE-2022-27406 CVE-2022-27405
CVE-2022-27404 CVE-2022-26719 CVE-2022-26717
CVE-2022-26716 CVE-2022-26710 CVE-2022-26709
CVE-2022-26700 CVE-2022-25310 CVE-2022-25309
CVE-2022-25308 CVE-2022-24921 CVE-2022-24795
CVE-2022-24675 CVE-2022-22662 CVE-2022-22629
CVE-2022-22628 CVE-2022-22624 CVE-2022-3515
CVE-2022-2509 CVE-2022-2097 CVE-2022-2068
CVE-2022-1927 CVE-2022-1897 CVE-2022-1785
CVE-2022-1586 CVE-2022-1304 CVE-2022-1292
CVE-2022-0934 CVE-2022-0391 CVE-2021-38561
CVE-2021-0308 CVE-2020-35527 CVE-2020-35525
CVE-2020-0256 CVE-2016-3709 CVE-2015-20107
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:8750
Comment: CVSS (Max): 9.8 CVE-2022-40674 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: OpenShift Virtualization 4.11.1 security and bug fix update
Advisory ID: RHSA-2022:8750-01
Product: cnv
Advisory URL: https://access.redhat.com/errata/RHSA-2022:8750
Issue date: 2022-12-01
CVE Names: CVE-2015-20107 CVE-2016-3709 CVE-2020-0256
CVE-2020-35525 CVE-2020-35527 CVE-2021-0308
CVE-2021-38561 CVE-2022-0391 CVE-2022-0934
CVE-2022-1292 CVE-2022-1304 CVE-2022-1586
CVE-2022-1785 CVE-2022-1897 CVE-2022-1927
CVE-2022-2068 CVE-2022-2097 CVE-2022-2509
CVE-2022-3515 CVE-2022-22624 CVE-2022-22628
CVE-2022-22629 CVE-2022-22662 CVE-2022-24675
CVE-2022-24795 CVE-2022-24921 CVE-2022-25308
CVE-2022-25309 CVE-2022-25310 CVE-2022-26700
CVE-2022-26709 CVE-2022-26710 CVE-2022-26716
CVE-2022-26717 CVE-2022-26719 CVE-2022-27404
CVE-2022-27405 CVE-2022-27406 CVE-2022-28327
CVE-2022-29154 CVE-2022-30293 CVE-2022-30629
CVE-2022-30698 CVE-2022-30699 CVE-2022-32206
CVE-2022-32208 CVE-2022-34903 CVE-2022-37434
CVE-2022-38177 CVE-2022-38178 CVE-2022-40674
=====================================================================
1. Summary:
Red Hat OpenShift Virtualization release 4.11.1 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.
Security Fix(es):
* golang: out-of-bounds read in golang.org/x/text/language leads to DoS
(CVE-2021-38561)
* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)
* golang: regexp: stack exhaustion via a deeply nested expression
(CVE-2022-24921)
* golang: crypto/elliptic: panic caused by oversized scalar
(CVE-2022-28327)
* golang: crypto/tls: session tickets lack random ticket_age_add
(CVE-2022-30629)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* Cloning a Block DV to VM with Filesystem with not big enough size comes
to endless loop - using pvc api (BZ#2033191)
* Restart of VM Pod causes SSH keys to be regenerated within VM
(BZ#2087177)
* Import gzipped raw file causes image to be downloaded and uncompressed to
TMPDIR (BZ#2089391)
* [4.11] VM Snapshot Restore hangs indefinitely when backed by a
snapshotclass (BZ#2098225)
* Fedora version in DataImportCrons is not 'latest' (BZ#2102694)
* [4.11] Cloned VM's snapshot restore fails if the source VM disk is
deleted (BZ#2109407)
* CNV introduces a compliance check fail in "ocp4-moderate" profile -
routes-protected-by-tls (BZ#2110562)
* Nightly build: v4.11.0-578: index format was changed in 4.11 to
file-based instead of sqlite-based (BZ#2112643)
* Unable to start windows VMs on PSI setups (BZ#2115371)
* [4.11.1]virt-launcher cannot be started on OCP 4.12 due to PodSecurity
restricted:v1.24 (BZ#2128997)
* Mark Windows 11 as TechPreview (BZ#2129013)
* 4.11.1 rpms (BZ#2139453)
This advisory contains the following OpenShift Virtualization 4.11.1
images.
RHEL-8-CNV-4.11
virt-cdi-operator-container-v4.11.1-5
virt-cdi-uploadserver-container-v4.11.1-5
virt-cdi-apiserver-container-v4.11.1-5
virt-cdi-importer-container-v4.11.1-5
virt-cdi-controller-container-v4.11.1-5
virt-cdi-cloner-container-v4.11.1-5
virt-cdi-uploadproxy-container-v4.11.1-5
checkup-framework-container-v4.11.1-3
kubevirt-tekton-tasks-wait-for-vmi-status-container-v4.11.1-7
kubevirt-tekton-tasks-create-datavolume-container-v4.11.1-7
kubevirt-template-validator-container-v4.11.1-4
virt-handler-container-v4.11.1-5
hostpath-provisioner-operator-container-v4.11.1-4
virt-api-container-v4.11.1-5
vm-network-latency-checkup-container-v4.11.1-3
cluster-network-addons-operator-container-v4.11.1-5
virtio-win-container-v4.11.1-4
virt-launcher-container-v4.11.1-5
ovs-cni-marker-container-v4.11.1-5
hyperconverged-cluster-webhook-container-v4.11.1-7
virt-controller-container-v4.11.1-5
virt-artifacts-server-container-v4.11.1-5
kubevirt-tekton-tasks-modify-vm-template-container-v4.11.1-7
kubevirt-tekton-tasks-disk-virt-customize-container-v4.11.1-7
libguestfs-tools-container-v4.11.1-5
hostpath-provisioner-container-v4.11.1-4
kubevirt-tekton-tasks-disk-virt-sysprep-container-v4.11.1-7
kubevirt-tekton-tasks-copy-template-container-v4.11.1-7
cnv-containernetworking-plugins-container-v4.11.1-5
bridge-marker-container-v4.11.1-5
virt-operator-container-v4.11.1-5
hostpath-csi-driver-container-v4.11.1-4
kubevirt-tekton-tasks-create-vm-from-template-container-v4.11.1-7
kubemacpool-container-v4.11.1-5
hyperconverged-cluster-operator-container-v4.11.1-7
kubevirt-ssp-operator-container-v4.11.1-4
ovs-cni-plugin-container-v4.11.1-5
kubevirt-tekton-tasks-cleanup-vm-container-v4.11.1-7
kubevirt-tekton-tasks-operator-container-v4.11.1-2
cnv-must-gather-container-v4.11.1-8
kubevirt-console-plugin-container-v4.11.1-9
hco-bundle-registry-container-v4.11.1-49
3. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
4. Bugs fixed (https://bugzilla.redhat.com/):
2033191 - Cloning a Block DV to VM with Filesystem with not big enough size comes to endless loop - using pvc api
2064857 - CVE-2022-24921 golang: regexp: stack exhaustion via a deeply nested expression
2070772 - When specifying pciAddress for several SR-IOV NIC they are not correctly propagated to libvirt XML
2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode
2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar
2087177 - Restart of VM Pod causes SSH keys to be regenerated within VM
2089391 - Import gzipped raw file causes image to be downloaded and uncompressed to TMPDIR
2091856 - ?Edit BootSource? action should have more explicit information when disabled
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
2098225 - [4.11] VM Snapshot Restore hangs indefinitely when backed by a snapshotclass
2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS
2102694 - Fedora version in DataImportCrons is not 'latest'
2109407 - [4.11] Cloned VM's snapshot restore fails if the source VM disk is deleted
2110562 - CNV introduces a compliance check fail in "ocp4-moderate" profile - routes-protected-by-tls
2112643 - Nightly build: v4.11.0-578: index format was changed in 4.11 to file-based instead of sqlite-based
2115371 - Unable to start windows VMs on PSI setups
2119613 - GiB changes to B in Template's Edit boot source reference modal
2128554 - The storageclass of VM disk is different from quick created and customize created after changed the default storageclass
2128872 - [4.11]Can't restore cloned VM
2128997 - [4.11.1]virt-launcher cannot be started on OCP 4.12 due to PodSecurity restricted:v1.24
2129013 - Mark Windows 11 as TechPreview
2129235 - [RFE] Add "Copy SSH command" to VM action list
2134668 - Cannot edit ssh even vm is stopped
2139453 - 4.11.1 rpms
5. References:
https://access.redhat.com/security/cve/CVE-2015-20107
https://access.redhat.com/security/cve/CVE-2016-3709
https://access.redhat.com/security/cve/CVE-2020-0256
https://access.redhat.com/security/cve/CVE-2020-35525
https://access.redhat.com/security/cve/CVE-2020-35527
https://access.redhat.com/security/cve/CVE-2021-0308
https://access.redhat.com/security/cve/CVE-2021-38561
https://access.redhat.com/security/cve/CVE-2022-0391
https://access.redhat.com/security/cve/CVE-2022-0934
https://access.redhat.com/security/cve/CVE-2022-1292
https://access.redhat.com/security/cve/CVE-2022-1304
https://access.redhat.com/security/cve/CVE-2022-1586
https://access.redhat.com/security/cve/CVE-2022-1785
https://access.redhat.com/security/cve/CVE-2022-1897
https://access.redhat.com/security/cve/CVE-2022-1927
https://access.redhat.com/security/cve/CVE-2022-2068
https://access.redhat.com/security/cve/CVE-2022-2097
https://access.redhat.com/security/cve/CVE-2022-2509
https://access.redhat.com/security/cve/CVE-2022-3515
https://access.redhat.com/security/cve/CVE-2022-22624
https://access.redhat.com/security/cve/CVE-2022-22628
https://access.redhat.com/security/cve/CVE-2022-22629
https://access.redhat.com/security/cve/CVE-2022-22662
https://access.redhat.com/security/cve/CVE-2022-24675
https://access.redhat.com/security/cve/CVE-2022-24795
https://access.redhat.com/security/cve/CVE-2022-24921
https://access.redhat.com/security/cve/CVE-2022-25308
https://access.redhat.com/security/cve/CVE-2022-25309
https://access.redhat.com/security/cve/CVE-2022-25310
https://access.redhat.com/security/cve/CVE-2022-26700
https://access.redhat.com/security/cve/CVE-2022-26709
https://access.redhat.com/security/cve/CVE-2022-26710
https://access.redhat.com/security/cve/CVE-2022-26716
https://access.redhat.com/security/cve/CVE-2022-26717
https://access.redhat.com/security/cve/CVE-2022-26719
https://access.redhat.com/security/cve/CVE-2022-27404
https://access.redhat.com/security/cve/CVE-2022-27405
https://access.redhat.com/security/cve/CVE-2022-27406
https://access.redhat.com/security/cve/CVE-2022-28327
https://access.redhat.com/security/cve/CVE-2022-29154
https://access.redhat.com/security/cve/CVE-2022-30293
https://access.redhat.com/security/cve/CVE-2022-30629
https://access.redhat.com/security/cve/CVE-2022-30698
https://access.redhat.com/security/cve/CVE-2022-30699
https://access.redhat.com/security/cve/CVE-2022-32206
https://access.redhat.com/security/cve/CVE-2022-32208
https://access.redhat.com/security/cve/CVE-2022-34903
https://access.redhat.com/security/cve/CVE-2022-37434
https://access.redhat.com/security/cve/CVE-2022-38177
https://access.redhat.com/security/cve/CVE-2022-38178
https://access.redhat.com/security/cve/CVE-2022-40674
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY4lNCdzjgjWX9erEAQhXxhAAjaag4e7jIpQLpc0kJhc/hn59M4UIxn8v
a1L+lD58IrBfY3KAtSAK0t3ei92Lyf8LCJqm027yGlIskeCV91vkO9ZpJhPfRasU
u1a8Uhd/5F6caB0xUPX26vyCyksalw17CNmLWh5wd2izhkOGctkgVD7LhsVzXbFh
tIomeVp/hVwW9ILX03ijss27E6m2ZUczgWmuNpviqW8WRFMUw3ZM+1MxnSDHxURe
H28dsj2l7nrshdBGrZeuj2HBoA0/x3Vsc2jiXfP8nt7LcQ/pb1DN4MYo6lAAEVkC
O2LlzTAzw/3MAGofaRinyHZD2aoqicPqooUIQglBbF6cvYAUrMtxRCwKcZOckE3d
F2exKjihBY3JeLlsjpWXBe0yAhdwse7j0oovNL2uQH1imUr7Y1pXVlJqeDzHkzME
MIRKzuuTGJe1D9Av4S8R+W5eT7iXBAH7x9Lia1NFxeflemVQbyr8ayEMLcmiDuyj
xMKYFFpW9GmplZlCnDaG5lxKu8ZbOkRzanaLeLn+G5j1+1w9Y9wGtlXJIHV6gmfC
Wk33MBCpqCGg1Wz+SlXJCtksnYmvKdzn79b2HInvPJtndDQ/VidcN2MuJfkYe688
2m3FYMI0ehPummvv3iGXLz5ku6gD6y0qNhNWC6HM+hLNnPvvukXXcFgCyonJuv0I
AqwDoKa8myM=
=pIHc
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY4l9k8kNZI30y1K9AQjNjxAApOYjmRHNA0tFOqZBXmDbpTmgV12/ps+H
2cW+c3wNsNiu+jQOIJLJZt+HYOLTwmRbbeCujvOfUoGVC4EFdLR9BwOV3Tyejqb5
moq97eW6NDG79b8Xhckbj8EPhEzvDVFPeLeyJRmjkEqKu9atGagQ7jZKU2ew763v
u0+6xklgiclWjXnPhwpDs/vjLL4Tr+YVpC+ekKeM6brtRgkMsw7Nd9HTqTE1ThtH
TNpXW1pQcBZ4QTpQPR01DHjY7ZctXBG8T1coPHm8nj90arVXUKi8zjhYh/KNs1Ls
S+7XqF7yCnGMfvjf5DBnXDl/QNaaNJuvIT2I5rm/hedWHHRMoRbFm3P4WbF6z+I7
czBQ/yk7JoCLj454EIUKFH4hho4LO+Y5xghiXLt+iUTU5G5wjemjL1wed9Nh9kTA
gXf8e32tnTSDrRjakPlrVJxQCXApwv6by52bUAkhfhAE5vqPXFk1YcyoYwB3nL1Q
DFl8IU0hEkeIv1weJRbB99lhTMCUdxV9zRc66wzliXT1QINZPLtZ7GUb6NmbiuPS
0lfVzS42ed7b2YssmeDmFgdsxq/XLv6yRgUNSgoStCMUw82mrQilpiQYmmLepZ+Q
deqfDla/fT+oVw01Md4w0CYE0sLm1FDLoyhML/wOf7+e6ZkYPA+f/vXESZdN0iFv
YIqxco71KA4=
=KAWW
-----END PGP SIGNATURE-----