9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.972 High
EPSS
Percentile
99.8%
OpenShift Virtualization is Red Hat’s virtualization solution designed for Red Hat OpenShift Container Platform.
Security Fix(es):
kubevirt: VMIs can be used to access host files (CVE-2020-14316)
containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
This update also fixes several bugs and adds various enhancements.
This advisory contains the following OpenShift Virtualization 2.4.0 images:
kubevirt-ssp-operator-container-v2.4.0-71
virt-cdi-controller-container-v2.4.0-29
virt-cdi-uploadproxy-container-v2.4.0-29
hostpath-provisioner-container-v2.4.0-25
virt-cdi-operator-container-v2.4.0-29
kubevirt-metrics-collector-container-v2.4.0-18
cnv-containernetworking-plugins-container-v2.4.0-36
kubevirt-kvm-info-nfd-plugin-container-v2.4.0-18
hostpath-provisioner-operator-container-v2.4.0-31
virt-cdi-uploadserver-container-v2.4.0-29
virt-cdi-apiserver-container-v2.4.0-29
virt-controller-container-v2.4.0-58
virt-cdi-cloner-container-v2.4.0-29
kubevirt-template-validator-container-v2.4.0-21
vm-import-operator-container-v2.4.0-21
kubernetes-nmstate-handler-container-v2.4.0-37
node-maintenance-operator-container-v2.4.0-27
virt-operator-container-v2.4.0-58
kubevirt-v2v-conversion-container-v2.4.0-23
cnv-must-gather-container-v2.4.0-73
virtio-win-container-v2.4.0-15
kubevirt-cpu-node-labeller-container-v2.4.0-19
ovs-cni-plugin-container-v2.4.0-37
kubevirt-vmware-container-v2.4.0-21
hyperconverged-cluster-operator-container-v2.4.0-70
virt-handler-container-v2.4.0-58
virt-cdi-importer-container-v2.4.0-29
virt-launcher-container-v2.4.0-58
kubevirt-cpu-model-nfd-plugin-container-v2.4.0-17
virt-api-container-v2.4.0-58
ovs-cni-marker-container-v2.4.0-38
kubemacpool-container-v2.4.0-39
cluster-network-addons-operator-container-v2.4.0-38
bridge-marker-container-v2.4.0-39
vm-import-controller-container-v2.4.0-21
hco-bundle-registry-container-v2.3.0-497
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.972 High
EPSS
Percentile
99.8%