5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
73.9%
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and performing administrative tasks.
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and performing administrative tasks.
The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and performing administrative tasks.
The following packages have been upgraded to a later upstream version: imgbased (1.2.13), redhat-release-virtualization-host (4.4.3), redhat-virtualization-host (4.4.3). (BZ#1814517, BZ#1868293, BZ#1886484)
Security Fix(es):
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
[security] gnutls_set_default_priority() (and thus Cockpit logins) fails when selecting VPP profile during RHVH installation (BZ#1835661)
Unable to upgrade from rhvh 4.4.1 to 4.4.2 as block storage domains are detected as local storage domains. (BZ#1886647)
Failed to install RHVH 4.4.3 due to missing Lvm ThinPool (BZ#1886695)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | noarch | imgbased | < 1.2.13-0.1.el8ev | imgbased-1.2.13-0.1.el8ev.noarch.rpm |
RedHat | 8 | noarch | redhat-virtualization-host-image-update-placeholder | < 4.4.3-1.el8ev | redhat-virtualization-host-image-update-placeholder-4.4.3-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | python3-imgbased | < 1.2.13-0.1.el8ev | python3-imgbased-1.2.13-0.1.el8ev.noarch.rpm |
RedHat | 8 | x86_64 | redhat-release-virtualization-host | < 4.4.3-1.el8ev | redhat-release-virtualization-host-4.4.3-1.el8ev.x86_64.rpm |
RedHat | 8 | noarch | redhat-virtualization-host-image-update | < 4.4.3-20201116.0.el8_3 | redhat-virtualization-host-image-update-4.4.3-20201116.0.el8_3.noarch.rpm |
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
73.9%