7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
68.9%
The ovirt-host package consolidates host package requirements into a single meta package.
Security Fix(es):
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
The hosted-engine-ha binaries have been moved from /usr/share to /usr/libexec. As a result, the hosted-engine --clean-metadata command fails. With this release, you must use the new path for the command to succeed: /usr/libexec/ovirt-hosted-engine-ha/ovirt-ha-agent (BZ#2105781)
A new warning has been added to the vdsm-tool to protect users from using the unsupported user_friendly_names multipath configuration. The following is an example of the output:
$ vdsm-tool is-configured --module multipath
WARNING: Invalid configuration: ‘user_friendly_names’ is enabled in multipath configuration:
section1 {
key1 value1
user_friendly_names yes
key2 value2
}
section2 {
user_friendly_names yes
}
This configuration is not supported and may lead to storage domain corruption. (BZ#1793207)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | noarch | vdsm-hook-cpuflags | < 4.50.2.2-1.el8ev | vdsm-hook-cpuflags-4.50.2.2-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | vdsm-hook-openstacknet | < 4.50.2.2-1.el8ev | vdsm-hook-openstacknet-4.50.2.2-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | vdsm-yajsonrpc | < 4.50.2.2-1.el8ev | vdsm-yajsonrpc-4.50.2.2-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | ovirt-hosted-engine-setup | < 2.6.5-1.1.el8ev | ovirt-hosted-engine-setup-2.6.5-1.1.el8ev.noarch.rpm |
RedHat | 8 | ppc64le | vdsm-hook-extra-ipv4-addrs | < 4.50.2.2-1.el8ev | vdsm-hook-extra-ipv4-addrs-4.50.2.2-1.el8ev.ppc64le.rpm |
RedHat | 8 | x86_64 | ovirt-host-dependencies | < 4.5.0-3.1.el8ev | ovirt-host-dependencies-4.5.0-3.1.el8ev.x86_64.rpm |
RedHat | 8 | x86_64 | vdsm-gluster | < 4.50.2.2-1.el8ev | vdsm-gluster-4.50.2.2-1.el8ev.x86_64.rpm |
RedHat | 8 | ppc64le | ovirt-host | < 4.5.0-3.1.el8ev | ovirt-host-4.5.0-3.1.el8ev.ppc64le.rpm |
RedHat | 8 | noarch | vdsm-common | < 4.50.2.2-1.el8ev | vdsm-common-4.50.2.2-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | vdsm-python | < 4.50.2.2-1.el8ev | vdsm-python-4.50.2.2-1.el8ev.noarch.rpm |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
68.9%