Lucene search

K
redhatRedHatRHSA-2023:5233
HistorySep 19, 2023 - 11:40 a.m.

(RHSA-2023:5233) Moderate: OpenShift Virtualization 4.13.4 security and bug fix update

2023-09-1911:40:05
access.redhat.com
14
openshift virtualization
red hat
security fix
bug fix
cve-2022-41723
bz#2221220
bz#2232347
quadratic complexity
hpack decoding
usb-redirection
dataimportcron dvs.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.034

Percentile

91.6%

OpenShift Virtualization is Red Hat’s virtualization solution designed for Red Hat OpenShift Container Platform.

This advisory contains OpenShift Virtualization 4.13.4 images.

Security Fix(es):

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • USB-redirection regression (BZ#2221220)

  • DataImportCron DVs do not respond to default storage class being set (BZ#2232347)

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.034

Percentile

91.6%