121 matches found
RHEL 8 : OpenShift Virtualization 4.14.1 RPMs (RHSA-2023:7672)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7672 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains...
CVE-2024-31419 Cnv: information disclosure through the usage of vm-dump-metrics
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitl...
CVE-2024-31419 Cnv: information disclosure through the usage of vm-dump-metrics
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitl...
Red Hat OpenShift Virtualization 安全漏洞
Red Hat OpenShift Virtualization is a component of Red Hat, Inc. that allows running virtual machines VMs on OpenShift and integrating containers and virtualized resources on the same platform. A security vulnerability exists in Red Hat OpenShift Virtualization that stems from the presence of an...
PT-2024-24059 · Red Hat · Openshift Virtualization
Name of the Vulnerable Software and Affected Versions: OpenShift Virtualization affected versions not specified Description: An information disclosure flaw was found in OpenShift Virtualization, related to the DownwardMetrics feature, which exposes host metrics to virtual machine guests and is...
GHSA-FG9Q-5CW2-P6R9 kubevirt-csi: PersistentVolume allows access to HCP's root node
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...
kubevirt-csi: PersistentVolume allows access to HCP's root node
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...
CVE-2024-1725
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...
CVE-2024-1725
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...
Design/Logic Flaw
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...
CVE-2024-1725 Kubevirt-csi: persistentvolume allows access to hcp's root node
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...
CVE-2024-1725 Kubevirt-csi: persistentvolume allows access to hcp's root node
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...
CVE-2024-1725
The CVE-2024-1725 issue affects kubevirt-csi in OpenShift Virtualization’s Hosted Control Plane (HCP): an authenticated attacker can create a PersistentVolume that matches a worker node name to access the root HCP worker node’s volume. Exploitation is described in multiple advisories, with OpenSh...
CVE-2024-1725
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...
Important: Red Hat Security Advisory: OpenShift Virtualization 4.14.1 security and bug fix update
Red Hat OpenShift Virtualization release 4.14.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...
Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.14.1 RPMs security and bug fix update
Red Hat OpenShift Virtualization release 4.14.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which giv...
Important: Red Hat Security Advisory: OpenShift Virtualization 4.13.6 security and bug fix update
Red Hat OpenShift Virtualization release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...
Important: Red Hat Security Advisory: OpenShift Virtualization 4.13.6 RPMs security and bug fix update
Red Hat OpenShift Virtualization release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...
Important: Red Hat Security Advisory: OpenShift Virtualization 4.14.0 Images security and bug fix update
Red Hat OpenShift Virtualization release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...
Important: Red Hat Security Advisory: OpenShift Virtualization 4.11.7 Images security and bug fix update
Red Hat OpenShift Virtualization release 4.11.7 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...