RHSA-2021:3119: Moderate: OpenShift Virtualization 2.6.6 Images security and bug fix update
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.<br>This advisory contains the following OpenShift Virtualization <versionnumber> images:<br>RHEL-8-CNV-2.6<br>hostpath-provisioner-container-v2.6.6-3<br>vm-import-controller-container-v2.6.6-5<br>vm-import-virtv2v-container-v2.6.6-5<br>vm-import-operator-container-v2.6.6-5<br>virt-cdi-apiserver-container-v2.6.6-4<br>virt-cdi-controller-container-v2.6.6-4<br>virt-cdi-cloner-container-v2.6.6-4<br>virt-cdi-importer-container-v2.6.6-4<br>virt-cdi-uploadserver-container-v2.6.6-4<br>virt-cdi-uploadproxy-container-v2.6.6-4<br>virt-cdi-operator-container-v2.6.6-4<br>ovs-cni-marker-container-v2.6.6-5<br>kubevirt-ssp-operator-container-v2.6.6-5<br>kubemacpool-container-v2.6.6-7<br>kubevirt-vmware-container-v2.6.6-4<br>kubevirt-kvm-info-nfd-plugin-container-v2.6.6-4<br>kubevirt-cpu-model-nfd-plugin-container-v2.6.6-4<br>kubevirt-cpu-node-labeller-container-v2.6.6-4<br>virtio-win-container-v2.6.6-4<br>kubevirt-template-validator-container-v2.6.6-4<br>cnv-containernetworking-plugins-container-v2.6.6-4<br>node-maintenance-operator-container-v2.6.6-4<br>kubevirt-v2v-conversion-container-v2.6.6-4<br>cluster-network-addons-operator-container-v2.6.6-4<br>ovs-cni-plugin-container-v2.6.6-4<br>bridge-marker-container-v2.6.6-4<br>kubernetes-nmstate-handler-container-v2.6.6-7<br>hyperconverged-cluster-webhook-container-v2.6.6-4<br>cnv-must-gather-container-v2.6.6-16<br>hyperconverged-cluster-operator-container-v2.6.6-4<br>virt-launcher-container-v2.6.6-7<br>hostpath-provisioner-operator-container-v2.6.6-5<br>virt-api-container-v2.6.6-7<br>virt-handler-container-v2.6.6-7<br>virt-controller-container-v2.6.6-7<br>virt-operator-container-v2.6.6-7<br>hco-bundle-registry-container-v2.6.6-70<br>Security Fix(es):<br><li> golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:3119?
The severity of RHSA-2021:3119 is categorized as important due to potential security vulnerabilities in OpenShift Virtualization.
How do I fix RHSA-2021:3119?
To fix RHSA-2021:3119, you should update your OpenShift Virtualization images to the latest recommended versions as outlined in the advisory.
What components are affected by RHSA-2021:3119?
RHSA-2021:3119 affects the OpenShift Virtualization components, including RHEL-8-CNV-2.6 and hostpath-provisioner-container-v2.6.6-3.
Is there a workaround for RHSA-2021:3119?
There are no documented workarounds for RHSA-2021:3119; the recommended action is to apply the updates.
When was RHSA-2021:3119 released?
RHSA-2021:3119 was released on December 9, 2021.