{"id":"RHSA-2023:0407","summary":"Red Hat Security Advisory: OpenShift Virtualization 4.12.0 RPMs security update","modified":"2026-05-13T10:09:25Z","published":"2024-09-30T14:30:59Z","related":["GO-2021-0113"],"upstream":["CVE-2021-38561","CVE-2021-44716","CVE-2021-44717","CVE-2022-1705","CVE-2022-1962","CVE-2022-24921","CVE-2022-28131","CVE-2022-30629","CVE-2022-30630","CVE-2022-30631","CVE-2022-30632","CVE-2022-30633","CVE-2022-30635","CVE-2022-32148"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:0407"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030801"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030806"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064857"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2089804"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2092793"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2100495"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107342"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107371"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107374"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107376"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107383"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107386"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107388"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107390"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107392"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0407.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-38561"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-38561"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38561"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2021-0113"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-44716"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-44716"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44716"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/hcmEScgc00k"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-44717"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-44717"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44717"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-1705"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-1705"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1705"},{"type":"ARTICLE","url":"https://go.dev/issue/53188"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-1962"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-1962"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1962"},{"type":"ARTICLE","url":"https://go.dev/issue/53616"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-24921"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-24921"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24921"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-28131"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-28131"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28131"},{"type":"ARTICLE","url":"https://go.dev/issue/53614"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-30629"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-30629"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30629"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-30630"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-30630"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30630"},{"type":"ARTICLE","url":"https://go.dev/issue/53415"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-30631"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-30631"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30631"},{"type":"ARTICLE","url":"https://go.dev/issue/53168"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-30632"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-30632"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30632"},{"type":"ARTICLE","url":"https://go.dev/issue/53416"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-30633"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-30633"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30633"},{"type":"ARTICLE","url":"https://go.dev/issue/53611"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-30635"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-30635"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30635"},{"type":"ARTICLE","url":"https://go.dev/issue/53615"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-32148"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-32148"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32148"},{"type":"ARTICLE","url":"https://go.dev/issue/53423"}],"affected":[{"package":{"name":"kubevirt","ecosystem":"Red Hat:container_native_virtualization:4.12::el7","purl":"pkg:rpm/redhat/kubevirt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.12.0-1057.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:0407.json"}},{"package":{"name":"kubevirt-virtctl","ecosystem":"Red Hat:container_native_virtualization:4.12::el7","purl":"pkg:rpm/redhat/kubevirt-virtctl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.12.0-1057.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:0407.json"}},{"package":{"name":"kubevirt-virtctl-redistributable","ecosystem":"Red Hat:container_native_virtualization:4.12::el7","purl":"pkg:rpm/redhat/kubevirt-virtctl-redistributable"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.12.0-1057.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:0407.json"}},{"package":{"name":"kubevirt","ecosystem":"Red Hat:container_native_virtualization:4.12::el8","purl":"pkg:rpm/redhat/kubevirt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.12.0-1057.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:0407.json"}},{"package":{"name":"kubevirt-virtctl","ecosystem":"Red Hat:container_native_virtualization:4.12::el8","purl":"pkg:rpm/redhat/kubevirt-virtctl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.12.0-1057.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:0407.json"}},{"package":{"name":"kubevirt-virtctl-redistributable","ecosystem":"Red Hat:container_native_virtualization:4.12::el8","purl":"pkg:rpm/redhat/kubevirt-virtctl-redistributable"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.12.0-1057.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:0407.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}