Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:0133: Red Hat Security Advisory: Red Hat Virtualization Host security and bug fix update [ovirt-4.4.9] Async #2

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2020-25717: samba: Active Directory (AD) domain user could become root on domain members
Red Hat Security Data
Open in Source
#vulnerability#web#mac#linux#red_hat#nodejs#js#java#kubernetes

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Red Hat Customer Portal

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-01-12

Updated:

2022-01-12

RHSA-2022:0133 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: Red Hat Virtualization Host security and bug fix update [ovirt-4.4.9] Async #2

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and performing administrative tasks.

Security Fix(es):

  • samba: Active Directory (AD) domain user could become root on domain members (CVE-2020-25717)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Virtualization 4 for RHEL 8 x86_64
  • Red Hat Virtualization Host 4 for RHEL 8 x86_64

Fixes

  • BZ - 2019672 - CVE-2020-25717 samba: Active Directory (AD) domain user could become root on domain members
  • BZ - 2037758 - Update RHV-H with vdsm-4.40.90.5

Red Hat Virtualization 4 for RHEL 8

SRPM

redhat-release-virtualization-host-4.4.9-4.el8ev.src.rpm

SHA-256: 54cb85e98eb8afc9c8504f372ccc41439544f8d92214d839e813708a773ed576

x86_64

redhat-release-virtualization-host-4.4.9-4.el8ev.x86_64.rpm

SHA-256: 96965026cda767286962d9d57e51f745c1a00a2407e9fe7d7a88942b9f18cab4

redhat-release-virtualization-host-content-4.4.9-4.el8ev.x86_64.rpm

SHA-256: 5eb65f2027242ed4da96419e6dfe339c20742841ab6b221d7c2dd6a844dca6fb

redhat-virtualization-host-image-update-placeholder-4.4.9-4.el8ev.noarch.rpm

SHA-256: 2a838b4ff57ac6d966e08da1b644a349a6eadae2cb51095ec2874ee1a310335f

Red Hat Virtualization Host 4 for RHEL 8

SRPM

redhat-virtualization-host-4.4.9-202201072228_8.5.src.rpm

SHA-256: 6bfae9f5885fdd1c3055294cec57e91190c3d55c41e9f1e9fd6bc7540006a1b0

x86_64

redhat-virtualization-host-image-update-4.4.9-202201072228_8.5.x86_64.rpm

SHA-256: 0df064faf8ec49b889a25449b8ae9f2dc344b584b11d505f96b4bcd9c920ec69

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data