RHSA-2023:0407

Advisory lineage Upstream: 14 Downstream: 0

Upstream

CVE-2021-38561 CVE-2021-44716 CVE-2021-44717 CVE-2022-1705 CVE-2022-1962 CVE-2022-24921

Published: 30 Sept 2024, 14:30

Last modified:04 Jun 2026, 10:01

Vulnerability Summary

Overall Risk (default)

medium

30/100

CVSS Score

7.5 HIGH

3.1 (osv_red_hat)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

30 Sept 2024, 14:30

Published

Vulnerability first disclosed

04 Jun 2026, 10:01

Last Modified

Vulnerability information updated

Description

Red Hat Security Advisory: OpenShift Virtualization 4.12.0 RPMs security update

CVSS Metrics

v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

redhat•kubevirt
< 0:4.12.0-1057.el7 | < 0:4.12.0-1057.el8
redhat•kubevirt-virtctl
< 0:4.12.0-1057.el7 | < 0:4.12.0-1057.el8
redhat•kubevirt-virtctl-redistributable
< 0:4.12.0-1057.el7 | < 0:4.12.0-1057.el8

References (74)

https://access.redhat.com/errata/RHSA-2023:0407
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2030801
https://bugzilla.redhat.com/show_bug.cgi?id=2030806
https://bugzilla.redhat.com/show_bug.cgi?id=2064857
https://bugzilla.redhat.com/show_bug.cgi?id=2089804
https://bugzilla.redhat.com/show_bug.cgi?id=2092793
https://bugzilla.redhat.com/show_bug.cgi?id=2100495
https://bugzilla.redhat.com/show_bug.cgi?id=2107342
https://bugzilla.redhat.com/show_bug.cgi?id=2107371
https://bugzilla.redhat.com/show_bug.cgi?id=2107374
https://bugzilla.redhat.com/show_bug.cgi?id=2107376
https://bugzilla.redhat.com/show_bug.cgi?id=2107383
https://bugzilla.redhat.com/show_bug.cgi?id=2107386
https://bugzilla.redhat.com/show_bug.cgi?id=2107388
https://bugzilla.redhat.com/show_bug.cgi?id=2107390
https://bugzilla.redhat.com/show_bug.cgi?id=2107392
https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0407.json
https://access.redhat.com/security/cve/CVE-2021-38561
https://www.cve.org/CVERecord?id=CVE-2021-38561
https://nvd.nist.gov/vuln/detail/CVE-2021-38561
https://pkg.go.dev/vuln/GO-2021-0113
https://access.redhat.com/security/cve/CVE-2021-44716
https://www.cve.org/CVERecord?id=CVE-2021-44716
https://nvd.nist.gov/vuln/detail/CVE-2021-44716
https://groups.google.com/g/golang-announce/c/hcmEScgc00k
https://access.redhat.com/security/cve/CVE-2021-44717
https://www.cve.org/CVERecord?id=CVE-2021-44717
https://nvd.nist.gov/vuln/detail/CVE-2021-44717
https://access.redhat.com/security/cve/CVE-2022-1705
https://www.cve.org/CVERecord?id=CVE-2022-1705
https://nvd.nist.gov/vuln/detail/CVE-2022-1705
https://go.dev/issue/53188
https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE
https://access.redhat.com/security/cve/CVE-2022-1962
https://www.cve.org/CVERecord?id=CVE-2022-1962
https://nvd.nist.gov/vuln/detail/CVE-2022-1962
https://go.dev/issue/53616
https://access.redhat.com/security/cve/CVE-2022-24921
https://www.cve.org/CVERecord?id=CVE-2022-24921
https://nvd.nist.gov/vuln/detail/CVE-2022-24921
https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk
https://access.redhat.com/security/cve/CVE-2022-28131
https://www.cve.org/CVERecord?id=CVE-2022-28131
https://nvd.nist.gov/vuln/detail/CVE-2022-28131
https://go.dev/issue/53614
https://access.redhat.com/security/cve/CVE-2022-30629
https://www.cve.org/CVERecord?id=CVE-2022-30629
https://nvd.nist.gov/vuln/detail/CVE-2022-30629
https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg
https://access.redhat.com/security/cve/CVE-2022-30630
https://www.cve.org/CVERecord?id=CVE-2022-30630
https://nvd.nist.gov/vuln/detail/CVE-2022-30630
https://go.dev/issue/53415
https://access.redhat.com/security/cve/CVE-2022-30631
https://www.cve.org/CVERecord?id=CVE-2022-30631
https://nvd.nist.gov/vuln/detail/CVE-2022-30631
https://go.dev/issue/53168
https://access.redhat.com/security/cve/CVE-2022-30632
https://www.cve.org/CVERecord?id=CVE-2022-30632
https://nvd.nist.gov/vuln/detail/CVE-2022-30632
https://go.dev/issue/53416
https://access.redhat.com/security/cve/CVE-2022-30633
https://www.cve.org/CVERecord?id=CVE-2022-30633
https://nvd.nist.gov/vuln/detail/CVE-2022-30633
https://go.dev/issue/53611
https://access.redhat.com/security/cve/CVE-2022-30635
https://www.cve.org/CVERecord?id=CVE-2022-30635
https://nvd.nist.gov/vuln/detail/CVE-2022-30635
https://go.dev/issue/53615
https://access.redhat.com/security/cve/CVE-2022-32148
https://www.cve.org/CVERecord?id=CVE-2022-32148
https://nvd.nist.gov/vuln/detail/CVE-2022-32148
https://go.dev/issue/53423