CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
81.4%
The ovirt-host package consolidates host package requirements into a single meta package.
Security Fix(es):
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
The hosted-engine-ha binaries have been moved from /usr/share to /usr/libexec. As a result, the hosted-engine --clean-metadata command fails. With this release, you must use the new path for the command to succeed: /usr/libexec/ovirt-hosted-engine-ha/ovirt-ha-agent (BZ#2105781)
A new warning has been added to the vdsm-tool to protect users from using the unsupported user_friendly_names multipath configuration. The following is an example of the output:
$ vdsm-tool is-configured --module multipath
WARNING: Invalid configuration: ‘user_friendly_names’ is enabled in multipath configuration:
section1 {
key1 value1
user_friendly_names yes
key2 value2
}
section2 {
user_friendly_names yes
}
This configuration is not supported and may lead to storage domain corruption. (BZ#1793207)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | ppc64le | ovirt-host | < 4.5.0-3.1.el8ev | ovirt-host-4.5.0-3.1.el8ev.ppc64le.rpm |
RedHat | 8 | x86_64 | vdsm-hook-extra-ipv4-addrs | < 4.50.2.2-1.el8ev | vdsm-hook-extra-ipv4-addrs-4.50.2.2-1.el8ev.x86_64.rpm |
RedHat | 8 | x86_64 | vdsm-network | < 4.50.2.2-1.el8ev | vdsm-network-4.50.2.2-1.el8ev.x86_64.rpm |
RedHat | 8 | x86_64 | ovirt-host-dependencies | < 4.5.0-3.1.el8ev | ovirt-host-dependencies-4.5.0-3.1.el8ev.x86_64.rpm |
RedHat | 8 | noarch | vdsm-jsonrpc | < 4.50.2.2-1.el8ev | vdsm-jsonrpc-4.50.2.2-1.el8ev.noarch.rpm |
RedHat | 8 | x86_64 | ovirt-host | < 4.5.0-3.1.el8ev | ovirt-host-4.5.0-3.1.el8ev.x86_64.rpm |
RedHat | 8 | noarch | vdsm-hook-vhostmd | < 4.50.2.2-1.el8ev | vdsm-hook-vhostmd-4.50.2.2-1.el8ev.noarch.rpm |
RedHat | 8 | noarch | vdsm-hook-openstacknet | < 4.50.2.2-1.el8ev | vdsm-hook-openstacknet-4.50.2.2-1.el8ev.noarch.rpm |
RedHat | 8 | ppc64le | vdsm-network | < 4.50.2.2-1.el8ev | vdsm-network-4.50.2.2-1.el8ev.ppc64le.rpm |
RedHat | 8 | x86_64 | vdsm | < 4.50.2.2-1.el8ev | vdsm-4.50.2.2-1.el8ev.x86_64.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
81.4%