Impact statement for the OCPBUGS-58360 series:

Which 4.y.z to 4.y'.z' updates increase vulnerability?

• Any update from 4.17 to 4.18.z with z<22 (The fix is shipped with 4.18.22)

Which types of clusters?

• a cluster that is using the the whereabouts shim, so any cluster that currently deploys the whereabouts reconciler 
  We may check additionalNetworks of the network configuration to see if it is used:

$ oc get network.operator.openshift.io cluster -o json | jq '.spec.additionalNetworks'

What is the impact? Is it serious enough to warrant removing update recommendations?

• The upgrade cannot complete because whereabouts controller pods do not become ready

How involved is remediation?

• See https://access.redhat.com/solutions/7128104 for available workarounds.
• It is suggested to upgrade the cluster to a version including the fix https://github.com/openshift/whereabouts-cni/pull/373.

Is this a regression?

• yes