The OSP16 'nova_libvirt' container that Red Hat ships has SELinux disabled. This is the container where the libvirt daemon (`libvirtd`) runs; which in turn means, all OSP-16 VMs will have _no_ sVirt protection.
Name: Lukas Bezdicka (Red Hat), Daniel Berrangé (Red Hat)
Created openstack-tripleo-heat-templates tracking bugs for this issue:
Affects: openstack-rdo [bug 1861403]
This issue has been addressed in the following products:
Red Hat OpenStack Platform 16.1
Via RHSA-2020:3199 https://access.redhat.com/errata/RHSA-2020:3199
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):