RHSA-2022:5068
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: OpenShift Container Platform 4.11.0 packages and security update
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- redhat•afterburn
< 0:5.3.0-1.rhaos4.11.el8
- redhat•afterburn-debuginfo
< 0:5.3.0-1.rhaos4.11.el8
- redhat•atomic-openshift-service-idler
< 0:4.11.0-202206222028.p0.g39cfc66.assembly.stream.el8
- redhat•bootupd
< 0:0.2.5-3.rhaos4.11.el8
- redhat•bootupd-debuginfo
< 0:0.2.5-3.rhaos4.11.el8
- redhat•buildah
< 1:1.23.4-2.el8
- redhat•buildah-debuginfo
< 1:1.23.4-2.el8
- redhat•buildah-debugsource
< 1:1.23.4-2.el8
- redhat•buildah-tests
< 1:1.23.4-2.el8
- redhat•buildah-tests-debuginfo
< 1:1.23.4-2.el8
- redhat•butane
< 0:0.15.0-1.rhaos4.11.el8
- redhat•butane-debuginfo
< 0:0.15.0-1.rhaos4.11.el8
- redhat•butane-debugsource
< 0:0.15.0-1.rhaos4.11.el8
- redhat•butane-redistributable
< 0:0.15.0-1.rhaos4.11.el8
- redhat•conmon
< 2:2.1.2-2.rhaos4.11.el8
- redhat•conmon-debuginfo
< 2:2.1.2-2.rhaos4.11.el8
- redhat•conmon-debugsource
< 2:2.1.2-2.rhaos4.11.el8
- redhat•console-login-helper-messages
< 0:0.20.3-2.rhaos4.11.el8
- redhat•console-login-helper-messages-issuegen
< 0:0.20.3-2.rhaos4.11.el8
- redhat•console-login-helper-messages-profile
< 0:0.20.3-2.rhaos4.11.el8
- redhat•container-selinux
< 2:2.188.0-1.rhaos4.11.el8
- redhat•containernetworking-plugins
< 0:1.0.1-5.rhaos4.11.el8
- redhat•containernetworking-plugins-debuginfo
< 0:1.0.1-5.rhaos4.11.el8
- redhat•containernetworking-plugins-debugsource
< 0:1.0.1-5.rhaos4.11.el8
- redhat•containers-common
< 2:1-21.rhaos4.11.el8
- redhat•coreos-installer
< 0:0.15.0-2.rhaos4.11.el8
- redhat•coreos-installer-bootinfra
< 0:0.15.0-2.rhaos4.11.el8
- redhat•coreos-installer-bootinfra-debuginfo
< 0:0.15.0-2.rhaos4.11.el8
- redhat•coreos-installer-debuginfo
< 0:0.15.0-2.rhaos4.11.el8
- redhat•coreos-installer-debugsource
< 0:0.15.0-2.rhaos4.11.el8
- redhat•cri-o
< 0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
- redhat•cri-o-debuginfo
< 0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
- redhat•cri-o-debugsource
< 0:1.24.1-11.rhaos4.11.gitb0d2ef3.el8
- redhat•cri-tools
< 0:1.24.2-4.1.el8
- redhat•cri-tools-debuginfo
< 0:1.24.2-4.1.el8
- redhat•cri-tools-debugsource
< 0:1.24.2-4.1.el8
- redhat•crit
< 0:3.15-4.rhaos4.11.el8
- redhat•criu
< 0:3.15-4.rhaos4.11.el8
- redhat•criu-debuginfo
< 0:3.15-4.rhaos4.11.el8
- redhat•criu-debugsource
< 0:3.15-4.rhaos4.11.el8
- redhat•criu-devel
< 0:3.15-4.rhaos4.11.el8
- redhat•criu-libs
< 0:3.15-4.rhaos4.11.el8
- redhat•criu-libs-debuginfo
< 0:3.15-4.rhaos4.11.el8
- redhat•crun
< 0:1.4.2-1.rhaos4.11.el8
- redhat•crun-debuginfo
< 0:1.4.2-1.rhaos4.11.el8
- redhat•crun-debugsource
< 0:1.4.2-1.rhaos4.11.el8
- redhat•fuse-overlayfs
< 0:1.9-1.rhaos4.11.el8
- redhat•fuse-overlayfs-debuginfo
< 0:1.9-1.rhaos4.11.el8
- redhat•fuse-overlayfs-debugsource
< 0:1.9-1.rhaos4.11.el8
- redhat•haproxy
< 0:2.2.24-1.el8
Showing first 50 affected entries in server-rendered view.
References (59)
- https://access.redhat.com/errata/RHSA-2022:5068
- https://access.redhat.com/security/updates/classification/#moderate
- https://bugzilla.redhat.com/show_bug.cgi?id=2045880
- https://bugzilla.redhat.com/show_bug.cgi?id=2053429
- https://bugzilla.redhat.com/show_bug.cgi?id=2053532
- https://bugzilla.redhat.com/show_bug.cgi?id=2053541
- https://bugzilla.redhat.com/show_bug.cgi?id=2064702
- https://bugzilla.redhat.com/show_bug.cgi?id=2064857
- https://bugzilla.redhat.com/show_bug.cgi?id=2077688
- https://bugzilla.redhat.com/show_bug.cgi?id=2077689
- https://bugzilla.redhat.com/show_bug.cgi?id=2082274
- https://bugzilla.redhat.com/show_bug.cgi?id=2086398
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5068.json
- https://access.redhat.com/security/cve/CVE-2021-43565
- https://bugzilla.redhat.com/show_bug.cgi?id=2030787
- https://www.cve.org/CVERecord?id=CVE-2021-43565
- https://nvd.nist.gov/vuln/detail/CVE-2021-43565
- https://access.redhat.com/security/cve/CVE-2022-1705
- https://bugzilla.redhat.com/show_bug.cgi?id=2107374
- https://www.cve.org/CVERecord?id=CVE-2022-1705
- https://nvd.nist.gov/vuln/detail/CVE-2022-1705
- https://go.dev/issue/53188
- https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE
- https://access.redhat.com/security/cve/CVE-2022-1706
- https://www.cve.org/CVERecord?id=CVE-2022-1706
- https://nvd.nist.gov/vuln/detail/CVE-2022-1706
- https://access.redhat.com/security/cve/CVE-2022-21698
- https://www.cve.org/CVERecord?id=CVE-2022-21698
- https://nvd.nist.gov/vuln/detail/CVE-2022-21698
- https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p
- https://access.redhat.com/security/cve/CVE-2022-23772
- https://www.cve.org/CVERecord?id=CVE-2022-23772
- https://nvd.nist.gov/vuln/detail/CVE-2022-23772
- https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
- https://access.redhat.com/security/cve/CVE-2022-23773
- https://www.cve.org/CVERecord?id=CVE-2022-23773
- https://nvd.nist.gov/vuln/detail/CVE-2022-23773
- https://access.redhat.com/security/cve/CVE-2022-23806
- https://www.cve.org/CVERecord?id=CVE-2022-23806
- https://nvd.nist.gov/vuln/detail/CVE-2022-23806
- https://access.redhat.com/security/cve/CVE-2022-24675
- https://www.cve.org/CVERecord?id=CVE-2022-24675
- https://nvd.nist.gov/vuln/detail/CVE-2022-24675
- https://groups.google.com/g/golang-announce/c/oecdBNLOml8
- https://access.redhat.com/security/cve/CVE-2022-24921
- https://www.cve.org/CVERecord?id=CVE-2022-24921
- https://nvd.nist.gov/vuln/detail/CVE-2022-24921
- https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk
- https://access.redhat.com/security/cve/CVE-2022-27191
- https://www.cve.org/CVERecord?id=CVE-2022-27191
- https://nvd.nist.gov/vuln/detail/CVE-2022-27191
- https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ
- https://access.redhat.com/security/cve/CVE-2022-28327
- https://www.cve.org/CVERecord?id=CVE-2022-28327
- https://nvd.nist.gov/vuln/detail/CVE-2022-28327
- https://access.redhat.com/security/cve/CVE-2022-29162
- https://www.cve.org/CVERecord?id=CVE-2022-29162
- https://nvd.nist.gov/vuln/detail/CVE-2022-29162
- https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66