RHSA-2022:5729

Description

Red Hat Security Advisory: OpenShift Container Platform 4.10.25 security update

CVSS Metrics

• v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• redhat•atomic-openshift-service-idler

  < 0:4.10.0-202207192015.p0.g39cfc66.assembly.stream.el8

• redhat•cri-o

  < 0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el7 | < 0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el8

• redhat•cri-o-debuginfo

  < 0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el7 | < 0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el8

• redhat•cri-o-debugsource

  < 0:1.23.3-11.rhaos4.10.gitddf4b1a.1.el8

• redhat•cri-tools

  < 0:1.23.0-1.1.el7 | < 0:1.23.0-1.1.el8

• redhat•cri-tools-debuginfo

  < 0:1.23.0-1.1.el7 | < 0:1.23.0-1.1.el8

• redhat•cri-tools-debugsource

  < 0:1.23.0-1.1.el8

• redhat•openshift

  < 0:4.10.0-202207192015.p0.g012e945.assembly.stream.el7 | < 0:4.10.0-202207192015.p0.g012e945.assembly.stream.el8

• redhat•openshift-clients

  < 0:4.10.0-202207192015.p0.g45460a5.assembly.stream.el7 | < 0:4.10.0-202207192015.p0.g45460a5.assembly.stream.el8

• redhat•openshift-clients-redistributable

  < 0:4.10.0-202207192015.p0.g45460a5.assembly.stream.el7 | < 0:4.10.0-202207192015.p0.g45460a5.assembly.stream.el8

• redhat•openshift-hyperkube

  < 0:4.10.0-202207192015.p0.g012e945.assembly.stream.el7 | < 0:4.10.0-202207192015.p0.g012e945.assembly.stream.el8

References (31)

• https://access.redhat.com/errata/RHSA-2022:5729
• https://access.redhat.com/security/updates/classification/#moderate
• https://bugzilla.redhat.com/show_bug.cgi?id=2064857
• https://bugzilla.redhat.com/show_bug.cgi?id=2077688
• https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5729.json
• https://access.redhat.com/security/cve/CVE-2022-23773
• https://bugzilla.redhat.com/show_bug.cgi?id=2053541
• https://www.cve.org/CVERecord?id=CVE-2022-23773
• https://nvd.nist.gov/vuln/detail/CVE-2022-23773
• https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
• https://access.redhat.com/security/cve/CVE-2022-23806
• https://bugzilla.redhat.com/show_bug.cgi?id=2053429
• https://www.cve.org/CVERecord?id=CVE-2022-23806
• https://nvd.nist.gov/vuln/detail/CVE-2022-23806
• https://access.redhat.com/security/cve/CVE-2022-24675
• https://www.cve.org/CVERecord?id=CVE-2022-24675
• https://nvd.nist.gov/vuln/detail/CVE-2022-24675
• https://groups.google.com/g/golang-announce/c/oecdBNLOml8
• https://access.redhat.com/security/cve/CVE-2022-24921
• https://www.cve.org/CVERecord?id=CVE-2022-24921
• https://nvd.nist.gov/vuln/detail/CVE-2022-24921
• https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk
• https://access.redhat.com/security/cve/CVE-2022-28327
• https://bugzilla.redhat.com/show_bug.cgi?id=2077689
• https://www.cve.org/CVERecord?id=CVE-2022-28327
• https://nvd.nist.gov/vuln/detail/CVE-2022-28327
• https://access.redhat.com/security/cve/CVE-2022-29526
• https://bugzilla.redhat.com/show_bug.cgi?id=2084085
• https://www.cve.org/CVERecord?id=CVE-2022-29526
• https://nvd.nist.gov/vuln/detail/CVE-2022-29526
• https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU