RHSA-2023:0727

Description

Red Hat Security Advisory: OpenShift Container Platform 4.12.3 security update

CVSS Metrics

• v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• redhat•buildah

  < 1:1.23.4-4.rhaos4.12.el8 | < 1:1.23.4-4.rhaos4.12.el9

• redhat•buildah-debuginfo

  < 1:1.23.4-4.rhaos4.12.el8 | < 1:1.23.4-4.rhaos4.12.el9

• redhat•buildah-debugsource

  < 1:1.23.4-4.rhaos4.12.el8 | < 1:1.23.4-4.rhaos4.12.el9

• redhat•buildah-tests

  < 1:1.23.4-4.rhaos4.12.el8 | < 1:1.23.4-4.rhaos4.12.el9

• redhat•buildah-tests-debuginfo

  < 1:1.23.4-4.rhaos4.12.el8 | < 1:1.23.4-4.rhaos4.12.el9

• redhat•conmon

  < 2:2.1.2-3.rhaos4.12.el8 | < 2:2.1.2-4.rhaos4.12.el9

• redhat•conmon-debuginfo

  < 2:2.1.2-3.rhaos4.12.el8 | < 2:2.1.2-4.rhaos4.12.el9

• redhat•conmon-debugsource

  < 2:2.1.2-3.rhaos4.12.el8 | < 2:2.1.2-4.rhaos4.12.el9

• redhat•container-selinux

  < 2:2.188.0-2.rhaos4.12.el8

• redhat•containernetworking-plugins

  < 0:1.0.1-6.rhaos4.12.el8

• redhat•containernetworking-plugins-debuginfo

  < 0:1.0.1-6.rhaos4.12.el8

• redhat•containernetworking-plugins-debugsource

  < 0:1.0.1-6.rhaos4.12.el8

• redhat•containers-common

  < 2:1-33.rhaos4.12.el8

• redhat•cri-o

  < 0:1.25.2-6.rhaos4.12.git3c4e50c.el8

• redhat•cri-o-debuginfo

  < 0:1.25.2-6.rhaos4.12.git3c4e50c.el8

• redhat•cri-o-debugsource

  < 0:1.25.2-6.rhaos4.12.git3c4e50c.el8

• redhat•crun

  < 0:1.4.2-2.rhaos4.12.el8 | < 0:1.4.2-3.rhaos4.12.el9

• redhat•crun-debuginfo

  < 0:1.4.2-2.rhaos4.12.el8 | < 0:1.4.2-3.rhaos4.12.el9

• redhat•crun-debugsource

  < 0:1.4.2-2.rhaos4.12.el8 | < 0:1.4.2-3.rhaos4.12.el9

• redhat•fuse-overlayfs

  < 0:1.9-2.rhaos4.12.el8

• redhat•fuse-overlayfs-debuginfo

  < 0:1.9-2.rhaos4.12.el8

• redhat•fuse-overlayfs-debugsource

  < 0:1.9-2.rhaos4.12.el8

• redhat•haproxy

  < 0:2.2.24-2.el8

• redhat•haproxy-debugsource

  < 0:2.2.24-2.el8

• redhat•haproxy22

  < 0:2.2.24-2.el8

• redhat•haproxy22-debuginfo

  < 0:2.2.24-2.el8

• redhat•kernel-rt

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-core

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debug

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debug-core

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debug-debuginfo

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debug-devel

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debug-kvm

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debug-modules

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debug-modules-extra

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debug-modules-internal

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debuginfo

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-debuginfo-common-x86_64

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-devel

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-kvm

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-modules

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-modules-extra

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-modules-internal

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•kernel-rt-selftests-internal

  < 0:4.18.0-372.43.1.rt7.200.el8_6

• redhat•openshift-clients

  < 0:4.12.0-202301312133.p0.gb05f7d4.assembly.stream.el8 | < 0:4.12.0-202301312133.p0.gb05f7d4.assembly.stream.el9

• redhat•openshift-clients-redistributable

  < 0:4.12.0-202301312133.p0.gb05f7d4.assembly.stream.el8 | < 0:4.12.0-202301312133.p0.gb05f7d4.assembly.stream.el9

• redhat•podman

  < 3:4.2.0-5.rhaos4.12.el9

• redhat•podman-catatonit

  < 3:4.2.0-5.rhaos4.12.el9

• redhat•podman-catatonit-debuginfo

  < 3:4.2.0-5.rhaos4.12.el9

• redhat•podman-debuginfo

  < 3:4.2.0-5.rhaos4.12.el9

Showing first 50 affected entries in server-rendered view.

References (31)

• https://access.redhat.com/errata/RHSA-2023:0727
• https://access.redhat.com/security/updates/classification/#moderate
• https://bugzilla.redhat.com/show_bug.cgi?id=2132867
• https://bugzilla.redhat.com/show_bug.cgi?id=2132868
• https://bugzilla.redhat.com/show_bug.cgi?id=2132872
• https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0727.json
• https://access.redhat.com/security/cve/CVE-2022-2879
• https://www.cve.org/CVERecord?id=CVE-2022-2879
• https://nvd.nist.gov/vuln/detail/CVE-2022-2879
• https://github.com/golang/go/issues/54853
• https://github.com/vbatts/tar-split/releases/tag/v0.12.1
• https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1
• https://access.redhat.com/security/cve/CVE-2022-2880
• https://www.cve.org/CVERecord?id=CVE-2022-2880
• https://nvd.nist.gov/vuln/detail/CVE-2022-2880
• https://github.com/golang/go/issues/54663
• https://access.redhat.com/security/cve/CVE-2022-30631
• https://bugzilla.redhat.com/show_bug.cgi?id=2107342
• https://www.cve.org/CVERecord?id=CVE-2022-30631
• https://nvd.nist.gov/vuln/detail/CVE-2022-30631
• https://go.dev/issue/53168
• https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE
• https://access.redhat.com/security/cve/CVE-2022-41715
• https://www.cve.org/CVERecord?id=CVE-2022-41715
• https://nvd.nist.gov/vuln/detail/CVE-2022-41715
• https://github.com/golang/go/issues/55949
• https://access.redhat.com/security/cve/CVE-2023-0056
• https://bugzilla.redhat.com/show_bug.cgi?id=2160808
• https://www.cve.org/CVERecord?id=CVE-2023-0056
• https://nvd.nist.gov/vuln/detail/CVE-2023-0056
• https://github.com/haproxy/haproxy/issues/1972