Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:0195
HistoryJan 17, 2024 - 4:53 p.m.

(RHSA-2024:0195) Moderate: OpenShift Container Platform 4.13.29 packages and security update

2024-01-1716:53:27
access.redhat.com
13
red hat
openshift
container platform
security update
kubernetes
cloud computing
rpm packages
cri-o
cve-2023-6476
security issue

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

Low

EPSS

0.001

Percentile

24.1%

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.29. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2024:0193

Security Fix(es):

  • cri-o: Pods are able to break out of resource confinement on cgroupv2 (CVE-2023-6476)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9s390xkernel< 5.14.0-284.48.1.el9_2kernel-5.14.0-284.48.1.el9_2.s390x.rpm
RedHat8x86_64openshift-hyperkube< 4.13.0-202401041732.p0.g9ed7eae.assembly.stream.el8openshift-hyperkube-4.13.0-202401041732.p0.g9ed7eae.assembly.stream.el8.x86_64.rpm
RedHat9ppc64lekernel-tools-libs-devel< 5.14.0-284.48.1.el9_2kernel-tools-libs-devel-5.14.0-284.48.1.el9_2.ppc64le.rpm
RedHat9aarch64kernel-64k-debug-modules< 5.14.0-284.48.1.el9_2kernel-64k-debug-modules-5.14.0-284.48.1.el9_2.aarch64.rpm
RedHat9x86_64kernel-rt-kvm< 5.14.0-284.48.1.rt14.333.el9_2kernel-rt-kvm-5.14.0-284.48.1.rt14.333.el9_2.x86_64.rpm
RedHat9aarch64kernel-64k-debug-modules-internal< 5.14.0-284.48.1.el9_2kernel-64k-debug-modules-internal-5.14.0-284.48.1.el9_2.aarch64.rpm
RedHat9s390xbpftool-debuginfo< 7.0.0-284.48.1.el9_2bpftool-debuginfo-7.0.0-284.48.1.el9_2.s390x.rpm
RedHat9x86_64kernel-debug-modules-partner< 5.14.0-284.48.1.el9_2kernel-debug-modules-partner-5.14.0-284.48.1.el9_2.x86_64.rpm
RedHat9ppc64lecri-o< 1.26.4-6.1.rhaos4.13.git9eb9cf3.el9cri-o-1.26.4-6.1.rhaos4.13.git9eb9cf3.el9.ppc64le.rpm
RedHat9aarch64cri-o-debugsource< 1.26.4-6.1.rhaos4.13.git9eb9cf3.el9cri-o-debugsource-1.26.4-6.1.rhaos4.13.git9eb9cf3.el9.aarch64.rpm
Rows per page:
1-10 of 2421

Related

osv 3
nessus 4
cvelist 1
nvd 1
github 1
cve 1
redos 1
veracode 1
prion 1
redhatcve 1
redhat 3
osv
osv
CVE-2023-6476
2024-01-09 22:15:43
CRI-O's pods can break out of resource confinement on cgroupv2 in github.com/cri-o/cri-o
2024-06-28 15:28:53
CRI-O's pods can break out of resource confinement on cgroupv2
2024-01-10 15:27:45
nessus
nessus
RHEL 8 / 9 : OpenShift Container Platform 4.13.29 (RHSA-2024:0195)
2024-01-18 00:00:00
RHCOS 4 : OpenShift Container Platform 4.13.29 (RHSA-2024:0195)
2024-01-24 00:00:00
RHCOS 4 : OpenShift Container Platform 4.14.9 (RHSA-2024:0207)
2024-01-24 00:00:00
cvelist
cvelist
CVE-2023-6476 Cri-o: pods are able to break out of resource confinement on cgroupv2
2024-01-09 21:32:03
nvd
nvd
CVE-2023-6476
2024-01-09 22:15:43
github
github
CRI-O's pods can break out of resource confinement on cgroupv2
2024-01-10 15:27:45
cve
cve
CVE-2023-6476
2024-01-09 22:15:43
redos
redos
ROS-20240402-02
2024-04-02 00:00:00
veracode
veracode
Improper Access Control
2024-01-11 06:12:32
prion
prion
Code injection
2024-01-09 22:15:00
redhatcve
redhatcve
CVE-2023-6476
2024-01-09 21:31:44
redhat
redhat
(RHSA-2024:0207) Moderate: OpenShift Container Platform 4.14.9 packages and security update
2024-01-17 16:41:29
(RHSA-2024:0290) Important: OpenShift Container Platform 4.14.10 bug fix and security update
2024-01-23 20:22:18
(RHSA-2024:0204) Moderate: OpenShift Container Platform 4.14.9 bug fix and security update
2024-01-17 10:37:51

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

Low

EPSS

0.001

Percentile

24.1%

JSON
Related for RHSA-2024:0195
osv3nessus4cvelist1nvd1github1cve1redos1veracode1prion1redhatcve1redhat3