Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:0946
HistoryFeb 28, 2024 - 2:00 p.m.

(RHSA-2024:0946) Important: OpenShift Container Platform 4.13.35 security update

2024-02-2814:00:15
access.redhat.com
19
red hat
openshift
security update
kubernetes
cve-2023-39325
cloud computing
on-premise
private cloud

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.003

Percentile

69.6%

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Security Fix(es):

  • golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

nessus 29
redhat 11
osv 10
rocky 3
oraclelinux 4
almalinux 1
amazon 1
openvas 8
ubuntu 2
prion 14
debiancve 13
cve 15
redhatcve 13
ubuntucve 13
cbl_mariner 17
ibm 2
cvelist 13
nvd 15
cnvd 3
vulnrichment 1
githubexploit 3
veracode 3
fedora 2
suse 2
mscve 1
nessus
nessus
RHEL 8 : kernel (RHSA-2024:0930)
2024-02-21 00:00:00
Oracle Linux 8 : kernel (ELSA-2024-1607)
2024-04-11 00:00:00
RHEL 8 : kernel-rt (RHSA-2024:1614)
2024-04-02 00:00:00
redhat
redhat
(RHSA-2024:0930) Important: kernel security update
2024-02-21 00:10:57
(RHSA-2024:0941) Important: OpenShift Container Platform 4.14.14 bug fix and security update
2024-02-28 00:17:59
(RHSA-2024:1614) Important: kernel-rt security and bug fix update
2024-04-02 17:14:46
osv
osv
Important: kernel security, bug fix, and enhancement update
2024-05-06 13:07:04
Important: kernel-rt security and bug fix update
2024-04-05 14:56:14
Important: kernel security, bug fix, and enhancement update
2024-04-05 14:55:53
rocky
rocky
kernel security, bug fix, and enhancement update
2024-04-05 14:55:53
kernel security, bug fix, and enhancement update
2024-05-06 13:07:04
kernel-rt security and bug fix update
2024-04-05 14:56:14
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2024-04-10 00:00:00
Unbreakable Enterprise kernel security update
2023-05-09 00:00:00
Unbreakable Enterprise kernel security update
2022-11-15 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2024-04-02 00:00:00
amazon
amazon
Important: kernel
2024-02-01 19:57:00
openvas
openvas
Ubuntu: Security Advisory (USN-5580-1)
2022-08-26 00:00:00
Ubuntu: Security Advisory (USN-5444-1)
2022-08-26 00:00:00
openSUSE: Security Advisory for the (SUSE-SU-2022:2803-1)
2022-08-13 00:00:00
ubuntu
ubuntu
Linux kernel (AWS) vulnerabilities
2022-08-24 00:00:00
Linux kernel vulnerability
2022-05-24 00:00:00
prion
prion
Design/Logic Flaw
2022-09-09 15:15:00
Design/Logic Flaw
2022-09-09 15:15:00
Integer overflow
2022-09-16 17:15:00
debiancve
debiancve
CVE-2022-40133
2022-09-09 15:15:15
CVE-2022-38457
2022-09-09 15:15:14
CVE-2023-51042
2024-01-23 11:15:08
cve
cve
CVE-2022-40133
2022-09-09 15:15:15
CVE-2023-51042
2024-01-23 11:15:08
CVE-2022-38457
2022-09-09 15:15:14
redhatcve
redhatcve
CVE-2022-38457
2022-10-13 14:30:24
CVE-2023-51042
2024-01-24 16:33:06
CVE-2022-40133
2022-10-13 14:30:37
ubuntucve
ubuntucve
CVE-2022-38457
2022-09-09 00:00:00
CVE-2023-51042
2024-01-23 00:00:00
CVE-2022-40133
2022-09-09 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-38457 affecting package kernel 5.15.164.1-1
2024-09-27 09:12:43
CVE-2022-40133 affecting package hyperv-daemons for versions less than 5.15.158.2-1
2024-06-12 22:23:00
CVE-2022-40133 affecting package kernel 5.15.164.1-1
2024-09-27 09:12:43
ibm
ibm
Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management
2024-06-14 16:27:36
Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities.
2024-06-27 03:30:01
cvelist
cvelist
CVE-2022-40133 There is an UAF vulnerability in vmwgfx driver
2022-09-09 14:39:51
CVE-2022-38457 There is an UAF vulnerability in vmwgfx driver
2022-09-09 14:39:51
CVE-2023-51042
2024-01-23 00:00:00
nvd
nvd
CVE-2022-40133
2022-09-09 15:15:15
CVE-2022-38457
2022-09-09 15:15:14
CVE-2022-36402
2022-09-16 17:15:10
cnvd
cnvd
Linux kernel input validation error vulnerability (CNVD-2022-69193)
2022-09-20 00:00:00
Unspecified vulnerability in Linux kernel (CNVD-2024-06433)
2024-01-29 00:00:00
Linux kernel resource management error vulnerability (CNVD-2022-72083)
2022-10-25 00:00:00
vulnrichment
vulnrichment
CVE-2022-38096 There is a NULL pointer vulnerability in vmwgfx driver
2022-09-09 14:39:51
githubexploit
githubexploit
Exploit for Improper Update of Reference Count in Linux Linux Kernel
2022-12-23 10:41:44
Exploit for CVE-2022-29581
2022-09-26 04:52:12
Exploit for Improper Update of Reference Count in Linux Linux Kernel
2022-12-23 12:33:21
veracode
veracode
Out-of-Bounds Access
2023-02-03 23:02:13
Use After Free
2022-12-06 12:20:20
Information Disclosure
2022-04-28 09:29:11
fedora
fedora
[SECURITY] Fedora 37 Update: kernel-6.3.7-100.fc37
2023-06-13 01:16:27
[SECURITY] Fedora 38 Update: kernel-6.3.7-200.fc38
2023-06-13 01:30:26
suse
suse
Security update for the Linux Kernel (important)
2022-08-12 00:00:00
Security update for the Linux Kernel (important)
2022-08-09 00:00:00
mscve
mscve
Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability
2022-09-13 07:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.003

Percentile

69.6%

JSON
Related for RHSA-2024:0946
nessus29redhat11osv10rocky3oraclelinux4almalinux1amazon1openvas8ubuntu2prion14debiancve13cve15redhatcve13ubuntucve13cbl_mariner17ibm2cvelist13nvd15cnvd3vulnrichment1githubexploit3veracode3fedora2suse2mscve1