Headline
Red Hat Security Advisory 2024-0954-03
Red Hat Security Advisory 2024-0954-03 - The components for Red Hat OpenShift for Windows Containers 10.15.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.
The following advisory data is extracted from:
https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0954.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat’s archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.
- Packet Storm Staff
====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat OpenShift for Windows Containers 10.15.0 security update
Advisory ID: RHSA-2024:0954-03
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2024:0954
Issue date: 2024-02-27
Revision: 03
CVE Names: CVE-2023-5528
====================================================================
Summary:
The components for Red Hat OpenShift for Windows Containers 10.15.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description:
Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.
Security Fix(es):
golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
kubernetes: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes (CVE-2023-5528)
ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution:
https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html
CVEs:
CVE-2023-5528
References:
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
https://bugzilla.redhat.com/show_bug.cgi?id=2243296
https://bugzilla.redhat.com/show_bug.cgi?id=2247163
https://bugzilla.redhat.com/show_bug.cgi?id=2247570
https://bugzilla.redhat.com/show_bug.cgi?id=2254210
https://issues.redhat.com/browse/OCPBUGS-15988
https://issues.redhat.com/browse/OCPBUGS-17217
https://issues.redhat.com/browse/OCPBUGS-18554
https://issues.redhat.com/browse/OCPBUGS-19502
https://issues.redhat.com/browse/OCPBUGS-19716
https://issues.redhat.com/browse/OCPBUGS-19943
https://issues.redhat.com/browse/OCPBUGS-25350
https://issues.redhat.com/browse/OCPBUGS-25755
https://issues.redhat.com/browse/OCPBUGS-25756
https://issues.redhat.com/browse/OCPBUGS-27239
https://issues.redhat.com/browse/OCPBUGS-27300
https://issues.redhat.com/browse/OCPBUGS-27503
https://issues.redhat.com/browse/OCPBUGS-28700
https://issues.redhat.com/browse/OCPBUGS-5002
https://issues.redhat.com/browse/OCPBUGS-8996
https://issues.redhat.com/browse/WINC-1053
https://issues.redhat.com/browse/WINC-1117
https://issues.redhat.com/browse/WINC-1146
https://issues.redhat.com/browse/WINC-1181
https://issues.redhat.com/browse/WINC-751
Related news
Red Hat Security Advisory 2024-8235-03 - Red Hat OpenShift Container Platform release 4.14.39 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, denial of service, and out of bounds write vulnerabilities.
Debian Linux Security Advisory 5750-1 - Support for the "strict kex" SSH extension has been backported to AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening against the Terrapin attack.
Red Hat Security Advisory 2024-3918-03 - Red Hat OpenShift Container Platform release 4.14.30 is now available with updates to packages and images that fix several bugs and add enhancements.
Gentoo Linux Security Advisory 202405-31 - A vulnerability has been discovered in Kubelet, which can lead to privilege escalation. Versions greater than or equal to 1.28.5 are affected.
Red Hat Security Advisory 2024-1859-03 - OpenShift API for Data Protection 1.3.1 is now available. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-1557-03 - An update is now available for Red Hat OpenShift Builds 1.0. Issues addressed include denial of service and traversal vulnerabilities.
Red Hat Security Advisory 2024-1203-03 - The components for Red Hat OpenShift for Windows Containers 9.0.1 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2024-1197-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Security Advisory 2024-1193-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and file overwrite vulnerabilities.
Red Hat Security Advisory 2024-1150-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.
Red Hat Security Advisory 2024-0625-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Security Advisory 2024-0538-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and null pointer vulnerabilities.
Ubuntu Security Notice 6589-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information.
Debian Linux Security Advisory 5600-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
Debian Linux Security Advisory 5599-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
Ubuntu Security Notice 6560-2 - USN-6560-1 fixed several vulnerabilities in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS score: 5.9), the exploit has been described as the "first ever practically exploitable prefix
Gentoo Linux Security Advisory 202312-17 - Multiple vulnerabilities have been discovered in OpenSSH, the worst of which could lead to code execution. Versions greater than or equal to 9.6_p1 are affected.
Ubuntu Security Notice 6561-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
Ubuntu Security Notice 6560-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Luci Stanescu discovered that OpenSSH incorrectly added destination constraints when smartcard keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
Red Hat Security Advisory 2023-7710-03 - An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.12. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2023-7710-03 - An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.12. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2023-7709-03 - The components for Red Hat OpenShift for Windows Containers 8.1.1 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2023-7662-03 - An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.11. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2023-7662-03 - An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.11. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2023-7587-01 - An update is now available for IBM Business Automation Manager Open Editions including images for Red Hat OpenShift Container Platform. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-7515-01 - The components for Red Hat OpenShift for Windows Containers 9.0.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.
Gentoo Linux Security Advisory 202311-9 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. Versions greater than or equal to 1.20.10 are affected.
Ubuntu Security Notice 6505-1 - It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service.
Red Hat Security Advisory 2023-7215-01 - Red Hat OpenShift Service Mesh 2.2.12 Containers. Issues addressed include a denial of service vulnerability.
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
Red Hat Security Advisory 2023-6105-01 - An update is now available for Red Hat JBoss Core Services. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5895-01 - Red Hat OpenShift Container Platform release 4.12.40 is now available with updates to packages and images that fix several bugs.
Red Hat Security Advisory 2023-6057-01 - An update for toolbox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5982-01 - An update for foreman_ygg_worker, puppet-agent, qpid-proton, and yggdrasil is now available for Satellite Client 6 for RHEL 6, Satellite Client 6 for RHEL 7, Satellite Client 6 for RHEL 8, and Satellite Client 6 for RHEL 9. Issues addressed include code execution and denial of service vulnerabilities.
Red Hat Security Advisory 2023-5835-01 - The rhc-worker-script packages provide Remote Host Configuration worker for executing an interpreted programming language script on hosts managed by Red Hat Insights. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5809-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Red Hat Security Advisory 2023-5784-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.5 serves as a replacement for Red Hat JBoss Web Server 5.7.4. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5707-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5706-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5768-01 - nghttp2 contains the Hypertext Transfer Protocol version 2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Issues addressed include a denial of service vulnerability.
Debian Linux Security Advisory 5522-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which have come under active exploitation in the wild. Of the 103 flaws, 13 are rated Critical and 90 are rated Important in severity. This is apart from 18 security vulnerabilities addressed in its Chromium-based Edge browser since the second Tuesday of September. The two
Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS.