Red Hat Security Advisory 2024-9093-03 - An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9093.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: xorg-x11-server-Xwayland security update  
Advisory ID:        RHSA-2024:9093-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:9093  
Issue date:         2024-11-12  
Revision:           03  
CVE Names:          CVE-2024-31080  
====================================================================

Summary: 

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Xwayland is an X server for running X clients under Wayland.

Security Fix(es):

* xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080)

* xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice (CVE-2024-31081)

* xorg-x11-server: Use-after-free in ProcRenderAddGlyphs (CVE-2024-31083)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-31080

References:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index  
https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2271997  
https://bugzilla.redhat.com/show_bug.cgi?id=2271998  
https://bugzilla.redhat.com/show_bug.cgi?id=2272000  
https://issues.redhat.com/browse/RHEL-25083

Red Hat Security Advisory 2024-9093-03

Red Hat Security Advisory 2024-9092-03 - An update for freerdp is now available for Red Hat Enterprise Linux 9. Issues addressed include heap overflow, integer overflow, and out of bounds read vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9092.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: freerdp security update  
Advisory ID:        RHSA-2024:9092-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:9092  
Issue date:         2024-11-12  
Revision:           03  
CVE Names:          CVE-2024-22211  
====================================================================

Summary: 

An update for freerdp is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

Security Fix(es):

* freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset (CVE-2024-22211)

* freerdp: out-of-bounds read in ncrush_decompress (CVE-2024-32459)

* freerdp: OutOfBound Read in interleaved_decompress (CVE-2024-32460)

* freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data (CVE-2024-32039)

* freerdp: integer underflow in nsc_rle_decode (CVE-2024-32040)

* freerdp: OutOfBound Read in zgfx_decompress_segment (CVE-2024-32041)

* freerdp: OutOfBound Read in planar_skip_plane_rle (CVE-2024-32458)

* freerdp: out-of-bounds read (CVE-2024-32662)

* FreeRDP: ExtractRunLengthRegular* out of bound read (CVE-2024-32658)

* freerdp: zgfx_decompress out of memory (CVE-2024-32660)

* freerdp: freerdp_image_copy out of bound read (CVE-2024-32659)

* freerdp: rdp_write_logon_info_v1 NULL access (CVE-2024-32661)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-22211

References:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index  
https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2259483  
https://bugzilla.redhat.com/show_bug.cgi?id=2276721  
https://bugzilla.redhat.com/show_bug.cgi?id=2276722  
https://bugzilla.redhat.com/show_bug.cgi?id=2276723  
https://bugzilla.redhat.com/show_bug.cgi?id=2276724  
https://bugzilla.redhat.com/show_bug.cgi?id=2276725  
https://bugzilla.redhat.com/show_bug.cgi?id=2276726  
https://bugzilla.redhat.com/show_bug.cgi?id=2276804  
https://bugzilla.redhat.com/show_bug.cgi?id=2276961  
https://bugzilla.redhat.com/show_bug.cgi?id=2276968  
https://bugzilla.redhat.com/show_bug.cgi?id=2276970  
https://bugzilla.redhat.com/show_bug.cgi?id=2276971  
https://issues.redhat.com/browse/RHEL-33988

Red Hat Security Advisory 2024-9092-03

Red Hat Security Advisory 2024-9089-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9089.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: containernetworking-plugins security updateAdvisory ID:        RHSA-2024:9089-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:9089Issue date:         2024-11-12Revision:           03CVE Names:          CVE-2024-24788====================================================================Summary: An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Security Fix(es):* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-24788References:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/indexhttps://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2279814https://bugzilla.redhat.com/show_bug.cgi?id=2295310https://issues.redhat.com/browse/RHEL-28855

Red Hat Security Advisory 2024-9089-03

Red Hat Security Advisory 2024-9088-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9088.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: edk2 security update  
Advisory ID:        RHSA-2024:9088-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:9088  
Issue date:         2024-11-12  
Revision:           03  
CVE Names:          CVE-2023-6129  
====================================================================

Summary: 

An update for edk2 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. 

Security Fix(es):

* mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)

* openssl: Excessive time spent checking invalid RSA public keys (CVE-2023-6237)

* openssl: denial of service via null dereference (CVE-2024-0727)

* edk2: Temporary DoS vulnerability (CVE-2024-1298)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6129

References:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index  
https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2257571  
https://bugzilla.redhat.com/show_bug.cgi?id=2258502  
https://bugzilla.redhat.com/show_bug.cgi?id=2259944  
https://bugzilla.redhat.com/show_bug.cgi?id=2284243  
https://issues.redhat.com/browse/RHEL-26879  
https://issues.redhat.com/browse/RHEL-28751  
https://issues.redhat.com/browse/RHEL-32486  
https://issues.redhat.com/browse/RHEL-36446  
https://issues.redhat.com/browse/RHEL-43442  
https://issues.redhat.com/browse/RHEL-45899  
https://issues.redhat.com/browse/RHEL-56081  
https://issues.redhat.com/browse/RHEL-56974

Red Hat Security Advisory 2024-9088-03

Red Hat Security Advisory 2024-9056-03 - An update for gstreamer1-plugins-base is now available for Red Hat Enterprise Linux 8. Issues addressed include an integer overflow vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9056.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: gstreamer1-plugins-base security updateAdvisory ID:        RHSA-2024:9056-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:9056Issue date:         2024-11-12Revision:           03CVE Names:          CVE-2024-4453====================================================================Summary: An update for gstreamer1-plugins-base is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.Security Fix(es):* gstreamer: EXIF Metadata Parsing Integer Overflow (CVE-2024-4453)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-4453References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2282999

Red Hat Security Advisory 2024-9056-03

Red Hat Security Advisory 2024-9051-03 - An update for podman is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service and traversal vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9051.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: podman security updateAdvisory ID:        RHSA-2024:9051-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:9051Issue date:         2024-11-12Revision:           03CVE Names:          CVE-2024-9407====================================================================Summary: An update for podman is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.Security Fix(es):* Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction (CVE-2024-9407)* buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)* Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (CVE-2024-9676)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-9407References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2315887https://bugzilla.redhat.com/show_bug.cgi?id=2317458https://bugzilla.redhat.com/show_bug.cgi?id=2317467

Red Hat Security Advisory 2024-9051-03

Red Hat Security Advisory 2024-8969-03 - An update is now available for Red Hat Ansible Automation Platform Execution Environments.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8969.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: Red Hat Ansible Automation Platform Execution Environments Container Release UpdateAdvisory ID:        RHSA-2024:8969-03Product:            Red Hat Ansible Automation PlatformAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8969Issue date:         2024-11-12Revision:           03CVE Names:          CVE-2024-8775====================================================================Summary: An update is now available for Red Hat Ansible Automation Platform Execution EnvironmentsDescription:Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.Security Fix(es):* ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging (CVE-2024-8775)* ansible-core: Ansible-core user may read/write unauthorized content (CVE-2024-9902)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Updates and fixes:* ansible-core has been updated to 2.16.13 (ee-minimal 2.16 stream)* ansible-core has been updated to 2.17.6 (ee-minimal 2.17 stream)* ansible-core 2.18.0 has been added (ee-minimal 2.18 stream)Solution:CVEs:CVE-2024-8775References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2312119https://bugzilla.redhat.com/show_bug.cgi?id=2318271

Red Hat Security Advisory 2024-8969-03

Welcome to the third installment in our series on transparency at the Microsoft Security Response Center (MSRC). In this ongoing discussion, we talk about our commitment to providing comprehensive vulnerability information to our customers. At MSRC, our mission is to protect our customers, communities, and Microsoft, from current and emerging threats to security and privacy.

Welcome to the third installment in our series on transparency at the Microsoft Security Response Center (MSRC). In this ongoing discussion, we talk about our commitment to providing comprehensive vulnerability information to our customers.  

At MSRC, our mission is to protect our customers, communities, and Microsoft, from current and emerging threats to security and privacy. In our previous blog post, we announced new Cloud Service CVEs to increase transparency, even when customers do not need to manually implement a mitigation.  Today, we are adding a new standard machine-readable format called Common Security Advisory Framework (CSAF) to all Microsoft CVE information to help customer accelerate CVE response and remediation.  

CSAF files are meant to be consumed by computers more so than by humans, so we are adding CSAF files as an addition to our existing CVE data channels rather than a replacement. Customers can still consume Microsoft’s CVEs via the Security Update Guide or our API based on the Common Vulnerability Reporting Framework (CVRF), which has been the historic standard for providing vulnerability data. They can also subscribe to receive notifications regarding the latest updates or changes to CVE information via email or our RSS feed.

A quick nerdy background on CSAF and related things: CSAF is managed and maintained by Oasis. It supersedes CVRF, which Microsoft has been using to publish CVE information since 2004.  CVRF was managed by ICASI and adopted by First.org in 2021. RFC 9116, published by IETF, talks about a security.txt file. This text file, published and maintained by companies around the world, describes how to find security information about that company.  Here is the link to the security.txt file for Microsoft. This file informs the public on where we store our CSAF files.

  
**Security.txt file**

    # Our security acknowledgements page
    Acknowledgments: https://msrc.microsoft.com/update-guide/acknowledgement
    
    # Canonical URI
    Canonical: https://www.microsoft.com/.well-known/security.txt
    
    # Our Researcher Portal
    Contact: https://msrc.microsoft.com/report/vulnerability/new
    
    # Our email address
    Contact: mailto:secure@microsoft.com
    
    # Our PGP Key
    Encryption: https://www.microsoft.com/en-us/msrc/pgp-key-msrc
    
    Expires: 2025-10-10T16:00:00.000Z
    
    # Our Bounty policy
    Policy: https://www.microsoft.com/en-us/msrc/bounty/
    
    # Our Coordinated Vulnerability Disclosure Policy
    Policy: https://www.microsoft.com/en-us/msrc/cvd
     
    # Our Bounty Legal Safe Harbor Policy
    Policy: https://www.microsoft.com/en-us/msrc/bounty-safe-harbor
    
    # Our Common Security Advisory Framework (CSAF) publications
    CSAF: https://msrc.microsoft.com/csaf/provider-metadata.json
    
    Preferred-Languages: en 
    

We’ve also added a link to the CSAF directory from the Security Update Guide:

This is the beginning of a journey to continue to increase transparency around our supply chain and the vulnerabilities that we address and resolve in our entire supply chain, including Open Source Software embedded in our products. We are working side by side with other companies in our industry because in many ways, we build products together, and it will take all of us together to meet the needs of our interconnected world.

As always, we look forward to your feedback, which you can provide by clicking on the rating banner at the bottom of every CVE page in the Security Update Guide.  

_Lisa Olson, Principal Program Manager, Security Release_

Toward greater transparency: Publishing machine-readable CSAF files

Red Hat Security Advisory 2024-8974-03 - Red Hat Advanced Cluster Management for Kubernetes 2.12.0 GA release images are now available, which contain security and bug fixes.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8974.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: Red Hat Advanced Cluster Management 2.12.0 security and bug fixes  
Advisory ID:        RHSA-2024:8974-03  
Product:            Red Hat ACM  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8974  
Issue date:         2024-11-11  
Revision:           03  
CVE Names:          CVE-2023-37788  
====================================================================

Summary: 

Red Hat Advanced Cluster Management for Kubernetes 2.12.0 GA release images are now available, which contain security and bug fixes.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.

Description:

Red Hat Advanced Cluster Management for Kubernetes 2.12.0 images

Red Hat Advanced Cluster Management for Kubernetes provides the  
capabilities to address common challenges that administrators and site  
reliability engineers face as they work across a range of public and  
private cloud environments. Clusters and applications are all visible and  
managed from a single console—with security policy built in.

This advisory contains the container images for Red Hat Advanced Cluster  
Management for Kubernetes, which fix several bugs. See the following  
Release Notes documentation, which will be updated shortly for this  
release, for additional details about this release:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/release_notes/

Security fix(es):

CVE-2024-48949 Missing Validation in Elliptic's EDDSA Signature Verification

Jira issues fixed: 

- ACM-11757: Managed clusters flip between Available and Degraded  
- ACM-12215: Provisioning OpenShift on OpenStack fails. The bootstrap node is failing to get the ignition image from Glance. Failing with tls: failed to verify certificate: x509: certificate signed by unknown authority.  
- ACM-12372: multicluster-observability-operator pod restarts with fatal error concurrent map writes  
- ACM-12738: Endpointmetrics does not reconcile CMO Config changes  
- ACM-13066: upgrade from a 2.10 that failed to update MCE to a 2.11 was possible  
- ACM-13149: cluster-monitoring-config retains old Hub for metrics forwarding after transfer to new Hub  
- ACM-14172: Observability pods should not inherit the defaultNodeSelector from the scheduler

Solution:

https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/install/installing

CVEs:

CVE-2023-37788

References:

https://access.redhat.com/security/updates/classification/#important  
https://issues.redhat.com/browse/ACM-11757  
https://issues.redhat.com/browse/ACM-12215  
https://issues.redhat.com/browse/ACM-12372  
https://issues.redhat.com/browse/ACM-12738  
https://issues.redhat.com/browse/ACM-13066  
https://issues.redhat.com/browse/ACM-13149  
https://issues.redhat.com/browse/ACM-14172

Red Hat Security Advisory 2024-8974-03

Red Hat Security Advisory 2024-8697-03 - Red Hat OpenShift Container Platform release 4.14.40 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8697.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: OpenShift Container Platform 4.14.40 bug fix and security update  
Advisory ID:        RHSA-2024:8697-03  
Product:            Red Hat OpenShift Enterprise  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8697  
Issue date:         2024-11-11  
Revision:           03  
CVE Names:          CVE-2023-29401  
====================================================================

Summary: 

Red Hat OpenShift Container Platform release 4.14.40 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.14.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container Platform 4.14.40. See the following advisory for the RPM packages for this release:

https://access.redhat.com/errata/RHSA-2024:8700

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html

Security Fix(es):

* encoding/gob: golang: Calling Decoder.Decode on a message which contains  
deeply nested structures can cause a panic due to stack exhaustion  
(CVE-2024-34156)  
* golang-github-gin-gonic-gin: Gin Web Framework does not properly sanitize  
filename parameter of Context.FileAttachment function (CVE-2023-29401)  
* net/http: Denial of service due to improper 100-continue handling in  
net/http (CVE-2024-24791)  
* go/parser: golang: Calling any of the Parse functions containing deeply  
nested literals can cause a panic/stack exhaustion (CVE-2024-34155)  
* go/build/constraint: golang: Calling Parse on a \"// +build\" build tag  
line with deeply nested expressions can cause a panic due to stack  
exhaustion (CVE-2024-34158)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html

Solution:

CVEs:

CVE-2023-29401

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2216957  
https://bugzilla.redhat.com/show_bug.cgi?id=2295310  
https://bugzilla.redhat.com/show_bug.cgi?id=2310527  
https://bugzilla.redhat.com/show_bug.cgi?id=2310528  
https://bugzilla.redhat.com/show_bug.cgi?id=2310529  
https://issues.redhat.com/browse/OCPBUGS-10337  
https://issues.redhat.com/browse/OCPBUGS-39086  
https://issues.redhat.com/browse/OCPBUGS-42935  
https://issues.redhat.com/browse/OCPBUGS-42952  
https://issues.redhat.com/browse/OCPBUGS-43058  
https://issues.redhat.com/browse/OCPBUGS-43368  
https://issues.redhat.com/browse/OCPBUGS-43484  
https://issues.redhat.com/browse/OCPBUGS-43505  
https://issues.redhat.com/browse/OCPBUGS-43628  
https://issues.redhat.com/browse/OCPBUGS-43688  
https://issues.redhat.com/browse/OCPBUGS-43821  
https://issues.redhat.com/browse/OCPBUGS-43916

Tag

#js