Vulnerability Database
Blog
FAQ
Docs
RHSA-2023:3914
See a problem?
Source
https://access.redhat.com/errata/RHSA-2023:3914
Import Source
https://security.access.redhat.com/data/osv/RHSA-2023:3914.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2023:3914
Related
CVE-2022-23772
CVE-2022-24675
CVE-2022-28327
CVE-2022-30629
CVE-2022-41717
CVE-2023-24540
CVE-2023-3089
GO-2022-1144
Published
2024-09-30T14:48:52Z
Modified
2024-10-29T20:40:13Z
Severity
8.1 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise security update
Details
References
https://access.redhat.com/errata/RHSA-2023:3914
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2023-001
https://bugzilla.redhat.com/show_bug.cgi?id=2053532
https://bugzilla.redhat.com/show_bug.cgi?id=2077688
https://bugzilla.redhat.com/show_bug.cgi?id=2077689
https://bugzilla.redhat.com/show_bug.cgi?id=2092793
https://bugzilla.redhat.com/show_bug.cgi?id=2161274
https://bugzilla.redhat.com/show_bug.cgi?id=2196027
https://bugzilla.redhat.com/show_bug.cgi?id=2212085
https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3914.json
https://access.redhat.com/security/cve/CVE-2022-23772
https://www.cve.org/CVERecord?id=CVE-2022-23772
https://nvd.nist.gov/vuln/detail/CVE-2022-23772
https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
https://access.redhat.com/security/cve/CVE-2022-24675
https://www.cve.org/CVERecord?id=CVE-2022-24675
https://nvd.nist.gov/vuln/detail/CVE-2022-24675
https://groups.google.com/g/golang-announce/c/oecdBNLOml8
https://access.redhat.com/security/cve/CVE-2022-28327
https://www.cve.org/CVERecord?id=CVE-2022-28327
https://nvd.nist.gov/vuln/detail/CVE-2022-28327
https://access.redhat.com/security/cve/CVE-2022-30629
https://www.cve.org/CVERecord?id=CVE-2022-30629
https://nvd.nist.gov/vuln/detail/CVE-2022-30629
https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg
https://access.redhat.com/security/cve/CVE-2022-41717
https://www.cve.org/CVERecord?id=CVE-2022-41717
https://nvd.nist.gov/vuln/detail/CVE-2022-41717
https://go.dev/cl/455635
https://go.dev/cl/455717
https://go.dev/issue/56350
https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ
https://pkg.go.dev/vuln/GO-2022-1144
https://access.redhat.com/security/cve/CVE-2023-3089
https://www.cve.org/CVERecord?id=CVE-2023-3089
https://nvd.nist.gov/vuln/detail/CVE-2023-3089
https://access.redhat.com/security/cve/CVE-2023-24540
https://www.cve.org/CVERecord?id=CVE-2023-24540
https://nvd.nist.gov/vuln/detail/CVE-2023-24540
https://go.dev/issue/59721
https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU
Affected packages
Red Hat:openshift:4.11::el8
/
buildah
Package
Name
buildah
Purl
pkg:rpm/redhat/buildah
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.23.4-3.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
buildah-debuginfo
Package
Name
buildah-debuginfo
Purl
pkg:rpm/redhat/buildah-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.23.4-3.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
buildah-debugsource
Package
Name
buildah-debugsource
Purl
pkg:rpm/redhat/buildah-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.23.4-3.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
buildah-tests
Package
Name
buildah-tests
Purl
pkg:rpm/redhat/buildah-tests
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.23.4-3.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
buildah-tests-debuginfo
Package
Name
buildah-tests-debuginfo
Purl
pkg:rpm/redhat/buildah-tests-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.23.4-3.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman
Package
Name
podman
Purl
pkg:rpm/redhat/podman
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-catatonit
Package
Name
podman-catatonit
Purl
pkg:rpm/redhat/podman-catatonit
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-catatonit-debuginfo
Package
Name
podman-catatonit-debuginfo
Purl
pkg:rpm/redhat/podman-catatonit-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-debuginfo
Package
Name
podman-debuginfo
Purl
pkg:rpm/redhat/podman-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-debugsource
Package
Name
podman-debugsource
Purl
pkg:rpm/redhat/podman-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-docker
Package
Name
podman-docker
Purl
pkg:rpm/redhat/podman-docker
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-gvproxy-debuginfo
Package
Name
podman-gvproxy-debuginfo
Purl
pkg:rpm/redhat/podman-gvproxy-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-plugins
Package
Name
podman-plugins
Purl
pkg:rpm/redhat/podman-plugins
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-plugins-debuginfo
Package
Name
podman-plugins-debuginfo
Purl
pkg:rpm/redhat/podman-plugins-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-remote
Package
Name
podman-remote
Purl
pkg:rpm/redhat/podman-remote
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-remote-debuginfo
Package
Name
podman-remote-debuginfo
Purl
pkg:rpm/redhat/podman-remote-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
podman-tests
Package
Name
podman-tests
Purl
pkg:rpm/redhat/podman-tests
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:4.0.2-7.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
runc
Package
Name
runc
Purl
pkg:rpm/redhat/runc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3:1.1.2-2.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
runc-debuginfo
Package
Name
runc-debuginfo
Purl
pkg:rpm/redhat/runc-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3:1.1.2-2.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
runc-debugsource
Package
Name
runc-debugsource
Purl
pkg:rpm/redhat/runc-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3:1.1.2-2.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
skopeo
Package
Name
skopeo
Purl
pkg:rpm/redhat/skopeo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:1.5.2-4.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
skopeo-debuginfo
Package
Name
skopeo-debuginfo
Purl
pkg:rpm/redhat/skopeo-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:1.5.2-4.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
skopeo-debugsource
Package
Name
skopeo-debugsource
Purl
pkg:rpm/redhat/skopeo-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:1.5.2-4.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
skopeo-tests
Package
Name
skopeo-tests
Purl
pkg:rpm/redhat/skopeo-tests
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:1.5.2-4.rhaos4.11.el8
Red Hat:openshift:4.11::el8
/
openshift
Package
Name
openshift
Purl
pkg:rpm/redhat/openshift
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8
Red Hat:openshift:4.11::el8
/
openshift-hyperkube
Package
Name
openshift-hyperkube
Purl
pkg:rpm/redhat/openshift-hyperkube
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8
Red Hat:openshift:4.11::el8
/
openshift-ansible
Package
Name
openshift-ansible
Purl
pkg:rpm/redhat/openshift-ansible
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8
Red Hat:openshift:4.11::el8
/
openshift-ansible-test
Package
Name
openshift-ansible-test
Purl
pkg:rpm/redhat/openshift-ansible-test
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8
RHSA-2023:3914 - OSV