Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.10



Risk Medium
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2021-21684
CVE-2022-0532
CVE-2014-3577
CVE-2021-41190
CVE-2021-44717
CVE-2021-44716
CVE-2012-6153
CWE-ID CWE-79
CWE-732
CWE-295
CWE-843
CWE-400
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
openshift-ansible (Red Hat package)
Operating systems & Components / Operating system package or component

toolbox (Red Hat package)
Operating systems & Components / Operating system package or component

skopeo (Red Hat package)
Operating systems & Components / Operating system package or component

rust-bootupd (Red Hat package)
Operating systems & Components / Operating system package or component

rust-afterburn (Red Hat package)
Operating systems & Components / Operating system package or component

runc (Red Hat package)
Operating systems & Components / Operating system package or component

redhat-release-coreos (Red Hat package)
Operating systems & Components / Operating system package or component

python-tooz (Red Hat package)
Operating systems & Components / Operating system package or component

python-sushy-oem-idrac (Red Hat package)
Operating systems & Components / Operating system package or component

python-sushy (Red Hat package)
Operating systems & Components / Operating system package or component

python-stevedore (Red Hat package)
Operating systems & Components / Operating system package or component

python-scciclient (Red Hat package)
Operating systems & Components / Operating system package or component

python-proliantutils (Red Hat package)
Operating systems & Components / Operating system package or component

python-pbr (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-utils (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-upgradecheck (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-service (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-serialization (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-policy (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-metrics (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-messaging (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-log (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-i18n (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-db (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-context (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-config (Red Hat package)
Operating systems & Components / Operating system package or component

python-oslo-concurrency (Red Hat package)
Operating systems & Components / Operating system package or component

python-osc-lib (Red Hat package)
Operating systems & Components / Operating system package or component

python-openstacksdk (Red Hat package)
Operating systems & Components / Operating system package or component

python-keystoneauth1 (Red Hat package)
Operating systems & Components / Operating system package or component

python-ironicclient (Red Hat package)
Operating systems & Components / Operating system package or component

python-ironic-prometheus-exporter (Red Hat package)
Operating systems & Components / Operating system package or component

python-ironic-lib (Red Hat package)
Operating systems & Components / Operating system package or component

python-hardware (Red Hat package)
Operating systems & Components / Operating system package or component

python-dracclient (Red Hat package)
Operating systems & Components / Operating system package or component

python-debtcollector (Red Hat package)
Operating systems & Components / Operating system package or component

python-cliff (Red Hat package)
Operating systems & Components / Operating system package or component

python-cachetools (Red Hat package)
Operating systems & Components / Operating system package or component

python-autopage (Red Hat package)
Operating systems & Components / Operating system package or component

podman (Red Hat package)
Operating systems & Components / Operating system package or component

ovn21.09 (Red Hat package)
Operating systems & Components / Operating system package or component

ovn-2021 (Red Hat package)
Operating systems & Components / Operating system package or component

openvswitch2.16 (Red Hat package)
Operating systems & Components / Operating system package or component

openstack-ironic-python-agent (Red Hat package)
Operating systems & Components / Operating system package or component

openstack-ironic-inspector (Red Hat package)
Operating systems & Components / Operating system package or component

openstack-ironic (Red Hat package)
Operating systems & Components / Operating system package or component

openshift-kuryr (Red Hat package)
Operating systems & Components / Operating system package or component

openshift-clients (Red Hat package)
Operating systems & Components / Operating system package or component

openshift (Red Hat package)
Operating systems & Components / Operating system package or component

kata-containers (Red Hat package)
Operating systems & Components / Operating system package or component

jenkins (Red Hat package)
Operating systems & Components / Operating system package or component

jenkins-2-plugins (Red Hat package)
Operating systems & Components / Operating system package or component

ignition (Red Hat package)
Operating systems & Components / Operating system package or component

haproxy (Red Hat package)
Operating systems & Components / Operating system package or component

fuse-overlayfs (Red Hat package)
Operating systems & Components / Operating system package or component

crun (Red Hat package)
Operating systems & Components / Operating system package or component

cri-tools (Red Hat package)
Operating systems & Components / Operating system package or component

cri-o (Red Hat package)
Operating systems & Components / Operating system package or component

coreos-installer (Red Hat package)
Operating systems & Components / Operating system package or component

containers-common (Red Hat package)
Operating systems & Components / Operating system package or component

containernetworking-plugins (Red Hat package)
Operating systems & Components / Operating system package or component

console-login-helper-messages (Red Hat package)
Operating systems & Components / Operating system package or component

butane (Red Hat package)
Operating systems & Components / Operating system package or component

buildah (Red Hat package)
Operating systems & Components / Operating system package or component

atomic-openshift-service-idler (Red Hat package)
Operating systems & Components / Operating system package or component

ovn21.12 (Red Hat package)
Operating systems & Components / Operating system package or component

Red Hat OpenShift Container Platform
Client/Desktop applications / Software for system administration

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Stored cross-site scripting

EUVDB-ID: #VU57149

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-21684

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7

toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8

skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8

rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8

rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8

runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7

redhat-release-coreos (Red Hat package): before 410.84-2.el8

python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8

python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8

python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8

python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8

python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8

python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8

python-pbr (Red Hat package): before 5.5.1-1.el8ost

python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8

python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8

python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8

python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8

python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8

python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8

python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8

python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8

python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8

python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8

python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8

python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8

python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8

python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8

python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8

python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8

python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8

python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8

python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8

python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8

python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8

python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8

python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8

python-cachetools (Red Hat package): before 3.1.0-2.el8ost

python-autopage (Red Hat package): before 0.4.0-1.el8

podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8

ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp

ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp

openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp

openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8

openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8

openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8

openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8

openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7

openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7

kata-containers (Red Hat package): before 2.3.0-3.el8

jenkins (Red Hat package): before 2.319.2.1643288987-1.el8

jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8

ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8

haproxy (Red Hat package): before 2.2.19-1.el8

fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8

crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8

cri-tools (Red Hat package): before 1.23.0-1.el7

cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7

coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8

containers-common (Red Hat package): before 1-16.rhaos4.10.el8

containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8

console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8

butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8

buildah (Red Hat package): before 1.19.7-1.el8

atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8

Red Hat OpenShift Container Platform: before 4.10.3

ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2022:0055


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Incorrect permission assignment for critical resource

EUVDB-ID: #VU68299

Risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-0532

CWE-ID: CWE-732 - Incorrect Permission Assignment for Critical Resource

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to incorrect sysctls validation in CRI-O. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7

toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8

skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8

rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8

rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8

runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7

redhat-release-coreos (Red Hat package): before 410.84-2.el8

python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8

python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8

python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8

python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8

python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8

python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8

python-pbr (Red Hat package): before 5.5.1-1.el8ost

python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8

python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8

python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8

python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8

python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8

python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8

python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8

python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8

python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8

python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8

python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8

python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8

python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8

python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8

python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8

python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8

python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8

python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8

python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8

python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8

python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8

python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8

python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8

python-cachetools (Red Hat package): before 3.1.0-2.el8ost

python-autopage (Red Hat package): before 0.4.0-1.el8

podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8

ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp

ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp

openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp

openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8

openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8

openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8

openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8

openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7

openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7

kata-containers (Red Hat package): before 2.3.0-3.el8

jenkins (Red Hat package): before 2.319.2.1643288987-1.el8

jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8

ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8

haproxy (Red Hat package): before 2.2.19-1.el8

fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8

crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8

cri-tools (Red Hat package): before 1.23.0-1.el7

cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7

coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8

containers-common (Red Hat package): before 1-16.rhaos4.10.el8

containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8

console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8

butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8

buildah (Red Hat package): before 1.19.7-1.el8

atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8

Red Hat OpenShift Container Platform: before 4.10.3

ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2022:0055


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper Certificate Validation

EUVDB-ID: #VU57150

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2014-3577

CWE-ID: CWE-295 - Improper Certificate Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper certificate validation. A remote attacker can perform a man-in-the-middle (MitM) attack and spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7

toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8

skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8

rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8

rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8

runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7

redhat-release-coreos (Red Hat package): before 410.84-2.el8

python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8

python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8

python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8

python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8

python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8

python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8

python-pbr (Red Hat package): before 5.5.1-1.el8ost

python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8

python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8

python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8

python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8

python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8

python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8

python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8

python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8

python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8

python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8

python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8

python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8

python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8

python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8

python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8

python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8

python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8

python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8

python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8

python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8

python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8

python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8

python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8

python-cachetools (Red Hat package): before 3.1.0-2.el8ost

python-autopage (Red Hat package): before 0.4.0-1.el8

podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8

ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp

ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp

openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp

openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8

openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8

openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8

openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8

openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7

openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7

kata-containers (Red Hat package): before 2.3.0-3.el8

jenkins (Red Hat package): before 2.319.2.1643288987-1.el8

jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8

ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8

haproxy (Red Hat package): before 2.2.19-1.el8

fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8

crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8

cri-tools (Red Hat package): before 1.23.0-1.el7

cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7

coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8

containers-common (Red Hat package): before 1-16.rhaos4.10.el8

containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8

console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8

butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8

buildah (Red Hat package): before 1.19.7-1.el8

atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8

Red Hat OpenShift Container Platform: before 4.10.3

ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2022:0055


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Type Confusion

EUVDB-ID: #VU58229

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-41190

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to a type confusion error. A remote authenticated attacker can pass specially crafted data to the application, trigger a type confusion error and interpret the resulting content differently.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7

toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8

skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8

rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8

rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8

runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7

redhat-release-coreos (Red Hat package): before 410.84-2.el8

python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8

python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8

python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8

python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8

python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8

python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8

python-pbr (Red Hat package): before 5.5.1-1.el8ost

python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8

python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8

python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8

python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8

python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8

python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8

python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8

python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8

python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8

python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8

python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8

python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8

python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8

python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8

python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8

python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8

python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8

python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8

python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8

python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8

python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8

python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8

python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8

python-cachetools (Red Hat package): before 3.1.0-2.el8ost

python-autopage (Red Hat package): before 0.4.0-1.el8

podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8

ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp

ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp

openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp

openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8

openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8

openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8

openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8

openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7

openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7

kata-containers (Red Hat package): before 2.3.0-3.el8

jenkins (Red Hat package): before 2.319.2.1643288987-1.el8

jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8

ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8

haproxy (Red Hat package): before 2.2.19-1.el8

fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8

crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8

cri-tools (Red Hat package): before 1.23.0-1.el7

cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7

coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8

containers-common (Red Hat package): before 1-16.rhaos4.10.el8

containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8

console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8

butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8

buildah (Red Hat package): before 1.19.7-1.el8

atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8

Red Hat OpenShift Container Platform: before 4.10.3

ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2022:0055


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource exhaustion

EUVDB-ID: #VU59042

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-44717

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when processing HTTP/2 requests. A remote attacker can send multiple HTTP/2 requests to the server and exhaust all available memory resources.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7

toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8

skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8

rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8

rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8

runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7

redhat-release-coreos (Red Hat package): before 410.84-2.el8

python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8

python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8

python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8

python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8

python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8

python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8

python-pbr (Red Hat package): before 5.5.1-1.el8ost

python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8

python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8

python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8

python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8

python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8

python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8

python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8

python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8

python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8

python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8

python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8

python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8

python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8

python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8

python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8

python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8

python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8

python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8

python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8

python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8

python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8

python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8

python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8

python-cachetools (Red Hat package): before 3.1.0-2.el8ost

python-autopage (Red Hat package): before 0.4.0-1.el8

podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8

ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp

ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp

openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp

openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8

openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8

openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8

openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8

openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7

openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7

kata-containers (Red Hat package): before 2.3.0-3.el8

jenkins (Red Hat package): before 2.319.2.1643288987-1.el8

jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8

ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8

haproxy (Red Hat package): before 2.2.19-1.el8

fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8

crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8

cri-tools (Red Hat package): before 1.23.0-1.el7

cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7

coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8

containers-common (Red Hat package): before 1-16.rhaos4.10.el8

containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8

console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8

butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8

buildah (Red Hat package): before 1.19.7-1.el8

atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8

Red Hat OpenShift Container Platform: before 4.10.3

ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2022:0055


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU58824

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-44716

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7

toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8

skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8

rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8

rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8

runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7

redhat-release-coreos (Red Hat package): before 410.84-2.el8

python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8

python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8

python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8

python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8

python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8

python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8

python-pbr (Red Hat package): before 5.5.1-1.el8ost

python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8

python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8

python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8

python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8

python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8

python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8

python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8

python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8

python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8

python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8

python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8

python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8

python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8

python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8

python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8

python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8

python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8

python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8

python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8

python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8

python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8

python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8

python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8

python-cachetools (Red Hat package): before 3.1.0-2.el8ost

python-autopage (Red Hat package): before 0.4.0-1.el8

podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8

ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp

ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp

openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp

openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8

openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8

openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8

openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8

openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7

openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7

kata-containers (Red Hat package): before 2.3.0-3.el8

jenkins (Red Hat package): before 2.319.2.1643288987-1.el8

jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8

ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8

haproxy (Red Hat package): before 2.2.19-1.el8

fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8

crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8

cri-tools (Red Hat package): before 1.23.0-1.el7

cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7

coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8

containers-common (Red Hat package): before 1-16.rhaos4.10.el8

containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8

console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8

butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8

buildah (Red Hat package): before 1.19.7-1.el8

atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8

Red Hat OpenShift Container Platform: before 4.10.3

ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2022:0055


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU77628

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2012-6153

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to modify files on the system.

The vulnerability exists due to Apache Commons HttpClient does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. A remote attacker can pass specially crafted input to the application and modify files on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7

toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8

skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8

rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8

rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8

runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7

redhat-release-coreos (Red Hat package): before 410.84-2.el8

python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8

python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8

python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8

python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8

python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8

python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8

python-pbr (Red Hat package): before 5.5.1-1.el8ost

python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8

python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8

python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8

python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8

python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8

python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8

python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8

python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8

python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8

python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8

python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8

python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8

python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8

python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8

python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8

python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8

python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8

python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8

python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8

python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8

python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8

python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8

python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8

python-cachetools (Red Hat package): before 3.1.0-2.el8ost

python-autopage (Red Hat package): before 0.4.0-1.el8

podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8

ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp

ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp

openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp

openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8

openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8

openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8

openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8

openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7

openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7

kata-containers (Red Hat package): before 2.3.0-3.el8

jenkins (Red Hat package): before 2.319.2.1643288987-1.el8

jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8

ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8

haproxy (Red Hat package): before 2.2.19-1.el8

fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8

crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8

cri-tools (Red Hat package): before 1.23.0-1.el7

cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7

coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8

containers-common (Red Hat package): before 1-16.rhaos4.10.el8

containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8

console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8

butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8

buildah (Red Hat package): before 1.19.7-1.el8

atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8

Red Hat OpenShift Container Platform: before 4.10.3

ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2022:0055


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###