Red Hat OpenShift Container Platform 4.11 for RHEL 8 update for golang

1) Use of insufficiently random values

EUVDB-ID: #VU66122

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-30629

CWE-ID: CWE-330 - Use of Insufficiently Random Values

Exploit availability: No

Description

The vulnerability allows a remote attacker gain access to sensitive information.

The vulnerability exists in crypto/tls implementation when generating TLS tickets age. The newSessionTicketMsgTLS13.ageAdd is always set to "0" instead of a random value.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openshift (Red Hat package): 4.11.0-202207082037.p0.g9546431.assembly.stream.el8 - 4.11.0-202208101756.p0.g4f0dd4d.assembly.stream.el8

openstack-ironic (Red Hat package): 20.2.1-0.20220628175043.b5ed57a.el8

cri-tools (Red Hat package): 1.24.2-4.1.el8

python-sushy (Red Hat package): 4.0.0-0.20211209155954.45d24d4.el8

CPE2.3

• cpe:2.3:o:red_hat:openshift_redhat_package:4.11.0-202208101756.p0.g4f0dd4d.assembly.stream.el8:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:openshift_redhat_package:4.11.0-202207082037.p0.g9546431.assembly.stream.el8:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:openstack-ironic_redhat_package:20.2.1-0.20220628175043.b5ed57a.el8:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:cri-tools_redhat_package:1.24.2-4.1.el8:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:python-sushy_redhat_package:4.0.0-0.20211209155954.45d24d4.el8:*:*:*:*:red_hat_enterprise_linux:*:

External links

http://access.redhat.com/errata/RHSA-2022:6535

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.