Red Hat OpenShift 4.13 Security Advisory (RHSA-2024:8690) addressing multiple CVEs

From this webpage screenshot, the following key vulnerability information can be obtained: 1. Vulnerability ID: RHSA-2024:8690 2. Release Date: November 6, 2024 3. Severity: Important 4. Affected Products: - Red Hat OpenShift Container Platform 4.13.53 - Red Hat OpenShift Container Platform 4.13.53 for RHEL 9 x86_64 - Red Hat OpenShift Container Platform 4.13.53 for RHEL 8 x86_64 - Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9 ppc64le - Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8 ppc64le - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9 s390x - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8 s390x - Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9 aarch64 - Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8 aarch64 5. Fixed Vulnerabilities: - CVE-2024-9675: Buildah allows arbitrary directory mount - CVE-2024-9676: Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) - CVE-2024-9677: Podman: Buildah: CRI-O: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library - CVE-2024-9678: Podman: Buildah: CRI-O: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion - CVE-2024-9679: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9680: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9681: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9682: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9683: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9684: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9685: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9686: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9687: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9688: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9689: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9690: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9691: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9692: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9693: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9694: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9695: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9696: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9697: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9698: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9699: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9700: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion - CVE-2024-9701: Podman: Buildah: CRI-O: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a pani

Goal Reached Thanks to every supporter — we hit 100%!

Red Hat OpenShift 4.13 Security Advisory (RHSA-2024:8690) addressing multiple CVEs

More from this source