VDB

RHBA-2024%3A0815

RHBA-2024%3A0815 PUBLISHED CVSS 7.5 HIGH

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x
Red Hatopenshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64 as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64
Red Hatopenshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64 as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64
Red Hatopenshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x
Red Hatopenshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64 as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64
Red Hatopenshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x
Red Hatopenshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64 as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64
Red Hatopenshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x as a component of OpenShift Sandboxed Containers 1.5*
Red Hatopenshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x as a component of OpenShift Sandboxed Containers 1.5*
Red Hatopenshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64 as a component of OpenShift Sandboxed Containers 1.5*
Red Hatopenshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x
Red Hatopenshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64 as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64
Red Hatopenshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64 as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64
Red Hatopenshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x as a component of OpenShift Sandboxed Containers 1.5openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x

Timeline

  • Feb 15, 2024 CVE Published
  • Apr 24, 2026 CVE Updated
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›