VDB

RHSA-2023%3A5902

RHSA-2023%3A5902 PUBLISHED CVSS 7.5 HIGH

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-insights-rhel8-operator@sha256:0ecdc32995df2101e04d0c03645318ee4a244c9d08d2693c20d18c79b885a492_ppc64le as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ovirt-csi-driver-rhel8@sha256:34392271202d0fc04a4d2f992ca372e0fad8434adf544170af655e90f97af916_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ovirt-csi-driver-rhel8@sha256:34392271202d0fc04a4d2f992ca372e0fad8434adf544170af655e90f97af916_amd64
Red Hatopenshift4/ose-operator-lifecycle-manager@sha256:1bc37c010c1a028373997fe95f2b96c7f4a85c4edc3ed30129d5756a7fdb991c_ppc64le as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-cluster-image-registry-operator@sha256:7bf8d9404c2c6c29a5079138b33c415bca91b54cf3b7a90c54a0624997b64a4c_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-image-registry-operator@sha256:7bf8d9404c2c6c29a5079138b33c415bca91b54cf3b7a90c54a0624997b64a4c_amd64
Red Hatopenshift4/ose-machine-api-provider-gcp-rhel8@sha256:2d1af774642cf3fd8a78fae25ad5bce5590b1969efd64ddb7048417ae885142a_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-machine-api-provider-gcp-rhel8@sha256:2d1af774642cf3fd8a78fae25ad5bce5590b1969efd64ddb7048417ae885142a_ppc64le
Red Hatopenshift4/ose-cli-artifacts@sha256:027b96f66d36787b7759e73e4fd92737cbc1bf68be7d49dabdfb4d7488de2081_s390x as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cli-artifacts@sha256:027b96f66d36787b7759e73e4fd92737cbc1bf68be7d49dabdfb4d7488de2081_s390x
Red Hatopenshift4/ose-agent-installer-orchestrator-rhel8@sha256:88a759d43c08fd7c6a2d4f80261d4a57bb0b7f08300333adb16aea1851fed615_s390x as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-agent-installer-orchestrator-rhel8@sha256:88a759d43c08fd7c6a2d4f80261d4a57bb0b7f08300333adb16aea1851fed615_s390x
Red Hatopenshift4/ose-machine-api-provider-openstack-rhel8@sha256:aa8f9c3d428013f08f6a89d4df2b24788aa4949b02d00fa9b7783cdd185b353b_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-machine-api-provider-openstack-rhel8@sha256:aa8f9c3d428013f08f6a89d4df2b24788aa4949b02d00fa9b7783cdd185b353b_amd64
Red Hatopenshift4/ose-olm-rukpak-rhel8@sha256:1a2a07b20cd995edf673d8c729840f5e42ae9a206564586d78762679b05f4520_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-olm-rukpak-rhel8@sha256:1a2a07b20cd995edf673d8c729840f5e42ae9a206564586d78762679b05f4520_arm64
Red Hatopenshift4/ose-oauth-apiserver-rhel8@sha256:5431e62ef7d91b8e0013161d0950a3b84fa9562a876fb63821825a47a292e71e_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-oauth-apiserver-rhel8@sha256:5431e62ef7d91b8e0013161d0950a3b84fa9562a876fb63821825a47a292e71e_amd64
Red Hatopenshift4/ose-multus-route-override-cni-rhel8@sha256:8bec662ad3c6bd298ae1c9d0223dcbd0b41146956a866d1b13ef9187f5efdd05_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-multus-route-override-cni-rhel8@sha256:8bec662ad3c6bd298ae1c9d0223dcbd0b41146956a866d1b13ef9187f5efdd05_arm64
Red Hatopenshift4/ose-cluster-kube-controller-manager-operator@sha256:e4b066d11f7c7918c94fe9f10154bce5af628fa3f0b4e2404f02dcb9f754f0dc_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-kube-controller-manager-operator@sha256:e4b066d11f7c7918c94fe9f10154bce5af628fa3f0b4e2404f02dcb9f754f0dc_amd64
Red Hatopenshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:d8f0ea6e8c0de45ce5d0a3d81d990602a131ee9c2cbeab70c1c3a9b6483b53ba_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:d8f0ea6e8c0de45ce5d0a3d81d990602a131ee9c2cbeab70c1c3a9b6483b53ba_ppc64le
Red Hatopenshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:350ae2268aae4e1ce35ba8672ece57613f1ceb417727d57c5d485cf55070e7f0_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:350ae2268aae4e1ce35ba8672ece57613f1ceb417727d57c5d485cf55070e7f0_ppc64le
Red Hatopenshift4/ose-telemeter@sha256:4ed56bad7d4f65799c04e3845c0f5a276da75d5a46b7aa820c1c387711282a2e_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-telemeter@sha256:4ed56bad7d4f65799c04e3845c0f5a276da75d5a46b7aa820c1c387711282a2e_amd64
Red Hatopenshift4/ose-cluster-api-rhel8@sha256:638afaea970f7445facc9ef9e916a2517d0df4d3bc4651519cd3fcc24b0f8d46_arm64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-cluster-samples-operator@sha256:fa34ea8c1b3a0f57659bc98fafa5ee46734b265c27fdd8b793250a4dd3271d5c_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-samples-operator@sha256:fa34ea8c1b3a0f57659bc98fafa5ee46734b265c27fdd8b793250a4dd3271d5c_amd64
Red Hatopenshift4/ose-network-interface-bond-cni-rhel8@sha256:f365123798eb2ea5f145fe94eb3394eb02aacf5a9ce84c8d2558bd06003223bf_s390x as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-cluster-policy-controller-rhel8@sha256:05e1af0fe93e4adae09c6db0e8b426df778a50c506436662902d8a5faef286e8_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-policy-controller-rhel8@sha256:05e1af0fe93e4adae09c6db0e8b426df778a50c506436662902d8a5faef286e8_amd64
Red Hatopenshift4/ose-docker-builder@sha256:5722df6e139d0ee70e108e548fdcb7ca4ff5f31779e4a742f04b78cb86d9d453_amd64 as a component of Red Hat OpenShift Container Platform 4.13*

…and 1260 more

Timeline

  • Oct 24, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›