VDB

RHSA-2023%3A6233

RHSA-2023%3A6233 PUBLISHED CVSS 7.5 HIGH

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/numaresources-rhel8-operator@sha256:9ae57e31edf4e0a10768d52c7a0cce4f38ce16a0e75785e356ae0c00b73b200c_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/numaresources-rhel8-operator@sha256:9ae57e31edf4e0a10768d52c7a0cce4f38ce16a0e75785e356ae0c00b73b200c_amd64, openshift4/numaresources-rhel8-operator@sha256:9ae57e31edf4e0a10768d52c7a0cce4f38ce16a0e75785e356ae0c00b73b200c_amd64, openshift4/numaresources-rhel8-operator@sha256:9ae57e31edf4e0a10768d52c7a0cce4f38ce16a0e75785e356ae0c00b73b200c_amd64
Red Hatopenshift4/dpdk-base-rhel8@sha256:3faf3d37e7fb8125bf5c49a93cac0e69dd2dbcafcfa27939e706f1d969caa8e7_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/dpdk-base-rhel8@sha256:3faf3d37e7fb8125bf5c49a93cac0e69dd2dbcafcfa27939e706f1d969caa8e7_amd64, openshift4/dpdk-base-rhel8@sha256:3faf3d37e7fb8125bf5c49a93cac0e69dd2dbcafcfa27939e706f1d969caa8e7_amd64, openshift4/dpdk-base-rhel8@sha256:3faf3d37e7fb8125bf5c49a93cac0e69dd2dbcafcfa27939e706f1d969caa8e7_amd64
Red Hatopenshift4/numaresources-operator-bundle@sha256:d058f59dbc21e6b015de06bad2d42e2cec078cbbc80a76fe2f914d641caaef7b_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/numaresources-operator-bundle@sha256:d058f59dbc21e6b015de06bad2d42e2cec078cbbc80a76fe2f914d641caaef7b_amd64, openshift4/numaresources-operator-bundle@sha256:d058f59dbc21e6b015de06bad2d42e2cec078cbbc80a76fe2f914d641caaef7b_amd64, openshift4/numaresources-operator-bundle@sha256:d058f59dbc21e6b015de06bad2d42e2cec078cbbc80a76fe2f914d641caaef7b_amd64
Red Hatopenshift4/performance-addon-operator-must-gather-rhel8@sha256:76501b6f85aac090077094f0d4a2da4475b788b1fb7698b6ec33f17e1b2eb898_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, openshift4/performance-addon-operator-must-gather-rhel8@sha256:76501b6f85aac090077094f0d4a2da4475b788b1fb7698b6ec33f17e1b2eb898_amd64, *
Red Hatopenshift4/cnf-tests-rhel8@sha256:29579a785974ff1130882f04495f90ba8423ea0fb17bf445b82dd919b19c515d_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/cnf-tests-rhel8@sha256:29579a785974ff1130882f04495f90ba8423ea0fb17bf445b82dd919b19c515d_amd64, openshift4/cnf-tests-rhel8@sha256:29579a785974ff1130882f04495f90ba8423ea0fb17bf445b82dd919b19c515d_amd64, *
Red Hatopenshift4/dpdk-base-rhel8@sha256:3faf3d37e7fb8125bf5c49a93cac0e69dd2dbcafcfa27939e706f1d969caa8e7_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/dpdk-base-rhel8@sha256:3faf3d37e7fb8125bf5c49a93cac0e69dd2dbcafcfa27939e706f1d969caa8e7_amd64, *, openshift4/dpdk-base-rhel8@sha256:3faf3d37e7fb8125bf5c49a93cac0e69dd2dbcafcfa27939e706f1d969caa8e7_amd64
Red Hatopenshift4/noderesourcetopology-scheduler-container-rhel8@sha256:245a7c990bcb554ded0f4832957db51d0439311bd85b5c89943e33001e29a2fe_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/noderesourcetopology-scheduler-container-rhel8@sha256:245a7c990bcb554ded0f4832957db51d0439311bd85b5c89943e33001e29a2fe_amd64, openshift4/noderesourcetopology-scheduler-container-rhel8@sha256:245a7c990bcb554ded0f4832957db51d0439311bd85b5c89943e33001e29a2fe_amd64, openshift4/noderesourcetopology-scheduler-container-rhel8@sha256:245a7c990bcb554ded0f4832957db51d0439311bd85b5c89943e33001e29a2fe_amd64
golangGo
Red Hatopenshift4/numaresources-rhel8-operator@sha256:9ae57e31edf4e0a10768d52c7a0cce4f38ce16a0e75785e356ae0c00b73b200c_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, openshift4/numaresources-rhel8-operator@sha256:9ae57e31edf4e0a10768d52c7a0cce4f38ce16a0e75785e356ae0c00b73b200c_amd64, openshift4/numaresources-rhel8-operator@sha256:9ae57e31edf4e0a10768d52c7a0cce4f38ce16a0e75785e356ae0c00b73b200c_amd64
Red Hatopenshift4/performance-addon-operator-must-gather-rhel8@sha256:76501b6f85aac090077094f0d4a2da4475b788b1fb7698b6ec33f17e1b2eb898_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, *, openshift4/performance-addon-operator-must-gather-rhel8@sha256:76501b6f85aac090077094f0d4a2da4475b788b1fb7698b6ec33f17e1b2eb898_amd64
Red Hatopenshift4/cnf-tests-rhel8@sha256:29579a785974ff1130882f04495f90ba8423ea0fb17bf445b82dd919b19c515d_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, *, openshift4/cnf-tests-rhel8@sha256:29579a785974ff1130882f04495f90ba8423ea0fb17bf445b82dd919b19c515d_amd64
Red Hatopenshift4/noderesourcetopology-scheduler-container-rhel8@sha256:245a7c990bcb554ded0f4832957db51d0439311bd85b5c89943e33001e29a2fe_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/noderesourcetopology-scheduler-container-rhel8@sha256:245a7c990bcb554ded0f4832957db51d0439311bd85b5c89943e33001e29a2fe_amd64, openshift4/noderesourcetopology-scheduler-container-rhel8@sha256:245a7c990bcb554ded0f4832957db51d0439311bd85b5c89943e33001e29a2fe_amd64, *
Red Hatopenshift4/numaresources-operator-bundle@sha256:d058f59dbc21e6b015de06bad2d42e2cec078cbbc80a76fe2f914d641caaef7b_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/numaresources-operator-bundle@sha256:d058f59dbc21e6b015de06bad2d42e2cec078cbbc80a76fe2f914d641caaef7b_amd64, openshift4/numaresources-operator-bundle@sha256:d058f59dbc21e6b015de06bad2d42e2cec078cbbc80a76fe2f914d641caaef7b_amd64, *

Timeline

  • Nov 1, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 21, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›