RHSA-2023%3A6828
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | advanced-cluster-security/rhacs-rhel8-operator@sha256:186eaa4cf4b8896cfe4141925f26f406cc0156c676b159745d0205f4ed857951_ppc64le as a component of RHACS 4.1 for RHEL 8 | *, *, advanced-cluster-security/rhacs-rhel8-operator@sha256:186eaa4cf4b8896cfe4141925f26f406cc0156c676b159745d0205f4ed857951_ppc64le |
| Red Hat | advanced-cluster-security/rhacs-main-rhel8@sha256:165f94df366216d0684b323c872d968faa3fbb45723ddb6e35fb1e191000aa0e_ppc64le as a component of RHACS 4.1 for RHEL 8 | *, advanced-cluster-security/rhacs-main-rhel8@sha256:165f94df366216d0684b323c872d968faa3fbb45723ddb6e35fb1e191000aa0e_ppc64le, advanced-cluster-security/rhacs-main-rhel8@sha256:165f94df366216d0684b323c872d968faa3fbb45723ddb6e35fb1e191000aa0e_ppc64le |
| Red Hat | advanced-cluster-security/rhacs-central-db-rhel8@sha256:225ef8caeff7d8e40d4ef1cec150a347091249c6116199a8b8cbbb2b657d40fb_s390x as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-central-db-rhel8@sha256:225ef8caeff7d8e40d4ef1cec150a347091249c6116199a8b8cbbb2b657d40fb_s390x, *, * |
| Red Hat | advanced-cluster-security/rhacs-rhel8-operator@sha256:b291129b5dfd95d707e4cf1007928c406de1f39020eef4e54d63b0ada33c6107_amd64 as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-rhel8-operator@sha256:b291129b5dfd95d707e4cf1007928c406de1f39020eef4e54d63b0ada33c6107_amd64, advanced-cluster-security/rhacs-rhel8-operator@sha256:b291129b5dfd95d707e4cf1007928c406de1f39020eef4e54d63b0ada33c6107_amd64, advanced-cluster-security/rhacs-rhel8-operator@sha256:b291129b5dfd95d707e4cf1007928c406de1f39020eef4e54d63b0ada33c6107_amd64 |
| Red Hat | advanced-cluster-security/rhacs-scanner-rhel8@sha256:5ca23d8f43543d454e24ec10aeb2f00847b4a4e9eb3fe3495a77e11222c21969_s390x as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-scanner-rhel8@sha256:5ca23d8f43543d454e24ec10aeb2f00847b4a4e9eb3fe3495a77e11222c21969_s390x, *, advanced-cluster-security/rhacs-scanner-rhel8@sha256:5ca23d8f43543d454e24ec10aeb2f00847b4a4e9eb3fe3495a77e11222c21969_s390x |
| Red Hat | advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36dbe96cd603b2da2f3a7fec55ea5132d704395d9ec01806306307f756bd1a13_s390x as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36dbe96cd603b2da2f3a7fec55ea5132d704395d9ec01806306307f756bd1a13_s390x, advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36dbe96cd603b2da2f3a7fec55ea5132d704395d9ec01806306307f756bd1a13_s390x, * |
| Red Hat | advanced-cluster-security/rhacs-rhel8-operator@sha256:b291129b5dfd95d707e4cf1007928c406de1f39020eef4e54d63b0ada33c6107_amd64 as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-rhel8-operator@sha256:b291129b5dfd95d707e4cf1007928c406de1f39020eef4e54d63b0ada33c6107_amd64, advanced-cluster-security/rhacs-rhel8-operator@sha256:b291129b5dfd95d707e4cf1007928c406de1f39020eef4e54d63b0ada33c6107_amd64, * |
| Red Hat | advanced-cluster-security/rhacs-rhel8-operator@sha256:5adc8bbbfe0514d877f1c4ec9bb30dbf039634c9adba729623e7a4f6843a31fb_s390x as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-rhel8-operator@sha256:5adc8bbbfe0514d877f1c4ec9bb30dbf039634c9adba729623e7a4f6843a31fb_s390x, advanced-cluster-security/rhacs-rhel8-operator@sha256:5adc8bbbfe0514d877f1c4ec9bb30dbf039634c9adba729623e7a4f6843a31fb_s390x, * |
| Red Hat | advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ed4a04c43fd03091f78f24df01631b5fb1e8ca79a51d075081d6c49038f14f82_s390x as a component of RHACS 4.1 for RHEL 8 | *, *, advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ed4a04c43fd03091f78f24df01631b5fb1e8ca79a51d075081d6c49038f14f82_s390x |
| Red Hat | advanced-cluster-security/rhacs-operator-bundle@sha256:13565496a1f4cb80746d542fc13c9f024b811dfb7df84d2013bc79b5809622bc_s390x as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-operator-bundle@sha256:13565496a1f4cb80746d542fc13c9f024b811dfb7df84d2013bc79b5809622bc_s390x, *, advanced-cluster-security/rhacs-operator-bundle@sha256:13565496a1f4cb80746d542fc13c9f024b811dfb7df84d2013bc79b5809622bc_s390x |
| Red Hat | advanced-cluster-security/rhacs-collector-rhel8@sha256:c40c2b4aaa6e4d06e96772cf76ff1366284833e36a0872df636f549b58085f0d_amd64 as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-collector-rhel8@sha256:c40c2b4aaa6e4d06e96772cf76ff1366284833e36a0872df636f549b58085f0d_amd64, *, * |
| Red Hat | advanced-cluster-security/rhacs-scanner-rhel8@sha256:6c3a5aba527996b157f3609735381f256c68c5b24363b2385f25558975806458_ppc64le as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-scanner-rhel8@sha256:6c3a5aba527996b157f3609735381f256c68c5b24363b2385f25558975806458_ppc64le, advanced-cluster-security/rhacs-scanner-rhel8@sha256:6c3a5aba527996b157f3609735381f256c68c5b24363b2385f25558975806458_ppc64le, * |
| Red Hat | advanced-cluster-security/rhacs-main-rhel8@sha256:9d3e2bb44a4f866bd04efb8223d68f21b04855239d95d81b530f61c9f5e42bd1_amd64 as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-main-rhel8@sha256:9d3e2bb44a4f866bd04efb8223d68f21b04855239d95d81b530f61c9f5e42bd1_amd64, advanced-cluster-security/rhacs-main-rhel8@sha256:9d3e2bb44a4f866bd04efb8223d68f21b04855239d95d81b530f61c9f5e42bd1_amd64, advanced-cluster-security/rhacs-main-rhel8@sha256:9d3e2bb44a4f866bd04efb8223d68f21b04855239d95d81b530f61c9f5e42bd1_amd64 |
| Red Hat | advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cebe3e3c935995b9352b7e1b17f469f57917db4576d44d11d0ff4c37fe21948d_ppc64le as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cebe3e3c935995b9352b7e1b17f469f57917db4576d44d11d0ff4c37fe21948d_ppc64le, advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cebe3e3c935995b9352b7e1b17f469f57917db4576d44d11d0ff4c37fe21948d_ppc64le, advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cebe3e3c935995b9352b7e1b17f469f57917db4576d44d11d0ff4c37fe21948d_ppc64le |
| Red Hat | advanced-cluster-security/rhacs-collector-rhel8@sha256:64b1287daff111b974cce3df8134cb09d5a4974a37412564dc02bf93df35a4c6_ppc64le as a component of RHACS 4.1 for RHEL 8 | *, advanced-cluster-security/rhacs-collector-rhel8@sha256:64b1287daff111b974cce3df8134cb09d5a4974a37412564dc02bf93df35a4c6_ppc64le, advanced-cluster-security/rhacs-collector-rhel8@sha256:64b1287daff111b974cce3df8134cb09d5a4974a37412564dc02bf93df35a4c6_ppc64le |
| Red Hat | advanced-cluster-security/rhacs-operator-bundle@sha256:13565496a1f4cb80746d542fc13c9f024b811dfb7df84d2013bc79b5809622bc_s390x as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-operator-bundle@sha256:13565496a1f4cb80746d542fc13c9f024b811dfb7df84d2013bc79b5809622bc_s390x, advanced-cluster-security/rhacs-operator-bundle@sha256:13565496a1f4cb80746d542fc13c9f024b811dfb7df84d2013bc79b5809622bc_s390x, * |
| Red Hat | advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:53e85c3769970a2bba52913b2c1ed8e784daf84b42de6317dd66cfe76d1591d1_ppc64le as a component of RHACS 4.1 for RHEL 8 | *, advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:53e85c3769970a2bba52913b2c1ed8e784daf84b42de6317dd66cfe76d1591d1_ppc64le, * |
| Red Hat | advanced-cluster-security/rhacs-rhel8-operator@sha256:186eaa4cf4b8896cfe4141925f26f406cc0156c676b159745d0205f4ed857951_ppc64le as a component of RHACS 4.1 for RHEL 8 | *, advanced-cluster-security/rhacs-rhel8-operator@sha256:186eaa4cf4b8896cfe4141925f26f406cc0156c676b159745d0205f4ed857951_ppc64le, advanced-cluster-security/rhacs-rhel8-operator@sha256:186eaa4cf4b8896cfe4141925f26f406cc0156c676b159745d0205f4ed857951_ppc64le |
| Red Hat | advanced-cluster-security/rhacs-main-rhel8@sha256:9d3e2bb44a4f866bd04efb8223d68f21b04855239d95d81b530f61c9f5e42bd1_amd64 as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-main-rhel8@sha256:9d3e2bb44a4f866bd04efb8223d68f21b04855239d95d81b530f61c9f5e42bd1_amd64, *, advanced-cluster-security/rhacs-main-rhel8@sha256:9d3e2bb44a4f866bd04efb8223d68f21b04855239d95d81b530f61c9f5e42bd1_amd64 |
| Red Hat | advanced-cluster-security/rhacs-scanner-rhel8@sha256:5d6f36aaca6e9f98500fcadda71eb617c852bf0d4f0b6a71b66a343b3ec41985_amd64 as a component of RHACS 4.1 for RHEL 8 | advanced-cluster-security/rhacs-scanner-rhel8@sha256:5d6f36aaca6e9f98500fcadda71eb617c852bf0d4f0b6a71b66a343b3ec41985_amd64, advanced-cluster-security/rhacs-scanner-rhel8@sha256:5d6f36aaca6e9f98500fcadda71eb617c852bf0d4f0b6a71b66a343b3ec41985_amd64, advanced-cluster-security/rhacs-scanner-rhel8@sha256:5d6f36aaca6e9f98500fcadda71eb617c852bf0d4f0b6a71b66a343b3ec41985_amd64 |
…and 46 more
Timeline
- Nov 8, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 21, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:6828 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 advisory
- https://docs.openshift.com/acs/4.1/release_notes/41-release-notes.html advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2243296 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6828.json advisory
- https://access.redhat.com/security/cve/CVE-2023-39325 advisory
- https://www.cve.org/CVERecord?id=CVE-2023-39325 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-39325 advisory
- https://access.redhat.com/security/cve/CVE-2023-44487 advisory
- https://go.dev/issue/63417 advisory
- https://pkg.go.dev/vuln/GO-2023-2102 advisory
- https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 advisory