RHSA-2023%3A7555
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64 as a component of 9Base-OADP-1.3 | oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64, oadp/oadp-mustgather-rhel9@sha256:1979b2e3a393a936063792a4dbdc52a429b3015a5c661dea9041954aba46c567_amd64, * |
| Red Hat | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x, *, oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:e48934c0a05ff02fc498679a66b4f93242a10686b973c98925006517ed1c3c59_s390x |
| Red Hat | oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64 as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64, *, oadp/oadp-velero-plugin-for-aws-rhel9@sha256:486c3b2f1e8a16986309966473aab35a7aaaf490a25c151ab534a7c029ebd3f1_amd64 |
| Red Hat | oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x, oadp/oadp-velero-plugin-for-csi-rhel9@sha256:6b59f2d1dea625fc1e14275083542986e3d53fdb1dc1d934e3f1f2fa2c90fd5a_s390x, * |
| Red Hat | oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x as a component of 9Base-OADP-1.3 | oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x, *, oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x |
| Red Hat | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64 as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64, *, oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b5da27f7e78679e2d191f4f95da9fed16c6771471fe7fa1cad3eaf5c84c58e74_arm64 |
| Red Hat | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le, oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le, oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1016fe7844ac9bf28c07b8c0d74acdf62854d2bed8319047e557973569d44bbc_ppc64le |
| Red Hat | oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x, oadp/oadp-velero-plugin-rhel9@sha256:71ab195206354afe71631bace4c1754d13e7f9584d84b88513f45ba9e751ed24_s390x, * |
| Red Hat | oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d0b1ab0e8c287286f19ce71d9aacba69510826347f4dda5e0ff7a2be0ef6c88_ppc64le as a component of 9Base-OADP-1.3 | *, *, * |
| Red Hat | oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64 as a component of 9Base-OADP-1.3 | *, oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64, oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:702008d74a7ed324d1da2ac20e2358504bb04d6708d2703a7ea65414450f201d_amd64 |
| Red Hat | oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64 as a component of 9Base-OADP-1.3 | oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64, oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64, oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:3970a66b4525a97ef6ee39fea1570f7b81b0529b281d05d5bad82e2c2261b00d_amd64 |
| Red Hat | oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64 as a component of 9Base-OADP-1.3 | oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64, oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64, oadp/oadp-rhel9-operator@sha256:d6361b290e08f9bfc22d902587206ef81ebdf9e8234475e7b846bb165c6029ba_arm64 |
| Red Hat | oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le as a component of 9Base-OADP-1.3 | oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le, oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le, oadp/oadp-velero-rhel9@sha256:79578a4ab2c7904e2d337be50b9f63afd7c0c39ca10abee7fd9b13e6f481656b_ppc64le |
| Red Hat | oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x as a component of 9Base-OADP-1.3 | *, oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x, oadp/oadp-mustgather-rhel9@sha256:8fb3cce0033e3de7fc67e764de96773eec18f4184cd5f9ddf4b0cd2b2d953220_s390x |
| Red Hat | oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64 as a component of 9Base-OADP-1.3 | oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64, *, oadp/oadp-operator-bundle@sha256:4cde7e9b893b3a9b5c6eccb5496701d1601046cc1487f94d28bed3b0538e9957_amd64 |
| Red Hat | oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f68841818eebf6fd794a4766fcaddacc7476b02e5248a25db45ee325b9dbd682_s390x as a component of 9Base-OADP-1.3 | *, *, * |
| Red Hat | oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le as a component of 9Base-OADP-1.3 | *, oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le, oadp/oadp-rhel9-operator@sha256:e1cb117c57176aaa30641b849a95a23e737215e15f1be784f73870c1f2be02fd_ppc64le |
| Red Hat | oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64 as a component of 9Base-OADP-1.3 | *, *, oadp/oadp-velero-rhel9@sha256:35705ecc01555ec8b6deda36aca73d4a1eb0fdee12ce66f6109cbfe46a9a89b9_amd64 |
| Red Hat | oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64 as a component of 9Base-OADP-1.3 | *, oadp/oadp-operator-bundle@sha256:50e6ff903856253916602dbb2e2fc5d0a2cf013fb710af1fb618c09aed30d09d_arm64, * |
| Red Hat | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62db24300066a4f25fadc6f9f2e38d5ed52053932084524021b98ade564b8a5f_amd64 as a component of 9Base-OADP-1.3 | *, *, * |
…and 69 more
Timeline
- Nov 28, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 21, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:7555 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2242803 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2243296 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2245180 issue
- https://issues.redhat.com/browse/OADP-1167 advisory
- https://issues.redhat.com/browse/OADP-2308 advisory
- https://issues.redhat.com/browse/OADP-2360 advisory
- https://issues.redhat.com/browse/OADP-2450 advisory
- https://issues.redhat.com/browse/OADP-2607 advisory
- https://issues.redhat.com/browse/OADP-2635 advisory
- https://issues.redhat.com/browse/OADP-2679 advisory
- https://issues.redhat.com/browse/OADP-2680 advisory
- https://issues.redhat.com/browse/OADP-2681 advisory
- https://issues.redhat.com/browse/OADP-2686 advisory
- https://issues.redhat.com/browse/OADP-2688 advisory
- https://issues.redhat.com/browse/OADP-2696 advisory
- https://issues.redhat.com/browse/OADP-2717 advisory
- https://issues.redhat.com/browse/OADP-2721 advisory
…and 32 more