VDB

RHSA-2023%3A7704

RHSA-2023%3A7704 PUBLISHED CVSS 7.5 HIGH

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatcontainer-native-virtualization/mtq-operator-rhel9@sha256:4ae532845b716ffe917e5629e5a8030dd9e78c341b2bb9aef21373f74f2809b2_amd64 as a component of CNV 4.14 for RHEL 9*, container-native-virtualization/mtq-operator-rhel9@sha256:4ae532845b716ffe917e5629e5a8030dd9e78c341b2bb9aef21373f74f2809b2_amd64, *
Red Hatcontainer-native-virtualization/virtio-win-rhel9@sha256:e50708b574d9169cf7ea0dc0abd178cefb34ca2e13cb36a0edb84106bb92bee2_arm64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/virtio-win-rhel9@sha256:e50708b574d9169cf7ea0dc0abd178cefb34ca2e13cb36a0edb84106bb92bee2_arm64, *, container-native-virtualization/virtio-win-rhel9@sha256:e50708b574d9169cf7ea0dc0abd178cefb34ca2e13cb36a0edb84106bb92bee2_arm64
Red Hatcontainer-native-virtualization/hco-bundle-registry-rhel9@sha256:cf459590e404430fe69ab849d9abd680debbc215aff21eafade3fd3dfa104ed1_amd64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/hco-bundle-registry-rhel9@sha256:cf459590e404430fe69ab849d9abd680debbc215aff21eafade3fd3dfa104ed1_amd64, container-native-virtualization/hco-bundle-registry-rhel9@sha256:cf459590e404430fe69ab849d9abd680debbc215aff21eafade3fd3dfa104ed1_amd64, container-native-virtualization/hco-bundle-registry-rhel9@sha256:cf459590e404430fe69ab849d9abd680debbc215aff21eafade3fd3dfa104ed1_amd64
Red Hatcontainer-native-virtualization/virt-cdi-importer-rhel9@sha256:0d5b25a35ac1f22b40ce97a1ea9b76f2d75c9e3d96bc6b51c6a1264190297c9e_arm64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/virt-cdi-importer-rhel9@sha256:0d5b25a35ac1f22b40ce97a1ea9b76f2d75c9e3d96bc6b51c6a1264190297c9e_arm64, container-native-virtualization/virt-cdi-importer-rhel9@sha256:0d5b25a35ac1f22b40ce97a1ea9b76f2d75c9e3d96bc6b51c6a1264190297c9e_arm64, container-native-virtualization/virt-cdi-importer-rhel9@sha256:0d5b25a35ac1f22b40ce97a1ea9b76f2d75c9e3d96bc6b51c6a1264190297c9e_arm64
Red Hatcontainer-native-virtualization/kubevirt-template-validator-rhel9@sha256:773d6e6d83644bd640a534aab30fbab82cdf486ed0b4592387f85397a62bd374_amd64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/kubevirt-template-validator-rhel9@sha256:773d6e6d83644bd640a534aab30fbab82cdf486ed0b4592387f85397a62bd374_amd64, container-native-virtualization/kubevirt-template-validator-rhel9@sha256:773d6e6d83644bd640a534aab30fbab82cdf486ed0b4592387f85397a62bd374_amd64, container-native-virtualization/kubevirt-template-validator-rhel9@sha256:773d6e6d83644bd640a534aab30fbab82cdf486ed0b4592387f85397a62bd374_amd64
Red Hatcontainer-native-virtualization/virt-exportproxy-rhel9@sha256:f1005c07b2e2d6ed152accd5bafa33f88214937082c43cb5fcc9d7895e3f942f_arm64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/virt-exportproxy-rhel9@sha256:f1005c07b2e2d6ed152accd5bafa33f88214937082c43cb5fcc9d7895e3f942f_arm64, container-native-virtualization/virt-exportproxy-rhel9@sha256:f1005c07b2e2d6ed152accd5bafa33f88214937082c43cb5fcc9d7895e3f942f_arm64, *
Red Hatcontainer-native-virtualization/virt-cdi-apiserver-rhel9@sha256:351fc6af845972da61a843da1f8f8562a90aefee0185409f63cd97558a7145b2_amd64 as a component of CNV 4.14 for RHEL 9*, container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:351fc6af845972da61a843da1f8f8562a90aefee0185409f63cd97558a7145b2_amd64, container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:351fc6af845972da61a843da1f8f8562a90aefee0185409f63cd97558a7145b2_amd64
Red Hatcontainer-native-virtualization/kubemacpool-rhel9@sha256:6a09e826c765dcaae515ab4dda1f2aff3a34c3fe5df66b32fdef7807027657d5_amd64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/kubemacpool-rhel9@sha256:6a09e826c765dcaae515ab4dda1f2aff3a34c3fe5df66b32fdef7807027657d5_amd64, container-native-virtualization/kubemacpool-rhel9@sha256:6a09e826c765dcaae515ab4dda1f2aff3a34c3fe5df66b32fdef7807027657d5_amd64, *
Red Hatcontainer-native-virtualization/kubemacpool-rhel9@sha256:36dc46a039352f347554bd214516c8b12f31393f47069e74dee87a8f4f912c83_arm64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/kubemacpool-rhel9@sha256:36dc46a039352f347554bd214516c8b12f31393f47069e74dee87a8f4f912c83_arm64, container-native-virtualization/kubemacpool-rhel9@sha256:36dc46a039352f347554bd214516c8b12f31393f47069e74dee87a8f4f912c83_arm64, container-native-virtualization/kubemacpool-rhel9@sha256:36dc46a039352f347554bd214516c8b12f31393f47069e74dee87a8f4f912c83_arm64
Red Hatcontainer-native-virtualization/virt-handler-rhel9@sha256:4e41ff90f37cbd8b51e2497c788b2ab778d4c40d4e01110b392645c75f30e5c0_arm64 as a component of CNV 4.14 for RHEL 9*, container-native-virtualization/virt-handler-rhel9@sha256:4e41ff90f37cbd8b51e2497c788b2ab778d4c40d4e01110b392645c75f30e5c0_arm64, *
Red Hatcontainer-native-virtualization/multus-dynamic-networks-rhel9@sha256:da50b4eda7f24a796cd6a6276ee2dec81ee44fa1e8e0c1460ed8d987ba5ae4bf_amd64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/multus-dynamic-networks-rhel9@sha256:da50b4eda7f24a796cd6a6276ee2dec81ee44fa1e8e0c1460ed8d987ba5ae4bf_amd64, *, *
Red Hatcontainer-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:28595fa16395c26d64787a6468d5952e430c7e86fd49ad966179e364cd496112_arm64 as a component of CNV 4.14 for RHEL 9*, *, *
Red Hatcontainer-native-virtualization/virt-launcher-rhel9@sha256:a04403788a1c429c4dbafe34a3f0380b991b0c69af0707d4d13ec9489f2428ce_amd64 as a component of CNV 4.14 for RHEL 9*, container-native-virtualization/virt-launcher-rhel9@sha256:a04403788a1c429c4dbafe34a3f0380b991b0c69af0707d4d13ec9489f2428ce_amd64, container-native-virtualization/virt-launcher-rhel9@sha256:a04403788a1c429c4dbafe34a3f0380b991b0c69af0707d4d13ec9489f2428ce_amd64
Red Hatcontainer-native-virtualization/cnv-must-gather-rhel9@sha256:97e54f6948e760e83d1a2cb36fdee7167674d1f23a3ba6fc0a133ca800946552_amd64 as a component of CNV 4.14 for RHEL 9*, container-native-virtualization/cnv-must-gather-rhel9@sha256:97e54f6948e760e83d1a2cb36fdee7167674d1f23a3ba6fc0a133ca800946552_amd64, container-native-virtualization/cnv-must-gather-rhel9@sha256:97e54f6948e760e83d1a2cb36fdee7167674d1f23a3ba6fc0a133ca800946552_amd64
Red Hatcontainer-native-virtualization/libguestfs-tools-rhel9@sha256:9e799d8b71b729174467901817772b5960adbe29ade08c84f7abf9a8d90c5fdd_arm64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/libguestfs-tools-rhel9@sha256:9e799d8b71b729174467901817772b5960adbe29ade08c84f7abf9a8d90c5fdd_arm64, container-native-virtualization/libguestfs-tools-rhel9@sha256:9e799d8b71b729174467901817772b5960adbe29ade08c84f7abf9a8d90c5fdd_arm64, container-native-virtualization/libguestfs-tools-rhel9@sha256:9e799d8b71b729174467901817772b5960adbe29ade08c84f7abf9a8d90c5fdd_arm64
Red Hatcontainer-native-virtualization/mtq-lock-server-rhel9@sha256:a4e288ee324061d5446993a31b9893e3297f31c8788f96e998ee930bacc25bf8_amd64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/mtq-lock-server-rhel9@sha256:a4e288ee324061d5446993a31b9893e3297f31c8788f96e998ee930bacc25bf8_amd64, container-native-virtualization/mtq-lock-server-rhel9@sha256:a4e288ee324061d5446993a31b9893e3297f31c8788f96e998ee930bacc25bf8_amd64, container-native-virtualization/mtq-lock-server-rhel9@sha256:a4e288ee324061d5446993a31b9893e3297f31c8788f96e998ee930bacc25bf8_amd64
Red Hatcontainer-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f3666171ccd500b7049a6a5fd00fd48ede1ab1a35a1bc982da2fa1af5af165c9_arm64 as a component of CNV 4.14 for RHEL 9*, container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f3666171ccd500b7049a6a5fd00fd48ede1ab1a35a1bc982da2fa1af5af165c9_arm64, container-native-virtualization/cluster-network-addons-operator-rhel9@sha256:f3666171ccd500b7049a6a5fd00fd48ede1ab1a35a1bc982da2fa1af5af165c9_arm64
Red Hatcontainer-native-virtualization/multus-dynamic-networks-rhel9@sha256:e9ea60893a3f6f2939cbbd7a7c864cacbc81e24a61d200ce2a72f359ce13222c_arm64 as a component of CNV 4.14 for RHEL 9container-native-virtualization/multus-dynamic-networks-rhel9@sha256:e9ea60893a3f6f2939cbbd7a7c864cacbc81e24a61d200ce2a72f359ce13222c_arm64, container-native-virtualization/multus-dynamic-networks-rhel9@sha256:e9ea60893a3f6f2939cbbd7a7c864cacbc81e24a61d200ce2a72f359ce13222c_arm64, *
Red Hatcontainer-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:4b6c36ac78fa1c93b5296fa83281c0d775e94fe3c261e60cdda0418f163e91a3_arm64 as a component of CNV 4.14 for RHEL 9*, container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:4b6c36ac78fa1c93b5296fa83281c0d775e94fe3c261e60cdda0418f163e91a3_arm64, container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:4b6c36ac78fa1c93b5296fa83281c0d775e94fe3c261e60cdda0418f163e91a3_arm64
Red Hatcontainer-native-virtualization/virt-cdi-controller-rhel9@sha256:c309e0be5409b143ba6212915ccdf13c812d646684a6a817baba779f0e645ba2_arm64 as a component of CNV 4.14 for RHEL 9*, container-native-virtualization/virt-cdi-controller-rhel9@sha256:c309e0be5409b143ba6212915ccdf13c812d646684a6a817baba779f0e645ba2_arm64, container-native-virtualization/virt-cdi-controller-rhel9@sha256:c309e0be5409b143ba6212915ccdf13c812d646684a6a817baba779f0e645ba2_arm64

…and 157 more

Timeline

  • Dec 7, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 21, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›