VDB

RHSA-2023%3A7831

RHSA-2023%3A7831 PUBLISHED CVSS 7.5 HIGH

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-installer@sha256:9ff299b9a0d0ab0e1f8a9dee7665913fd75b0ea1aeca645cf79f583ea7a9a64e_arm64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-installer@sha256:9ff299b9a0d0ab0e1f8a9dee7665913fd75b0ea1aeca645cf79f583ea7a9a64e_arm64, openshift4/ose-installer@sha256:9ff299b9a0d0ab0e1f8a9dee7665913fd75b0ea1aeca645cf79f583ea7a9a64e_arm64
Red Hatrhcos@sha256:c63c7862ff0cfcc00e91ae6c4d10270e5044c5dc31d4f380ff357a6f7369f849_x86_64 as a component of Red Hat OpenShift Container Platform 4.14*, *, rhcos@sha256:c63c7862ff0cfcc00e91ae6c4d10270e5044c5dc31d4f380ff357a6f7369f849_x86_64
Red Hatopenshift4/ose-installer@sha256:3594ff65c1f719d381dc980987ac6c35646f275678dd7fe1d1067f6105fce0aa_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-installer@sha256:3594ff65c1f719d381dc980987ac6c35646f275678dd7fe1d1067f6105fce0aa_amd64, *, *
Red Hatopenshift4/ose-telemeter@sha256:da9378f0f0ec61e3f30433691bb5a9e6b703cb0a521346af2a4cd973f9853103_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-telemeter@sha256:da9378f0f0ec61e3f30433691bb5a9e6b703cb0a521346af2a4cd973f9853103_ppc64le, openshift4/ose-telemeter@sha256:da9378f0f0ec61e3f30433691bb5a9e6b703cb0a521346af2a4cd973f9853103_ppc64le
Red Hatopenshift4/ose-sdn-rhel8@sha256:1cee8dde41fdcaa6ec80f84524269343266e617a2e183a7d48154412ab24d770_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-sdn-rhel8@sha256:1cee8dde41fdcaa6ec80f84524269343266e617a2e183a7d48154412ab24d770_amd64, openshift4/ose-sdn-rhel8@sha256:1cee8dde41fdcaa6ec80f84524269343266e617a2e183a7d48154412ab24d770_amd64
Red Hatopenshift4/ose-powervs-block-csi-driver-rhel8@sha256:227e7506c5b4f6808aed625382a3a0d2e5682ca83dda9042151d8b7a07ec7fd2_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, *, openshift4/ose-powervs-block-csi-driver-rhel8@sha256:227e7506c5b4f6808aed625382a3a0d2e5682ca83dda9042151d8b7a07ec7fd2_amd64
Red Hatopenshift4/ose-machine-api-provider-openstack-rhel8@sha256:55639301a0de61e13ca93c81e1777858a321ba44b7b49c76e06b32700b5bd9f4_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-machine-api-provider-openstack-rhel8@sha256:55639301a0de61e13ca93c81e1777858a321ba44b7b49c76e06b32700b5bd9f4_ppc64le, *
Red Hatrhcos@sha256:c63c7862ff0cfcc00e91ae6c4d10270e5044c5dc31d4f380ff357a6f7369f849_x86_64 as a component of Red Hat OpenShift Container Platform 4.14rhcos@sha256:c63c7862ff0cfcc00e91ae6c4d10270e5044c5dc31d4f380ff357a6f7369f849_x86_64, rhcos@sha256:c63c7862ff0cfcc00e91ae6c4d10270e5044c5dc31d4f380ff357a6f7369f849_x86_64, *
Red Hatopenshift4/ose-installer-artifacts@sha256:69d1175a1aa3643253c9961dfa09b770a1293181cad3b54415052c5afa528930_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-installer-artifacts@sha256:69d1175a1aa3643253c9961dfa09b770a1293181cad3b54415052c5afa528930_arm64, openshift4/ose-installer-artifacts@sha256:69d1175a1aa3643253c9961dfa09b770a1293181cad3b54415052c5afa528930_arm64, *
Red Hatopenshift4/ose-agent-installer-api-server-rhel8@sha256:49e4f23b436aacca68dfd65f9556ef44d22d29fa244077267bd8c1e81354f462_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-agent-installer-api-server-rhel8@sha256:49e4f23b436aacca68dfd65f9556ef44d22d29fa244077267bd8c1e81354f462_s390x, openshift4/ose-agent-installer-api-server-rhel8@sha256:49e4f23b436aacca68dfd65f9556ef44d22d29fa244077267bd8c1e81354f462_s390x, openshift4/ose-agent-installer-api-server-rhel8@sha256:49e4f23b436aacca68dfd65f9556ef44d22d29fa244077267bd8c1e81354f462_s390x
Red Hatopenshift4/ose-installer-artifacts@sha256:0636750c6fd295a0999340016e23d4674d42d388a9057ccdbcd5e2fe336f06db_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-installer-artifacts@sha256:0636750c6fd295a0999340016e23d4674d42d388a9057ccdbcd5e2fe336f06db_amd64, openshift4/ose-installer-artifacts@sha256:0636750c6fd295a0999340016e23d4674d42d388a9057ccdbcd5e2fe336f06db_amd64, openshift4/ose-installer-artifacts@sha256:0636750c6fd295a0999340016e23d4674d42d388a9057ccdbcd5e2fe336f06db_amd64
Red Hatopenshift4/ose-cluster-network-operator@sha256:b2841953d4a77d05f3ef7ff2ffec64701ca9da942e694de292a68b5c9002ea20_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, *, openshift4/ose-cluster-network-operator@sha256:b2841953d4a77d05f3ef7ff2ffec64701ca9da942e694de292a68b5c9002ea20_ppc64le
Red Hatopenshift4/ose-installer-artifacts@sha256:cdaf3811a7d0575c6c56b382cae735a4f7ccc66b373deae21cd79510ae02e688_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-installer-artifacts@sha256:cdaf3811a7d0575c6c56b382cae735a4f7ccc66b373deae21cd79510ae02e688_ppc64le, *, openshift4/ose-installer-artifacts@sha256:cdaf3811a7d0575c6c56b382cae735a4f7ccc66b373deae21cd79510ae02e688_ppc64le
Red Hatopenshift4/ose-telemeter@sha256:d100636976716b2c96dc7f5d3191f26f2c7055b7182c36c53473ace86182189e_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-telemeter@sha256:d100636976716b2c96dc7f5d3191f26f2c7055b7182c36c53473ace86182189e_amd64, *, *
Red Hatopenshift4/ose-console@sha256:6b3e6cf90e97a6338f3b5315a1715207e5fd7f52d11af837010234f4d297f483_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-console@sha256:6b3e6cf90e97a6338f3b5315a1715207e5fd7f52d11af837010234f4d297f483_arm64, openshift4/ose-console@sha256:6b3e6cf90e97a6338f3b5315a1715207e5fd7f52d11af837010234f4d297f483_arm64, *
Red Hatopenshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:e2ba4413af0d647711f7429a62f6798f8fa7918929e8b91e0c9f32cec2448dd4_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, *, openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:e2ba4413af0d647711f7429a62f6798f8fa7918929e8b91e0c9f32cec2448dd4_ppc64le
Red Hatopenshift4/ose-sdn-rhel8@sha256:1cee8dde41fdcaa6ec80f84524269343266e617a2e183a7d48154412ab24d770_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-sdn-rhel8@sha256:1cee8dde41fdcaa6ec80f84524269343266e617a2e183a7d48154412ab24d770_amd64, openshift4/ose-sdn-rhel8@sha256:1cee8dde41fdcaa6ec80f84524269343266e617a2e183a7d48154412ab24d770_amd64, *
Red Hatopenshift4/ose-console-operator@sha256:0b40a2ea8aeae0de82015100f15696766034c9bf6b763f65f6519f416365f567_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-console-operator@sha256:0b40a2ea8aeae0de82015100f15696766034c9bf6b763f65f6519f416365f567_arm64, openshift4/ose-console-operator@sha256:0b40a2ea8aeae0de82015100f15696766034c9bf6b763f65f6519f416365f567_arm64, openshift4/ose-console-operator@sha256:0b40a2ea8aeae0de82015100f15696766034c9bf6b763f65f6519f416365f567_arm64
Red Hatopenshift4/ose-vmware-vsphere-csi-driver-operator-rhel8@sha256:c2fde945ab61dd02a81102af3917a4c25759618afda5af650626e4c45015daa6_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8@sha256:c2fde945ab61dd02a81102af3917a4c25759618afda5af650626e4c45015daa6_amd64, *, *
Red Hatopenshift4/ose-console@sha256:647563ddc17694e3815b939bf7b3d3fcf16917cd960f9d2b5d97fc85613d07df_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-console@sha256:647563ddc17694e3815b939bf7b3d3fcf16917cd960f9d2b5d97fc85613d07df_ppc64le, *, *

…and 279 more

Timeline

  • Jan 3, 2024 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 21, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›