VDB

RHSA-2024%3A1052

RHSA-2024%3A1052 PUBLISHED CVSS 7.5 HIGH

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-olm-rukpak-rhel8@sha256:01369348d4f61bb28c2d19b80c099a1199af35cd146ef7ba882825da00984aa6_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-olm-rukpak-rhel8@sha256:01369348d4f61bb28c2d19b80c099a1199af35cd146ef7ba882825da00984aa6_ppc64le, openshift4/ose-olm-rukpak-rhel8@sha256:01369348d4f61bb28c2d19b80c099a1199af35cd146ef7ba882825da00984aa6_ppc64le, openshift4/ose-olm-rukpak-rhel8@sha256:01369348d4f61bb28c2d19b80c099a1199af35cd146ef7ba882825da00984aa6_ppc64le
Red Hatopenshift4/ose-csi-snapshot-controller-rhel8@sha256:a9aa285e37922276048ec65da30f81544476f6e0aaa66669f39172ff16553906_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-csi-snapshot-controller-rhel8@sha256:a9aa285e37922276048ec65da30f81544476f6e0aaa66669f39172ff16553906_arm64, *, openshift4/ose-csi-snapshot-controller-rhel8@sha256:a9aa285e37922276048ec65da30f81544476f6e0aaa66669f39172ff16553906_arm64
Red Hatopenshift4/ose-csi-snapshot-controller-rhel8@sha256:f1bbdb10de40720da4f9726a1565bb33b04f3225ca9dd3d5ee2c981c4c8edb2e_s390x as a component of Red Hat OpenShift Container Platform 4.12*, *, openshift4/ose-csi-snapshot-controller-rhel8@sha256:f1bbdb10de40720da4f9726a1565bb33b04f3225ca9dd3d5ee2c981c4c8edb2e_s390x
Red Hatopenshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:c61e5acc0e0e847e6a3f5166a532f06be5b3a6776f07c9a2089021c6b87e8d17_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:c61e5acc0e0e847e6a3f5166a532f06be5b3a6776f07c9a2089021c6b87e8d17_amd64, openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:c61e5acc0e0e847e6a3f5166a532f06be5b3a6776f07c9a2089021c6b87e8d17_amd64
Red Hatopenshift4/ose-olm-rukpak-rhel8@sha256:01369348d4f61bb28c2d19b80c099a1199af35cd146ef7ba882825da00984aa6_ppc64le as a component of Red Hat OpenShift Container Platform 4.12*, *, openshift4/ose-olm-rukpak-rhel8@sha256:01369348d4f61bb28c2d19b80c099a1199af35cd146ef7ba882825da00984aa6_ppc64le
Red Hatopenshift4/ose-csi-external-snapshotter@sha256:243cbc2b1f798af2cbac260104336f689a95aae08493a06ae17b386a0c5f957c_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-csi-external-snapshotter@sha256:243cbc2b1f798af2cbac260104336f689a95aae08493a06ae17b386a0c5f957c_amd64, *, *
Red Hatopenshift4/ose-csi-external-snapshotter@sha256:189d3c8b6f04292607820446ed9bbda1d8adb99fbf01bf9297baeb63493d917e_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-csi-external-snapshotter@sha256:189d3c8b6f04292607820446ed9bbda1d8adb99fbf01bf9297baeb63493d917e_arm64, openshift4/ose-csi-external-snapshotter@sha256:189d3c8b6f04292607820446ed9bbda1d8adb99fbf01bf9297baeb63493d917e_arm64, openshift4/ose-csi-external-snapshotter@sha256:189d3c8b6f04292607820446ed9bbda1d8adb99fbf01bf9297baeb63493d917e_arm64
Red Hatopenshift4/network-tools-rhel8@sha256:04ce678eca9f2dce98ed89c931c58ed01defc49ec0bef2756b0a6260b290e9af_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/network-tools-rhel8@sha256:04ce678eca9f2dce98ed89c931c58ed01defc49ec0bef2756b0a6260b290e9af_amd64, *, *
Red Hatopenshift4/ose-installer-artifacts@sha256:960aa8e5c71e83f6d23e62da6caaf112b555d66d83e14bc0bd35c6f48fa21579_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-installer-artifacts@sha256:960aa8e5c71e83f6d23e62da6caaf112b555d66d83e14bc0bd35c6f48fa21579_s390x, openshift4/ose-installer-artifacts@sha256:960aa8e5c71e83f6d23e62da6caaf112b555d66d83e14bc0bd35c6f48fa21579_s390x, *
Red Hatopenshift4/ose-tests@sha256:81f4d8ffc98c258fc04a433c410faf3eef60acdc23108edca678879996df3209_ppc64le as a component of Red Hat OpenShift Container Platform 4.12*, *, openshift4/ose-tests@sha256:81f4d8ffc98c258fc04a433c410faf3eef60acdc23108edca678879996df3209_ppc64le
Red Hatopenshift4/ose-olm-rukpak-rhel8@sha256:86289d93043609b8f86022a34bf2c65394e71b18e9211ff5ea22e22cb2a9845f_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-olm-rukpak-rhel8@sha256:86289d93043609b8f86022a34bf2c65394e71b18e9211ff5ea22e22cb2a9845f_s390x, *, openshift4/ose-olm-rukpak-rhel8@sha256:86289d93043609b8f86022a34bf2c65394e71b18e9211ff5ea22e22cb2a9845f_s390x
Red Hatopenshift4/ose-csi-external-snapshotter-rhel8@sha256:e3f7e2a427acce5bc3ea21342a8840c9b608a9e30cb4fc0556904de787b76332_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-csi-external-snapshotter-rhel8@sha256:e3f7e2a427acce5bc3ea21342a8840c9b608a9e30cb4fc0556904de787b76332_ppc64le, openshift4/ose-csi-external-snapshotter-rhel8@sha256:e3f7e2a427acce5bc3ea21342a8840c9b608a9e30cb4fc0556904de787b76332_ppc64le, openshift4/ose-csi-external-snapshotter-rhel8@sha256:e3f7e2a427acce5bc3ea21342a8840c9b608a9e30cb4fc0556904de787b76332_ppc64le
Red Hatopenshift4/ose-baremetal-installer-rhel8@sha256:7b8fc31cd3a991ef09f18830722beabc341c80019e8b8bfb841ccf854dc12acd_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-baremetal-installer-rhel8@sha256:7b8fc31cd3a991ef09f18830722beabc341c80019e8b8bfb841ccf854dc12acd_amd64, openshift4/ose-baremetal-installer-rhel8@sha256:7b8fc31cd3a991ef09f18830722beabc341c80019e8b8bfb841ccf854dc12acd_amd64, openshift4/ose-baremetal-installer-rhel8@sha256:7b8fc31cd3a991ef09f18830722beabc341c80019e8b8bfb841ccf854dc12acd_amd64
Red Hatrhcos@sha256:463ff8348302ea56c93da35bec2f50136ed9ade1cc00956b8f586744d3838e3d_s390x as a component of Red Hat OpenShift Container Platform 4.12rhcos@sha256:463ff8348302ea56c93da35bec2f50136ed9ade1cc00956b8f586744d3838e3d_s390x, *, *
Red Hatopenshift4/driver-toolkit-rhel8@sha256:ce5fb7e5f8a80271acff183becd97627d79507713594306cb1a29bff22cf24c0_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/driver-toolkit-rhel8@sha256:ce5fb7e5f8a80271acff183becd97627d79507713594306cb1a29bff22cf24c0_s390x, *, *
Red Hatopenshift4/ose-ironic-rhel9@sha256:d3a9c332f504054aec0729944ccccf45d33983cf20ec8249a5af949c944f38b7_arm64 as a component of Red Hat OpenShift Container Platform 4.12*, *, openshift4/ose-ironic-rhel9@sha256:d3a9c332f504054aec0729944ccccf45d33983cf20ec8249a5af949c944f38b7_arm64
Red Hatopenshift4/driver-toolkit-rhel8@sha256:c9247a566b200f0da3a6299d595b737a6796117dfd7937924f907376ac09293b_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/driver-toolkit-rhel8@sha256:c9247a566b200f0da3a6299d595b737a6796117dfd7937924f907376ac09293b_ppc64le, openshift4/driver-toolkit-rhel8@sha256:c9247a566b200f0da3a6299d595b737a6796117dfd7937924f907376ac09293b_ppc64le, openshift4/driver-toolkit-rhel8@sha256:c9247a566b200f0da3a6299d595b737a6796117dfd7937924f907376ac09293b_ppc64le
Red Hatopenshift4/ose-machine-os-images-rhel8@sha256:20e0b77fc0335ad495b3cdb2359392442844b2017ccdaa95b8edddf9b319e87c_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-machine-os-images-rhel8@sha256:20e0b77fc0335ad495b3cdb2359392442844b2017ccdaa95b8edddf9b319e87c_amd64, openshift4/ose-machine-os-images-rhel8@sha256:20e0b77fc0335ad495b3cdb2359392442844b2017ccdaa95b8edddf9b319e87c_amd64, openshift4/ose-machine-os-images-rhel8@sha256:20e0b77fc0335ad495b3cdb2359392442844b2017ccdaa95b8edddf9b319e87c_amd64
Red Hatopenshift4/ose-csi-external-snapshotter-rhel8@sha256:066407a4c7015fe82c2efd69c8c2ea49e427db0fc7f7caacd671a8670e5cce3e_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-csi-external-snapshotter-rhel8@sha256:066407a4c7015fe82c2efd69c8c2ea49e427db0fc7f7caacd671a8670e5cce3e_s390x, openshift4/ose-csi-external-snapshotter-rhel8@sha256:066407a4c7015fe82c2efd69c8c2ea49e427db0fc7f7caacd671a8670e5cce3e_s390x, *
Red Hatopenshift4/ose-insights-rhel8-operator@sha256:d76ab3b561df3672a748deef61efe621d17631a01e523a5328d73693d4923fb2_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, *, openshift4/ose-insights-rhel8-operator@sha256:d76ab3b561df3672a748deef61efe621d17631a01e523a5328d73693d4923fb2_amd64

…and 168 more

Timeline

  • Mar 6, 2024 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 16, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›