VDB
RHSA-2024%3A10758
RHSA-2024%3A10758
PUBLISHED
CVSS 5.900000095367432 MEDIUM
A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:88537e6dfb4ca1ce326d8d8c1fec23b6f636ffbf15ea7aa1b12c91582fd8ed82_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:88537e6dfb4ca1ce326d8d8c1fec23b6f636ffbf15ea7aa1b12c91582fd8ed82_amd64 |
| Red Hat | container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:c1ffbfaaceee9654455312bd7ee41457238a9bbb446065317aa8c2c09174ac50_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:c1ffbfaaceee9654455312bd7ee41457238a9bbb446065317aa8c2c09174ac50_amd64 |
| Red Hat | container-native-virtualization/hco-bundle-registry@sha256:066b34c68d1441dbe686b5d42dac12ee912f12e60934cd7c7a315b2b7edda2c9_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/hco-bundle-registry@sha256:066b34c68d1441dbe686b5d42dac12ee912f12e60934cd7c7a315b2b7edda2c9_amd64 |
| Red Hat | container-native-virtualization/kubevirt-console-plugin@sha256:cc438c5e1b4af9bec41c9f5d59d38d6bd80b6687759d13ce829a5e9af765441b_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/kubevirt-console-plugin@sha256:cc438c5e1b4af9bec41c9f5d59d38d6bd80b6687759d13ce829a5e9af765441b_amd64 |
| Red Hat | container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:e70e2745b2580c67cd1d1514d2d92e415a45e97508e34449671a7e4dd9d67fd8_amd64 as a component of CNV 4.12 for RHEL 8 | * |
| Red Hat | container-native-virtualization/virt-exportserver@sha256:3fb4fa139bfdd8320cba6f9efea8338728e2610ce010d90b79bec68fb8fad5e2_amd64 as a component of CNV 4.12 for RHEL 8 | * |
| Red Hat | container-native-virtualization/kubemacpool@sha256:003e7f25d41c3f2778a1f0e302bfd7d494c7ebe47b3670764d3b12564a04a111_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/kubemacpool@sha256:003e7f25d41c3f2778a1f0e302bfd7d494c7ebe47b3670764d3b12564a04a111_amd64 |
| Red Hat | container-native-virtualization/kubevirt-template-validator@sha256:01d99c961937139fb25fa1d539d8b48bd20c4e0c39852fb9b0516657438c5b2b_amd64 as a component of CNV 4.12 for RHEL 8 | * |
| Red Hat | container-native-virtualization/virt-controller@sha256:c769b847818688e3aeb94ebefb204ea65a15f1369a6309e14cb398fc85a57208_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/virt-controller@sha256:c769b847818688e3aeb94ebefb204ea65a15f1369a6309e14cb398fc85a57208_amd64 |
| Red Hat | container-native-virtualization/ovs-cni-marker@sha256:efadea176105da1674b84def29d40810fad037bf9b4ac7c4be69c210d4071c74_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/ovs-cni-marker@sha256:efadea176105da1674b84def29d40810fad037bf9b4ac7c4be69c210d4071c74_amd64 |
| Red Hat | container-native-virtualization/virt-cdi-cloner@sha256:a1eb9cd7bebbd815a12e11ba6dad497d4de4310a6cadb688018028d4b7b5d799_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/virt-cdi-cloner@sha256:a1eb9cd7bebbd815a12e11ba6dad497d4de4310a6cadb688018028d4b7b5d799_amd64 |
| Red Hat | container-native-virtualization/virt-exportproxy@sha256:3504076518fbcd2c15018fd961b925a06b2ab1fdc8be2111d63a7eb5e7cf94e4_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/virt-exportproxy@sha256:3504076518fbcd2c15018fd961b925a06b2ab1fdc8be2111d63a7eb5e7cf94e4_amd64 |
| Red Hat | container-native-virtualization/virt-cdi-uploadproxy@sha256:b4da629c0a10985a21f52f4736bcdfe745e78ff01be8a9146d420bd134a126ae_amd64 as a component of CNV 4.12 for RHEL 8 | * |
| Red Hat | container-native-virtualization/virt-cdi-controller@sha256:1f61a2b5c8a2e17d5e8fc193888760cd4d2b3e0a6ff8ea0112baab3ce5427a6f_amd64 as a component of CNV 4.12 for RHEL 8 | * |
| Red Hat | container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:f89db14d1a951d2b19586a4b76e354c114a8c435e74f492de8cda3ec8ec16fa8_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:f89db14d1a951d2b19586a4b76e354c114a8c435e74f492de8cda3ec8ec16fa8_amd64 |
| Red Hat | container-native-virtualization/virt-cdi-operator@sha256:4a99967fb51f4eda2a8c955686e2094b0234dba3e2746752507d730a73118c03_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/virt-cdi-operator@sha256:4a99967fb51f4eda2a8c955686e2094b0234dba3e2746752507d730a73118c03_amd64 |
| Red Hat | container-native-virtualization/virt-cdi-uploadserver@sha256:12bca90a5a7df628d7952215d3fbccdd1238ce1d08d2c0a2a244a32d6da813d6_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/virt-cdi-uploadserver@sha256:12bca90a5a7df628d7952215d3fbccdd1238ce1d08d2c0a2a244a32d6da813d6_amd64 |
| Red Hat | container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:9b55a9637b64fe1f87c4099cade7217bae7e6942b975a5269a52cb52b89366f9_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:9b55a9637b64fe1f87c4099cade7217bae7e6942b975a5269a52cb52b89366f9_amd64 |
| Red Hat | container-native-virtualization/virtio-win@sha256:e7f5976400020d28968915a4dff0d55ec21780e88b50bca6ab64473f2634a895_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/virtio-win@sha256:e7f5976400020d28968915a4dff0d55ec21780e88b50bca6ab64473f2634a895_amd64 |
| Red Hat | container-native-virtualization/kubevirt-ssp-operator@sha256:215c5087356114c6cd18d41e2d1f77956a1020b57ab111d1661cf40d00020faf_amd64 as a component of CNV 4.12 for RHEL 8 | container-native-virtualization/kubevirt-ssp-operator@sha256:215c5087356114c6cd18d41e2d1f77956a1020b57ab111d1661cf40d00020faf_amd64 |
…and 23 more
Timeline
- Dec 3, 2024 CVE Published
- Apr 30, 2026 CVE Updated
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2024:10758 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2295310 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10758.json advisory
- https://access.redhat.com/security/cve/CVE-2024-24791 advisory
- https://www.cve.org/CVERecord?id=CVE-2024-24791 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-24791 advisory
- https://go.dev/cl/591255 advisory
- https://go.dev/issue/67555 advisory
- https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ advisory