VDB
RHSA-2024%3A2664
RHSA-2024%3A2664
PUBLISHED
CVSS 7.5 HIGH
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-tests@sha256:aa27440e3b79a895a211913b588f1cd4c2735419f43ef4d09048a2b69b158b68_ppc64le as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-tests@sha256:aa27440e3b79a895a211913b588f1cd4c2735419f43ef4d09048a2b69b158b68_ppc64le |
| Red Hat | openshift4/ose-tools-rhel8@sha256:a188fc3b092402b35528aa5a3b2616e1780d1c8508fee0a795f580666522f815_ppc64le as a component of Red Hat OpenShift Container Platform 4.15 | * |
| Red Hat | openshift4/ose-aws-ebs-csi-driver-rhel9-operator@sha256:4effd625a5a9217520e9babec036a3957e105eae14a2be40d5bd072c6ffb3d3d_arm64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-aws-ebs-csi-driver-rhel9-operator@sha256:4effd625a5a9217520e9babec036a3957e105eae14a2be40d5bd072c6ffb3d3d_arm64 |
| Red Hat | openshift4/ose-installer-altinfra-rhel8@sha256:36d30a326c1f9891292d57112a079904e9d70a37fbbae9414f5546ba9e6b6590_arm64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-installer-altinfra-rhel8@sha256:36d30a326c1f9891292d57112a079904e9d70a37fbbae9414f5546ba9e6b6590_arm64 |
| Red Hat | openshift4/ose-must-gather@sha256:53c8f43689b3d69b1a4a4535bf4a79a1628aa1442db42ec0cd304d95805b99df_s390x as a component of Red Hat OpenShift Container Platform 4.15 | * |
| Red Hat | openshift4/ose-cli-artifacts@sha256:3e74037b47b556ce0ffa5120da9ca6532330d004f1f1f5825003409a335293a3_s390x as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-cli-artifacts@sha256:3e74037b47b556ce0ffa5120da9ca6532330d004f1f1f5825003409a335293a3_s390x |
| Red Hat | openshift4/ose-installer@sha256:47c2a68eb9eadc14156a613f070bc51f3fef889f13ec12da924a709abd0641a8_s390x as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-installer@sha256:47c2a68eb9eadc14156a613f070bc51f3fef889f13ec12da924a709abd0641a8_s390x |
| Red Hat | openshift4/ose-ovn-kubernetes-rhel9@sha256:72c15425ef1576cf72c362763e43a3612dc52ee1f93f121bf2e9c9e6699dea32_s390x as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-ovn-kubernetes-rhel9@sha256:72c15425ef1576cf72c362763e43a3612dc52ee1f93f121bf2e9c9e6699dea32_s390x |
| Red Hat | openshift4/network-tools-rhel8@sha256:a4275a5c01217be2564b5798c661538676dfda06185a08b9eab1a4c9c9fc9efe_s390x as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/network-tools-rhel8@sha256:a4275a5c01217be2564b5798c661538676dfda06185a08b9eab1a4c9c9fc9efe_s390x |
| Red Hat | openshift4/ose-agent-installer-node-agent-rhel9@sha256:b244064ab9bea3c323680f74936bf593e6f842480f20111bb29c8f1f06902fd1_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-agent-installer-node-agent-rhel9@sha256:b244064ab9bea3c323680f74936bf593e6f842480f20111bb29c8f1f06902fd1_amd64 |
| Red Hat | openshift4/ose-deployer@sha256:0a7ebec85f3e17a8f35844a619fca43cd239b0b8bbd886da7366fcbee6eb1f39_arm64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-deployer@sha256:0a7ebec85f3e17a8f35844a619fca43cd239b0b8bbd886da7366fcbee6eb1f39_arm64 |
| Red Hat | openshift4/ose-machine-os-images-rhel8@sha256:c7f171fd47fde842d89047c292cabc989a2dbda2e2c0231471e529a34a5b6e95_ppc64le as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-machine-os-images-rhel8@sha256:c7f171fd47fde842d89047c292cabc989a2dbda2e2c0231471e529a34a5b6e95_ppc64le |
| Red Hat | openshift4/ose-cli-artifacts@sha256:f5fdcb9890b1c5104c32e6e4ca376a79321e1aa9db453d3c2b6a95e28b7bb385_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-cli-artifacts@sha256:f5fdcb9890b1c5104c32e6e4ca376a79321e1aa9db453d3c2b6a95e28b7bb385_amd64 |
| Red Hat | openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:56ccfc971be7552d7e99245d44e932c66bc1e522d93416bd357d706a00179996_arm64 as a component of Red Hat OpenShift Container Platform 4.15 | * |
| Red Hat | openshift4/ose-tools-rhel8@sha256:dd003143bb338e991e732dc3fd818dc11df667cab34aa1cd121c75d93ea19ad3_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-tools-rhel8@sha256:dd003143bb338e991e732dc3fd818dc11df667cab34aa1cd121c75d93ea19ad3_amd64 |
| Red Hat | openshift4/ose-console-rhel9-operator@sha256:3a604957a8f550e0b3e857edda6e6baa6a16f8455673a000133443e1e9ecd782_amd64 as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-console-rhel9-operator@sha256:3a604957a8f550e0b3e857edda6e6baa6a16f8455673a000133443e1e9ecd782_amd64 |
| Red Hat | openshift4/ose-deployer@sha256:e17bee91f5117d376213ad8ec680f367aeebd63934df32754154f2e63b07a8d1_ppc64le as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-deployer@sha256:e17bee91f5117d376213ad8ec680f367aeebd63934df32754154f2e63b07a8d1_ppc64le |
| Red Hat | openshift4/ose-tools-rhel8@sha256:d25f2fb83c64ec3b87e05ec380213b7d4adbed8ad137d513b439890892a30dfc_s390x as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-tools-rhel8@sha256:d25f2fb83c64ec3b87e05ec380213b7d4adbed8ad137d513b439890892a30dfc_s390x |
| Red Hat | openshift4/ose-installer-altinfra-rhel8@sha256:7257a993df721a758ea34f42cc9ea239bf2d9a2db961d3cfdd9a62542f712cff_s390x as a component of Red Hat OpenShift Container Platform 4.15 | * |
| Red Hat | openshift4/ose-console@sha256:b3126de1c30a044ecf6120024c8f5f3e3a6b6b20483afce7f37a065b189bd95e_s390x as a component of Red Hat OpenShift Container Platform 4.15 | openshift4/ose-console@sha256:b3126de1c30a044ecf6120024c8f5f3e3a6b6b20483afce7f37a065b189bd95e_s390x |
…and 86 more
Timeline
- May 9, 2024 CVE Published
- Apr 25, 2026 CVE Updated
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2024:2664 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2268273 issue
- https://issues.redhat.com/browse/OCPBUGS-28926 advisory
- https://issues.redhat.com/browse/OCPBUGS-30857 advisory
- https://issues.redhat.com/browse/OCPBUGS-30944 advisory
- https://issues.redhat.com/browse/OCPBUGS-31445 advisory
- https://issues.redhat.com/browse/OCPBUGS-31499 advisory
- https://issues.redhat.com/browse/OCPBUGS-31692 advisory
- https://issues.redhat.com/browse/OCPBUGS-31726 advisory
- https://issues.redhat.com/browse/OCPBUGS-31799 advisory
- https://issues.redhat.com/browse/OCPBUGS-31826 advisory
- https://issues.redhat.com/browse/OCPBUGS-31879 advisory
- https://issues.redhat.com/browse/OCPBUGS-32259 advisory
- https://issues.redhat.com/browse/OCPBUGS-32264 advisory
- https://issues.redhat.com/browse/OCPBUGS-32351 advisory
- https://issues.redhat.com/browse/OCPBUGS-32383 advisory
- https://issues.redhat.com/browse/OCPBUGS-32554 advisory
- https://issues.redhat.com/browse/OCPBUGS-32690 advisory
- https://issues.redhat.com/browse/OCPBUGS-32699 advisory
…and 13 more