VDB

RHSA-2024%3A3315

RHSA-2024%3A3315 PUBLISHED CVSS 7.5 HIGH

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatcontainer-native-virtualization/ovs-cni-plugin-rhel9@sha256:0198b1de73184e4676790862b3dddeae8021283512bf81f50abb320a1e64535d_amd64 as a component of CNV 4.13 for RHEL 9*
Red Hatcontainer-native-virtualization/virt-operator-rhel9@sha256:a4158367bb21c75ce4aad9306abe3c8a95797428d941a9d6b4d9562fbd280280_amd64 as a component of CNV 4.13 for RHEL 9*
Red Hatcontainer-native-virtualization/virt-cdi-importer-rhel9@sha256:40ffde76cf4195a8573fb49e48fbaec62dd1786dd5d52857737ed0eddd27a396_amd64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/virt-cdi-importer-rhel9@sha256:40ffde76cf4195a8573fb49e48fbaec62dd1786dd5d52857737ed0eddd27a396_amd64
Red Hatcontainer-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:aac94783f1fc202506bca64f8e85cf964e7751c073cf7f1210864928f74ced6f_amd64 as a component of CNV 4.13 for RHEL 9*
Red Hatcontainer-native-virtualization/hostpath-provisioner-rhel9@sha256:254f6b5aa19be44e492c57eac47874fcc332242953c923753de317c90dcb8c96_amd64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/hostpath-provisioner-rhel9@sha256:254f6b5aa19be44e492c57eac47874fcc332242953c923753de317c90dcb8c96_amd64
Red Hatcontainer-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:03c178c83c0aea8091ed4122fae030febfddd6422d15d7dc5df19ddd08a70907_amd64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/hostpath-provisioner-operator-rhel9@sha256:03c178c83c0aea8091ed4122fae030febfddd6422d15d7dc5df19ddd08a70907_amd64
Red Hatcontainer-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:0a5ad7e9d9ef1ec0809cb0e69814087de930f39830d7bbeff2ef7c545382e5fe_amd64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9@sha256:0a5ad7e9d9ef1ec0809cb0e69814087de930f39830d7bbeff2ef7c545382e5fe_amd64
Red Hatcontainer-native-virtualization/ovs-cni-plugin-rhel9@sha256:8fd6d59d80eeb1ba032efd1ddbcbf40f3d354b39b527cdb1ce3c01358820206a_arm64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/ovs-cni-plugin-rhel9@sha256:8fd6d59d80eeb1ba032efd1ddbcbf40f3d354b39b527cdb1ce3c01358820206a_arm64
Red Hatcontainer-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:635e222302aa3c9ff9eed7d1de03c7622b30d07ee0bf2d5c8628e8fbc4324d1a_arm64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/virt-cdi-uploadproxy-rhel9@sha256:635e222302aa3c9ff9eed7d1de03c7622b30d07ee0bf2d5c8628e8fbc4324d1a_arm64
Red Hatcontainer-native-virtualization/vm-console-proxy-rhel9@sha256:47f5bbf5fdfbb79d1aaaf7b30629e8c3e601a505c86690c4d950ba7ec5d0bc40_arm64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/vm-console-proxy-rhel9@sha256:47f5bbf5fdfbb79d1aaaf7b30629e8c3e601a505c86690c4d950ba7ec5d0bc40_arm64
Red Hatcontainer-native-virtualization/kubevirt-template-validator-rhel9@sha256:31dcc58238626f998f6c0a4abcfee277b21032c25ef1ca75aa38328b3ac74298_arm64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/kubevirt-template-validator-rhel9@sha256:31dcc58238626f998f6c0a4abcfee277b21032c25ef1ca75aa38328b3ac74298_arm64
Red Hatcontainer-native-virtualization/kubevirt-tekton-tasks-operator-rhel9@sha256:ffe7793dcf7887339d4c47d18f75b70f648cc46af410f5808633ae1327f7845b_arm64 as a component of CNV 4.13 for RHEL 9*
Red Hatcontainer-native-virtualization/kubemacpool-rhel9@sha256:fa52bd6689370d0ed46ad57bf33680f349c7c6348acced6d6d8a49ed064d8acd_amd64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/kubemacpool-rhel9@sha256:fa52bd6689370d0ed46ad57bf33680f349c7c6348acced6d6d8a49ed064d8acd_amd64
Red Hatcontainer-native-virtualization/virt-exportproxy-rhel9@sha256:3c092f36a42f714d70d4b0eec329c88becd71a29fe9416541b0d9eea48d22e7d_arm64 as a component of CNV 4.13 for RHEL 9*
Red Hatcontainer-native-virtualization/kubevirt-console-plugin-rhel9@sha256:bb9622ab311b1c5517fd674373fd9ea8a6a934551820a9d64f645732fd18f459_amd64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:bb9622ab311b1c5517fd674373fd9ea8a6a934551820a9d64f645732fd18f459_amd64
Red Hatcontainer-native-virtualization/virt-launcher-rhel9@sha256:ab4632c2c755e61dd812b01499b7eaa281bea25265d43179730919c913112bb9_arm64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/virt-launcher-rhel9@sha256:ab4632c2c755e61dd812b01499b7eaa281bea25265d43179730919c913112bb9_arm64
Red Hatcontainer-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:d09e282991464ee935d9992deae9594d7997bcd6fd2b215e86ca2669550e0951_arm64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9@sha256:d09e282991464ee935d9992deae9594d7997bcd6fd2b215e86ca2669550e0951_arm64
Red Hatcontainer-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:e7ad1ec04f37cee55bade906be4845d02e79b2a8c8764af427ce0372c42d159f_amd64 as a component of CNV 4.13 for RHEL 9*
Red Hatcontainer-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:c2bccabb2db8b4f4e08c8f0c232a7320662390f286de769f9c76fde9c0968728_arm64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/virt-cdi-uploadserver-rhel9@sha256:c2bccabb2db8b4f4e08c8f0c232a7320662390f286de769f9c76fde9c0968728_arm64
Red Hatcontainer-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:191a138401370cc59ecd78c94758eb02ff606454a7ecbe90514699cf5b016c56_amd64 as a component of CNV 4.13 for RHEL 9container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template-rhel9@sha256:191a138401370cc59ecd78c94758eb02ff606454a7ecbe90514699cf5b016c56_amd64

…and 72 more

Timeline

  • May 23, 2024 CVE Published
  • Apr 25, 2026 CVE Updated
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›