VDB
RHSA-2024%3A3523
RHSA-2024%3A3523
PUBLISHED
CVSS 7.5 HIGH
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-multus-admission-controller@sha256:61de39f5d63790190177c6a682d0724131a06a397a874489826da04fb3cc51d5_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-multus-admission-controller@sha256:61de39f5d63790190177c6a682d0724131a06a397a874489826da04fb3cc51d5_amd64, * |
| Red Hat | openshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:aecc1bf1e9d2eaaeb59fb208b71a3e1e040067bae7e4895f64a9ff1c491da016_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:aecc1bf1e9d2eaaeb59fb208b71a3e1e040067bae7e4895f64a9ff1c491da016_ppc64le, * |
| Red Hat | openshift4/ose-docker-registry@sha256:39cc1f8ede8ed8293f67b63be43ebe62c84f337946532ab6135fdcafbab2c35a_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-docker-registry@sha256:39cc1f8ede8ed8293f67b63be43ebe62c84f337946532ab6135fdcafbab2c35a_arm64 |
| Red Hat | openshift4/ose-baremetal-installer-rhel8@sha256:e41478089ea6a318117c580db7e40cdc549f78362912e6a83ebc7cd812f511c6_s390x as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-baremetal-installer-rhel8@sha256:e41478089ea6a318117c580db7e40cdc549f78362912e6a83ebc7cd812f511c6_s390x |
| Red Hat | openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7914192f017e8f48822792bfdfd9078796c33aa71dd87598125d936bb776445f_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7914192f017e8f48822792bfdfd9078796c33aa71dd87598125d936bb776445f_s390x, openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7914192f017e8f48822792bfdfd9078796c33aa71dd87598125d936bb776445f_s390x |
| Red Hat | openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:a38118a0bf28a48f4e50b3c6a3f16f010086aade615baf5b4229ce5ccc06dbe1_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:a38118a0bf28a48f4e50b3c6a3f16f010086aade615baf5b4229ce5ccc06dbe1_amd64, * |
| Red Hat | openshift4/ose-pod@sha256:d460ec6b3e3ed9ba49524bb7c0f3762caaffb87a4540b42b178c6c7e9d2459f7_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-pod@sha256:d460ec6b3e3ed9ba49524bb7c0f3762caaffb87a4540b42b178c6c7e9d2459f7_ppc64le, * |
| Red Hat | openshift4/ose-container-networking-plugins-rhel8@sha256:9c9591f49a27c3429ca65bfb328d503dcb0fe9cfb69fbe1ad2741a2415c655c7_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-container-networking-plugins-rhel8@sha256:9c9591f49a27c3429ca65bfb328d503dcb0fe9cfb69fbe1ad2741a2415c655c7_arm64, openshift4/ose-container-networking-plugins-rhel8@sha256:9c9591f49a27c3429ca65bfb328d503dcb0fe9cfb69fbe1ad2741a2415c655c7_arm64 |
| Red Hat | openshift4/ose-cluster-etcd-rhel8-operator@sha256:f204637b011710f7a74b66e941d9d8db590bd4cf1fefbac6c03cf6bb9a29af5a_s390x as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-cluster-etcd-rhel8-operator@sha256:f204637b011710f7a74b66e941d9d8db590bd4cf1fefbac6c03cf6bb9a29af5a_s390x |
| Red Hat | openshift4/ose-kube-storage-version-migrator-rhel8@sha256:70fb2952e84b91b76ba0778d68b2b7811ae3774cffde9210cf0ce36ccf4cd665_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-kube-storage-version-migrator-rhel8@sha256:70fb2952e84b91b76ba0778d68b2b7811ae3774cffde9210cf0ce36ccf4cd665_amd64, openshift4/ose-kube-storage-version-migrator-rhel8@sha256:70fb2952e84b91b76ba0778d68b2b7811ae3774cffde9210cf0ce36ccf4cd665_amd64 |
| Red Hat | openshift4/ose-coredns@sha256:9cf366d9272854657d4a161be81e0f7a217ef0c172862e2ab89a62d6133dc699_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-coredns@sha256:9cf366d9272854657d4a161be81e0f7a217ef0c172862e2ab89a62d6133dc699_ppc64le |
| Red Hat | openshift4/ose-alibaba-cloud-controller-manager-rhel8@sha256:a17fd81ee4ef19933306fded47b4cbb3625b23c48ccc4928ff86004418c8f50e_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-alibaba-cloud-controller-manager-rhel8@sha256:a17fd81ee4ef19933306fded47b4cbb3625b23c48ccc4928ff86004418c8f50e_amd64 |
| Red Hat | openshift4/ose-cluster-autoscaler-operator@sha256:4ddb68ccb93cd00d98aa1a038032d0bc5722c92283a130d7c5e48ebd1fd02348_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | *, * |
| Red Hat | openshift4/ose-service-ca-operator@sha256:2af3b18d2bd3180a0e385f493d2c270d67b054c8d6b289611d742da9577f28c6_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-service-ca-operator@sha256:2af3b18d2bd3180a0e385f493d2c270d67b054c8d6b289611d742da9577f28c6_s390x, openshift4/ose-service-ca-operator@sha256:2af3b18d2bd3180a0e385f493d2c270d67b054c8d6b289611d742da9577f28c6_s390x |
| Red Hat | openshift4/ose-cluster-api-rhel8@sha256:672a7f7f0edb83f1778d36f5038cc950377acb8cc466fcfeafaa6e34c2251c87_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-cluster-api-rhel8@sha256:672a7f7f0edb83f1778d36f5038cc950377acb8cc466fcfeafaa6e34c2251c87_ppc64le, * |
| Red Hat | openshift4/ose-multus-cni@sha256:447df2ba2d9e0882f16d53d6cc8808777cba0f70bcdbc02bfd4184dd1a389795_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-multus-cni@sha256:447df2ba2d9e0882f16d53d6cc8808777cba0f70bcdbc02bfd4184dd1a389795_s390x, openshift4/ose-multus-cni@sha256:447df2ba2d9e0882f16d53d6cc8808777cba0f70bcdbc02bfd4184dd1a389795_s390x |
| Red Hat | openshift4/ose-configmap-reloader@sha256:2ab77d2ab500ec3eea36eb44dd1cd0ddb1c853e8e92e28e1ec9c1ad0704bf487_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | *, * |
| Red Hat | openshift4/ovirt-csi-driver-rhel7@sha256:0fbfe9814d155d48e27dcffc8ea4a55dfcb6501fab4c3c7c722bbc4d5f5d7269_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ovirt-csi-driver-rhel7@sha256:0fbfe9814d155d48e27dcffc8ea4a55dfcb6501fab4c3c7c722bbc4d5f5d7269_s390x, openshift4/ovirt-csi-driver-rhel7@sha256:0fbfe9814d155d48e27dcffc8ea4a55dfcb6501fab4c3c7c722bbc4d5f5d7269_s390x |
| Red Hat | openshift4/ose-cli-artifacts@sha256:6473a62a2cf05ccc0425057509a959db6b51ba556d4a8725329460d750a54581_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-cli-artifacts@sha256:6473a62a2cf05ccc0425057509a959db6b51ba556d4a8725329460d750a54581_amd64 |
| Red Hat | openshift4/ose-cli-artifacts@sha256:8093fdb9b8664137878b01d638e39a2faa38241f6acec45f9d1e4d55a71c1d20_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-cli-artifacts@sha256:8093fdb9b8664137878b01d638e39a2faa38241f6acec45f9d1e4d55a71c1d20_arm64, openshift4/ose-cli-artifacts@sha256:8093fdb9b8664137878b01d638e39a2faa38241f6acec45f9d1e4d55a71c1d20_arm64 |
…and 1346 more
Timeline
- Jun 10, 2024 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 15, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2024:3523 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2268273 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2268854 issue
- https://issues.redhat.com/browse/OCPBUGS-33064 advisory
- https://issues.redhat.com/browse/OCPBUGS-33321 advisory
- https://issues.redhat.com/browse/OCPBUGS-33408 advisory
- https://issues.redhat.com/browse/OCPBUGS-33409 advisory
- https://issues.redhat.com/browse/OCPBUGS-33637 advisory
- https://issues.redhat.com/browse/OCPBUGS-33643 advisory
- https://issues.redhat.com/browse/OCPBUGS-33712 advisory
- https://issues.redhat.com/browse/OCPBUGS-33713 advisory
- https://issues.redhat.com/browse/OCPBUGS-33752 advisory
- https://issues.redhat.com/browse/OCPBUGS-33843 advisory
- https://issues.redhat.com/browse/OCPBUGS-33844 advisory
- https://issues.redhat.com/browse/OCPBUGS-33930 advisory
- https://issues.redhat.com/browse/OCPBUGS-34023 advisory
- https://issues.redhat.com/browse/OCPBUGS-34405 advisory
- https://issues.redhat.com/browse/OCPBUGS-34407 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3523.json advisory
…and 10 more