VDB
RHSA-2024%3A4010
RHSA-2024%3A4010
PUBLISHED
CVSS 7.5 HIGH
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-keepalived-ipfailover@sha256:1576dcada2c60911639582008402b8ef51672dde067690914e0b0ecdef3fcd5d_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-keepalived-ipfailover@sha256:1576dcada2c60911639582008402b8ef51672dde067690914e0b0ecdef3fcd5d_s390x, openshift4/ose-keepalived-ipfailover@sha256:1576dcada2c60911639582008402b8ef51672dde067690914e0b0ecdef3fcd5d_s390x |
| Red Hat | openshift4/ose-prometheus@sha256:972ec3404d895fc8b56a4c5967ad67a53f69cb1d2fdd2a190a3d39863cdc6e6b_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-prometheus@sha256:972ec3404d895fc8b56a4c5967ad67a53f69cb1d2fdd2a190a3d39863cdc6e6b_arm64, openshift4/ose-prometheus@sha256:972ec3404d895fc8b56a4c5967ad67a53f69cb1d2fdd2a190a3d39863cdc6e6b_arm64 |
| Red Hat | openshift4/ose-etcd-rhel9@sha256:7f5b3d98cb7a38df4ca48858e8693b393c7b4f43df6dc4d5d4d7b81a6150dfcc_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-etcd-rhel9@sha256:7f5b3d98cb7a38df4ca48858e8693b393c7b4f43df6dc4d5d4d7b81a6150dfcc_ppc64le, *, openshift4/ose-etcd-rhel9@sha256:7f5b3d98cb7a38df4ca48858e8693b393c7b4f43df6dc4d5d4d7b81a6150dfcc_ppc64le |
| Red Hat | openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:b92d9f4b2afe2da3e9fc92363fd82c11abcd68c3f5a23fad77df03885bfa4603_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:b92d9f4b2afe2da3e9fc92363fd82c11abcd68c3f5a23fad77df03885bfa4603_arm64 |
| Red Hat | openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:5043ffa05d743be9051ba968eea9ee70571ec16bf818074a1f69d8124f985016_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:5043ffa05d743be9051ba968eea9ee70571ec16bf818074a1f69d8124f985016_ppc64le, *, * |
| Red Hat | openshift4/ose-installer-artifacts@sha256:682ed39ca2533a43a3252b9fd13db1128bf6ec38f98f6b5ed732f551a02a83d8_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-installer-artifacts@sha256:682ed39ca2533a43a3252b9fd13db1128bf6ec38f98f6b5ed732f551a02a83d8_amd64, openshift4/ose-installer-artifacts@sha256:682ed39ca2533a43a3252b9fd13db1128bf6ec38f98f6b5ed732f551a02a83d8_amd64 |
| Red Hat | openshift4/ose-cluster-etcd-rhel8-operator@sha256:3f5d178658e2c004133a3e8925fb01dbb36b9ff8dc345a280506d0493f6c7441_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-cluster-etcd-rhel8-operator@sha256:3f5d178658e2c004133a3e8925fb01dbb36b9ff8dc345a280506d0493f6c7441_amd64, * |
| Red Hat | openshift4/ose-csi-livenessprobe-rhel8@sha256:9e02bdfb890ff53faef351697c43e6c705afaaa7eb021d5197126fedd98544a7_s390x as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-csi-livenessprobe-rhel8@sha256:9e02bdfb890ff53faef351697c43e6c705afaaa7eb021d5197126fedd98544a7_s390x |
| Red Hat | openshift4/ose-olm-catalogd-rhel8@sha256:1e982eb50d20baf6ecf3173ccf3e6ad48a01c09ffdfab5b7b52d274464d5526b_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-olm-catalogd-rhel8@sha256:1e982eb50d20baf6ecf3173ccf3e6ad48a01c09ffdfab5b7b52d274464d5526b_arm64, *, * |
| Red Hat | openshift4/ose-etcd-rhel9@sha256:636373dc2311435d5b28e1d113b5e335b071884dc7e81c943d111c3812d0bb03_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-etcd-rhel9@sha256:636373dc2311435d5b28e1d113b5e335b071884dc7e81c943d111c3812d0bb03_s390x, openshift4/ose-etcd-rhel9@sha256:636373dc2311435d5b28e1d113b5e335b071884dc7e81c943d111c3812d0bb03_s390x |
| Red Hat | openshift4/ose-cluster-ingress-operator@sha256:e97ec07cc8b6c5648e2f40471bbc5b707df3e2cdca099588c129a52e16d134c2_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-cluster-ingress-operator@sha256:e97ec07cc8b6c5648e2f40471bbc5b707df3e2cdca099588c129a52e16d134c2_ppc64le, openshift4/ose-cluster-ingress-operator@sha256:e97ec07cc8b6c5648e2f40471bbc5b707df3e2cdca099588c129a52e16d134c2_ppc64le |
| Red Hat | openshift4/ose-machine-api-provider-openstack-rhel8@sha256:4424e51a57fd738005350307ca48f02afd447c1868a0a2433bc98271c1074a3b_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-machine-api-provider-openstack-rhel8@sha256:4424e51a57fd738005350307ca48f02afd447c1868a0a2433bc98271c1074a3b_arm64, openshift4/ose-machine-api-provider-openstack-rhel8@sha256:4424e51a57fd738005350307ca48f02afd447c1868a0a2433bc98271c1074a3b_arm64 |
| Red Hat | openshift4/ose-cluster-kube-controller-manager-operator@sha256:63f2fa5c72be322447b81f4b6179d7bf34444ee5c225565febb64a54645f5dfc_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-cluster-kube-controller-manager-operator@sha256:63f2fa5c72be322447b81f4b6179d7bf34444ee5c225565febb64a54645f5dfc_ppc64le, openshift4/ose-cluster-kube-controller-manager-operator@sha256:63f2fa5c72be322447b81f4b6179d7bf34444ee5c225565febb64a54645f5dfc_ppc64le |
| Red Hat | openshift4/ose-agent-installer-api-server-rhel8@sha256:ecaca9922ae52607a298cb69dd22adcf623968fa0905721c75c459fd8bd37e1a_s390x as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-agent-installer-api-server-rhel8@sha256:ecaca9922ae52607a298cb69dd22adcf623968fa0905721c75c459fd8bd37e1a_s390x |
| Red Hat | openshift4/ose-aws-cluster-api-controllers-rhel8@sha256:4db37c8d42cd8317a2bcbe8acabf0606c1defb1085ee46675e8de56f7324d3e1_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-aws-cluster-api-controllers-rhel8@sha256:4db37c8d42cd8317a2bcbe8acabf0606c1defb1085ee46675e8de56f7324d3e1_amd64, *, * |
| Red Hat | openshift4/ose-tests@sha256:b0dbfec690392e4cf55527add4c6552ffa43f8ccc288ab1e84dfe81735a006ba_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-tests@sha256:b0dbfec690392e4cf55527add4c6552ffa43f8ccc288ab1e84dfe81735a006ba_ppc64le, openshift4/ose-tests@sha256:b0dbfec690392e4cf55527add4c6552ffa43f8ccc288ab1e84dfe81735a006ba_ppc64le |
| Red Hat | openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:66b626c7d9076b601df080a5706073fca2bfbd33d157e73990f33a165f67c0d5_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:66b626c7d9076b601df080a5706073fca2bfbd33d157e73990f33a165f67c0d5_s390x, *, * |
| Red Hat | openshift4/ose-pod@sha256:f6951cdf0991a5e475a863fd8485313d194b02fd0696a3b6394b66409c82d360_s390x as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-pod@sha256:f6951cdf0991a5e475a863fd8485313d194b02fd0696a3b6394b66409c82d360_s390x, * |
| Red Hat | openshift4/network-tools-rhel8@sha256:c1fcf483a52ac3f77674e23100571665089228d30eec34d99ef8b880629b0510_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/network-tools-rhel8@sha256:c1fcf483a52ac3f77674e23100571665089228d30eec34d99ef8b880629b0510_arm64, * |
| Red Hat | openshift4/ose-vsphere-csi-driver-rhel8@sha256:a0fb27daf2803263c4b2dd45844017308b399d64949df3a0a107fb29eb90510e_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | *, openshift4/ose-vsphere-csi-driver-rhel8@sha256:a0fb27daf2803263c4b2dd45844017308b399d64949df3a0a107fb29eb90510e_amd64 |
…and 1338 more
Timeline
- Jun 26, 2024 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 15, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2024:4010 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2254210 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2258165 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2268273 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2268854 issue
- https://issues.redhat.com/browse/OCPBUGS-34716 advisory
- https://issues.redhat.com/browse/OCPBUGS-35337 advisory
- https://issues.redhat.com/browse/OCPBUGS-35338 advisory
- https://issues.redhat.com/browse/OCPBUGS-35485 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4010.json advisory
- https://access.redhat.com/security/cve/CVE-2023-45288 advisory
- https://www.cve.org/CVERecord?id=CVE-2023-45288 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-45288 advisory
- https://nowotarski.info/http2-continuation-flood/ advisory
- https://pkg.go.dev/vuln/GO-2024-2687 advisory
- https://www.kb.cert.org/vuls/id/421644 advisory
- https://access.redhat.com/security/cve/CVE-2023-48795 advisory
- https://www.cve.org/CVERecord?id=CVE-2023-48795 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-48795 advisory
…and 10 more