VDB
RHSA-2024%3A4479
RHSA-2024%3A4479
PUBLISHED
CVSS 5.900000095367432 MEDIUM
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-thanos-rhel8@sha256:8b633c8e4c9f4d08c735fa646592e74c7bd10faac7459f125f45563924ca0773_s390x as a component of Red Hat OpenShift Container Platform 4.14 | *, * |
| Red Hat | openshift4/ose-libvirt-machine-controllers@sha256:566db37d0493ff9f1e2194bb8dc93e70d0dd303becbb3c3f0daf0ef0c90b1793_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-libvirt-machine-controllers@sha256:566db37d0493ff9f1e2194bb8dc93e70d0dd303becbb3c3f0daf0ef0c90b1793_amd64 |
| Red Hat | openshift4/ose-cluster-network-operator@sha256:dc02325a0b585bf6b659d481a991d2a6a46bb4582e59135a4f8849325df890de_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-cluster-network-operator@sha256:dc02325a0b585bf6b659d481a991d2a6a46bb4582e59135a4f8849325df890de_arm64 |
| Red Hat | openshift4/ose-machine-config-operator@sha256:63039c0d7bb4a54d6a481870194be7c8d067fa060d38c77a00d070998ba58210_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-machine-config-operator@sha256:63039c0d7bb4a54d6a481870194be7c8d067fa060d38c77a00d070998ba58210_amd64, openshift4/ose-machine-config-operator@sha256:63039c0d7bb4a54d6a481870194be7c8d067fa060d38c77a00d070998ba58210_amd64 |
| Red Hat | openshift4/ose-agent-installer-node-agent-rhel9@sha256:3fe775c6fe3faf2aeb9fbbde34b82f955426a37a86b27fe7610b5c68c74f0902_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-agent-installer-node-agent-rhel9@sha256:3fe775c6fe3faf2aeb9fbbde34b82f955426a37a86b27fe7610b5c68c74f0902_ppc64le |
| Red Hat | openshift4/ose-thanos-rhel8@sha256:00c4d918569ec588a8526624e6589f5ca201ca2bf73fb1880b4cda89adf2eef9_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-thanos-rhel8@sha256:00c4d918569ec588a8526624e6589f5ca201ca2bf73fb1880b4cda89adf2eef9_ppc64le |
| Red Hat | openshift4/ose-prom-label-proxy@sha256:2cebae3a023152d7f4075f8e132ad76f2e4b3b1be62d926826bb332459a5714f_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | * |
| Red Hat | openshift4/ose-insights-rhel8-operator@sha256:21db7ef00ab899928085c6bdc9d94f7ae31ea1074d9a3c2d59c3227dbd07ce2f_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | * |
| Red Hat | openshift4/ose-prometheus@sha256:3c896664ee140743667e9860ca07824ec7a37b5a557a2c36a7f133a1c3f1733e_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-prometheus@sha256:3c896664ee140743667e9860ca07824ec7a37b5a557a2c36a7f133a1c3f1733e_amd64, openshift4/ose-prometheus@sha256:3c896664ee140743667e9860ca07824ec7a37b5a557a2c36a7f133a1c3f1733e_amd64 |
| Red Hat | openshift4/ose-machine-config-operator@sha256:e673d79d3962b618953fd03769c89cd9ae8f0e5827b1fdee01ebff5072daf671_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-machine-config-operator@sha256:e673d79d3962b618953fd03769c89cd9ae8f0e5827b1fdee01ebff5072daf671_s390x |
| Red Hat | openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:9b95a5b3ace0c77b6db1a755f6d7d894f27ff6afa2c5fb6f47cbb0d5a2d16248_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:9b95a5b3ace0c77b6db1a755f6d7d894f27ff6afa2c5fb6f47cbb0d5a2d16248_amd64, openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:9b95a5b3ace0c77b6db1a755f6d7d894f27ff6afa2c5fb6f47cbb0d5a2d16248_amd64 |
| Red Hat | openshift4/ose-monitoring-plugin-rhel8@sha256:7791d12ecafd4be1566fdc676846a264e8b31347bcf18f6f9d3363db0e4105e8_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-monitoring-plugin-rhel8@sha256:7791d12ecafd4be1566fdc676846a264e8b31347bcf18f6f9d3363db0e4105e8_amd64, * |
| Red Hat | openshift4/ose-prometheus-node-exporter@sha256:76233ed4d13829fd6470a7486b1b91d7bea8865f273be15b1adfc1cc7a4a63fb_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-prometheus-node-exporter@sha256:76233ed4d13829fd6470a7486b1b91d7bea8865f273be15b1adfc1cc7a4a63fb_arm64, openshift4/ose-prometheus-node-exporter@sha256:76233ed4d13829fd6470a7486b1b91d7bea8865f273be15b1adfc1cc7a4a63fb_arm64 |
| Red Hat | openshift4/ose-baremetal-installer-rhel8@sha256:24e8b078e0d99d1241495039befac8cbe95fa24f97f3a05c5ccbb869b43f5f38_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-baremetal-installer-rhel8@sha256:24e8b078e0d99d1241495039befac8cbe95fa24f97f3a05c5ccbb869b43f5f38_s390x, openshift4/ose-baremetal-installer-rhel8@sha256:24e8b078e0d99d1241495039befac8cbe95fa24f97f3a05c5ccbb869b43f5f38_s390x |
| Red Hat | openshift4/ose-agent-installer-api-server-rhel8@sha256:0d7b7b8d56ad9444e973db1f6d56ceec26aefe516bad1d7fe6d73abf4d9afc59_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | * |
| Red Hat | openshift4/ose-machine-os-images-rhel8@sha256:d255dd84db0d40bc5bdd97bfaeac999c2d84ab315de9eb17ba72540ba10ef41f_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-machine-os-images-rhel8@sha256:d255dd84db0d40bc5bdd97bfaeac999c2d84ab315de9eb17ba72540ba10ef41f_arm64, openshift4/ose-machine-os-images-rhel8@sha256:d255dd84db0d40bc5bdd97bfaeac999c2d84ab315de9eb17ba72540ba10ef41f_arm64 |
| Red Hat | openshift4/ose-console@sha256:b8ce897692f566e0a0032f3093a5933d08cfe01e783da6ce6413b710e33fae40_arm64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-console@sha256:b8ce897692f566e0a0032f3093a5933d08cfe01e783da6ce6413b710e33fae40_arm64, openshift4/ose-console@sha256:b8ce897692f566e0a0032f3093a5933d08cfe01e783da6ce6413b710e33fae40_arm64 |
| Red Hat | openshift4/ose-hypershift-rhel8@sha256:bc428181ba542fba9d93aaf3ff362cf64c0dc7f45bc566d79d7b084ab04614d7_amd64 as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-hypershift-rhel8@sha256:bc428181ba542fba9d93aaf3ff362cf64c0dc7f45bc566d79d7b084ab04614d7_amd64, openshift4/ose-hypershift-rhel8@sha256:bc428181ba542fba9d93aaf3ff362cf64c0dc7f45bc566d79d7b084ab04614d7_amd64 |
| Red Hat | openshift4/ose-baremetal-installer-rhel8@sha256:872ccdc319cec9beb6908a0514a6de10a33dee1b1e0e2ff6526e92587fcc95cc_ppc64le as a component of Red Hat OpenShift Container Platform 4.14 | * |
| Red Hat | openshift4/ose-agent-installer-node-agent-rhel9@sha256:679f6fcd4152256b452589d5faf52b70079d2a4167c94b942b9d6cb9c75e1300_s390x as a component of Red Hat OpenShift Container Platform 4.14 | openshift4/ose-agent-installer-node-agent-rhel9@sha256:679f6fcd4152256b452589d5faf52b70079d2a4167c94b942b9d6cb9c75e1300_s390x |
…and 242 more
Timeline
- Jul 3, 2024 PoC Published
- Jul 17, 2024 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 11, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2024:4479 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2254210 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2294000 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2294604 issue
- https://issues.redhat.com/browse/OCPBUGS-31354 advisory
- https://issues.redhat.com/browse/OCPBUGS-32499 advisory
- https://issues.redhat.com/browse/OCPBUGS-36437 advisory
- https://issues.redhat.com/browse/OCPBUGS-36461 advisory
- https://issues.redhat.com/browse/OCPBUGS-36475 advisory
- https://issues.redhat.com/browse/OCPBUGS-36518 advisory
- https://issues.redhat.com/browse/OCPBUGS-36593 advisory
- https://issues.redhat.com/browse/OCPBUGS-36776 advisory
- https://issues.redhat.com/browse/OCPBUGS-5943 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4479.json advisory
- https://access.redhat.com/security/cve/CVE-2023-48795 advisory
- https://www.cve.org/CVERecord?id=CVE-2023-48795 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-48795 advisory
- https://access.redhat.com/solutions/7071748 advisory
- https://terrapin-attack.com/ advisory
…and 9 more