Lucene search

K
redhatRedHatRHSA-2022:1699
HistoryMay 12, 2022 - 5:58 p.m.

(RHSA-2022:1699) Moderate: OpenShift Container Platform 4.7.50 security update

2022-05-1217:58:21
CWE-787
access.redhat.com
43
red hat
openshift container platform
security update
rpm packages
kubernetes
cloud computing
cve-2022-24769
upgrade
cluster

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.095

Percentile

95.0%

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.50. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2022:1698

Security Fix(es):

  • moby: Default inheritable capabilities for linux container should be
    empty (CVE-2022-24769)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html

Affected configurations

Vulners
Node
redhatjava-11-openjdkRange11.0.15.0.9-2.el7_9
OR
redhatjava-1.8.0-openjdkRange1.8.0.332.b09-1.el7_9
OR
redhatjava-1.7.1-ibm-1Range1.7.1.5.10-1jpp.1.el7
OR
redhatjava-1.8.0-ibm-1Range1.8.0.7.10-1jpp.1.el7
OR
redhatjava-11-openjdkRange11.0.15.0.9-2.el8_5
OR
redhatjava-17-openjdkRange17.0.3.0.6-2.el8_5
OR
redhatjava-1.8.0-openjdkRange1.8.0.332.b09-1.el8_5
OR
redhatjava-1.8.0-ibmRange1.8.0.7.10-1.el8_6
OR
redhatjava-11-openjdk-1Range11.0.15.0.9-2.el8_1
OR
redhatjava-1.8.0-openjdk-1Range1.8.0.332.b09-1.el8_1
OR
redhatjava-11-openjdk-1Range11.0.15.0.9-2.el8_2
OR
redhatjava-1.8.0-openjdk-1Range1.8.0.332.b09-1.el8_2
OR
redhatjava-11-openjdk-1Range11.0.15.0.9-2.el8_4
OR
redhatjava-1.8.0-openjdk-1Range1.8.0.332.b09-1.el8_4
OR
redhatjava-11-openjdkRange11.0.15.0.10-1.el9_0
OR
redhatjava-17-openjdkRange17.0.3.0.7-1.el9_0
OR
redhatjava-1.8.0-openjdkRange1.8.0.332.b09-1.el9_0
OR
redhatopenshift4\/ose-local-storage-diskmakerRangev4.10.0-202204090935.p0.g4b31438.assembly.stream
OR
redhatopenshift4\/ose-local-storage-operatorRangev4.10.0-202204090935.p0.g4b31438.assembly.stream
OR
redhatopenshift4\/ose-local-storage-operatorRangev4.6.0-202204261127.p0.g6cc1fff.assembly.stream
OR
redhatopenshift4\/ose-local-storage-diskmakerRangev4.6.0-202205020737.p0.g6cc1fff.assembly.stream
OR
redhatopenshift4\/ose-local-storage-diskmakerRangev4.7.0-202204252136.p0.gd6211c0.assembly.stream
OR
redhatopenshift4\/ose-local-storage-operatorRangev4.7.0-202204252136.p0.gd6211c0.assembly.stream
OR
redhatopenshift4\/ose-local-storage-diskmakerRangev4.8.0-202204111736.p0.g50982c6.assembly.stream
OR
redhatopenshift4\/ose-local-storage-operatorRangev4.8.0-202204130333.p0.g50982c6.assembly.stream
OR
redhatopenshift4\/ose-local-storage-diskmakerRangev4.9.0-202204091605.p0.g4ab612d.assembly.stream
OR
redhatopenshift4\/ose-local-storage-operatorRangev4.9.0-202204092357.p0.g4ab612d.assembly.stream
OR
redhatjava-1.8.0-ibm-1Range1.8.0.8.0-1jpp.1.el7
OR
redhatkernelRange2.6.32-754.47.1.el6
OR
redhatkernel-rtRange3.10.0-1160.66.1.rt56.1207.el7
OR
redhatkernelRange3.10.0-1160.66.1.el7
OR
redhatkernelRange3.10.0-514.101.1.el7
OR
redhatkernelRange3.10.0-693.103.1.el7
OR
redhatkernelRange3.10.0-957.94.1.el7
OR
redhatkernelRange3.10.0-1062.67.1.el7
OR
redhatkernel-rtRange4.18.0-348.20.1.rt7.150.el8_5
OR
redhatkernelRange4.18.0-348.20.1.el8_5
OR
redhatkernelRange4.18.0-147.64.1.el8_1
OR
redhatkernel-rtRange4.18.0-193.79.1.rt13.129.el8_2
OR
redhatkernelRange4.18.0-193.79.1.el8_2
OR
redhatkernel-rtRange4.18.0-305.45.1.rt7.117.el8_4
OR
redhatkernelRange4.18.0-305.45.1.el8_4
OR
redhatkernel-rtRange3.10.0-1160.62.1.rt56.1203.el7
OR
redhatkernelRange3.10.0-1160.62.1.el7
OR
redhatkernelRange3.10.0-693.99.1.el7
OR
redhatkernelRange3.10.0-957.92.1.el7
OR
redhatkernelRange3.10.0-1062.66.1.el7
OR
redhatkernel-rtRange4.18.0-372.9.1.rt7.166.el8
OR
redhatkernelRange4.18.0-372.9.1.el8
OR
redhatvirtualization_hostRange4.3.22-20220330.1.el7_9
OR
redhatvirtualization_hostRange4.5.0-202205291010_8.6
OR
redhatkernel-rtRange4.18.0-348.23.1.rt7.153.el8_5
OR
redhatkernelRange4.18.0-348.23.1.el8_5
AND
redhatenterprise_linuxMatch7
OR
redhatenterprise_linuxMatch8
OR
redhatenterprise_linuxMatchsupplementary
OR
redhatenterprise_linuxMatch9
OR
redhatenterprise_linuxMatchnfv
OR
redhatenterprise_linuxMatchhypervisor
VendorProductVersionCPE
redhatjava-11-openjdk*cpe:2.3:a:redhat:java-11-openjdk:*:*:*:*:*:*:*:*
redhatjava-1.8.0-openjdk*cpe:2.3:a:redhat:java-1.8.0-openjdk:*:*:*:*:*:*:*:*
redhatjava-1.7.1-ibm-1*cpe:2.3:a:redhat:java-1.7.1-ibm-1:*:*:*:*:*:*:*:*
redhatjava-1.8.0-ibm-1*cpe:2.3:a:redhat:java-1.8.0-ibm-1:*:*:*:*:*:*:*:*
redhatjava-17-openjdk*cpe:2.3:a:redhat:java-17-openjdk:*:*:*:*:*:*:*:*
redhatjava-1.8.0-ibm*cpe:2.3:a:redhat:java-1.8.0-ibm:*:*:*:*:*:*:*:*
redhatjava-11-openjdk-1*cpe:2.3:a:redhat:java-11-openjdk-1:*:*:*:*:*:*:*:*
redhatjava-1.8.0-openjdk-1*cpe:2.3:a:redhat:java-1.8.0-openjdk-1:*:*:*:*:*:*:*:*
redhatopenshift4\/ose-local-storage-diskmaker*cpe:2.3:a:redhat:openshift4\/ose-local-storage-diskmaker:*:*:*:*:*:*:*:*
redhatopenshift4\/ose-local-storage-operator*cpe:2.3:a:redhat:openshift4\/ose-local-storage-operator:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 191

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.095

Percentile

95.0%