Lucene search

K
redhatRedHatRHSA-2024:2729
HistoryMay 22, 2024 - 8:32 p.m.

(RHSA-2024:2729) Important: Red Hat OpenStack Platform 17.1 (etcd) security update

2024-05-2220:32:30
access.redhat.com
1
red hat openstack
etcd
security update
memory leaks
denial of service
cve page listed

8.4 High

AI Score

Confidence

Low

0.732 High

EPSS

Percentile

98.1%

A highly-available key value store for shared configuration

Security Fix(es):

  • golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)

  • net/http/internal: Denial of Service (DoS) via Resource Consumption via
    HTTP requests (CVE-2023-39326)

  • crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges.
    (CVE-2023-45287)

  • net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)

  • etcd: Incomplete fix for CVE-2023-39325/CVE-2023-44487 in OpenStack Platform (CVE-2024-4438)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.