Main Vulnerability Database SB2024111111

SB2024111111 - Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.14 packages

Published: November 11, 2024

Security Bulletin ID SB2024111111

Severity

Medium

Patch available

YES

Number of vulnerabilities 5

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Path traversal (CVE-ID: CVE-2024-9675)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to input validation error when processing directory traversal sequences in cache mounts. A local user can execute a 'RUN' instruction in a Container file to mount an arbitrary directory from the host into the container as long as those files can be accessed by the user running Buildah.

2) Resource exhaustion (CVE-ID: CVE-2024-34156)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to encoding/gob does not properly control consumption of internal resources when calling Decoder.Decode. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Note, this vulnerability is related to #VU66068 (CVE-2024-34156).

3) UNIX symbolic link following (CVE-ID: CVE-2024-9676)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a symlink following issue when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). A local user can create a symbolic link to an arbitrary file on the system, force the library to read it and perform a denial of service (DoS) attack.

4) Resource exhaustion (CVE-ID: CVE-2024-34155)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to go/parser does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

5) Resource exhaustion (CVE-ID: CVE-2024-34158)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to go/build/constraint does not properly control consumption of internal resources when calling Parse on a "// +build" build tag line with deeply nested expressions. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2024:8700

Vulnerable Software

openshift4-aws-iso (Red Hat package): before 4.14.0-202410181711.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202410181711.p0.g8926a29.assembly.stream.el8
containernetworking-plugins (Red Hat package): before 1.4.0-4.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-4.rhaos4.14.el8
skopeo (Red Hat package): before 1.11.3-4.rhaos4.14.el8
runc (Red Hat package): before 1.1.14-2.rhaos4.14.el8
podman (Red Hat package): before 4.4.1-21.rhaos4.14.el8
ose-aws-ecr-image-credential-provider (Red Hat package): before 4.14.0-202410181711.p0.g9a7820e.assembly.stream.el8
openshift-clients (Red Hat package): before 4.14.0-202410181711.p0.g44b3ac2.assembly.stream.el8
openshift-ansible (Red Hat package): before 4.14.0-202410181711.p0.g846e89b.assembly.stream.el8
openshift (Red Hat package): before 4.14.0-202410181711.p0.g03a907c.assembly.stream.el8
libreswan (Red Hat package): before 4.5-1.el9
ignition (Red Hat package): before 2.16.2-5.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-6.el8
cri-o (Red Hat package): before 1.27.8-12.rhaos4.14.git7597c43.el8
conmon (Red Hat package): before 2.1.7-6.rhaos4.14.el8
buildah (Red Hat package): before 1.29.1-13.rhaos4.14.el8
Red Hat OpenShift Container Platform: before 4.14.40