Red Hat Product Errata RHBA-2024:2650 - Bug Fix Advisory
Issued:
2024-05-02
Updated:
2024-05-02

RHBA-2024:2650 - Bug Fix Advisory

Synopsis

updated rhdh/rhdh-hub-rhel9 container image

Type/Severity

Bug Fix Advisory

Topic

Updated rhdh/rhdh-hub-rhel9 container image is now available for RHDH-1.1-RHEL-9.

Description

The rhdh/rhdh-hub-rhel9 container image has been updated for RHDH-1.1-RHEL-9 to address the following security advisory: RHSA-2024:2394 (see References)

Users of rhdh/rhdh-hub-rhel9 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHDH-1.1-RHEL-9 container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat Developer Hub 1 x86_64

Fixes

  • BZ - 1918601 - CVE-2020-26555 kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack
  • BZ - 2049700 - CVE-2022-0480 kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion
  • BZ - 2133452 - CVE-2022-38096 kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query
  • BZ - 2151959 - CVE-2022-45934 kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c
  • BZ - 2177759 - CVE-2023-28464 Kernel: double free in hci_conn_cleanup of the bluetooth subsystem
  • BZ - 2185519 - CVE-2023-28866 kernel: Bluetooth: HCI: global out-of-bounds access in net/bluetooth/hci_sync.c
  • BZ - 2213132 - CVE-2023-31083 kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl
  • BZ - 2218332 - CVE-2023-39198 kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()
  • BZ - 2219359 - CVE-2023-6176 kernel: local dos vulnerability in scatterwalk_copychunks
  • BZ - 2221039 - CVE-2023-37453 kernel: usb: out-of-bounds read in read_descriptors
  • BZ - 2221463 - CVE-2023-3567 kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race
  • BZ - 2221702 - CVE-2023-4133 kernel: cxgb4: use-after-free in ch_flower_stats_cb()
  • BZ - 2226777 - CVE-2023-39189 kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()
  • BZ - 2226787 - CVE-2023-39193 kernel: netfilter: xtables sctp out-of-bounds read in match_flags()
  • BZ - 2226788 - CVE-2023-39194 kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match()
  • BZ - 2231410 - CVE-2023-25775 kernel: irdma: Improper access control
  • BZ - 2239845 - CVE-2023-42754 kernel: ipv4: NULL pointer dereference in ipv4_send_dest_unreach()
  • BZ - 2239848 - CVE-2023-42756 kernel: netfilter: race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP
  • BZ - 2244720 - CVE-2023-45863 kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write
  • BZ - 2246980 - CVE-2023-46862 kernel: NULL pointer dereference vulnerability in io_uring_show_fdinfo
  • BZ - 2250043 - CVE-2023-6121 kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get
  • BZ - 2252731 - CVE-2023-6931 kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size
  • BZ - 2253034 - CVE-2023-6531 kernel: GC's deletion of an SKB races with unix_stream_read_generic() leading to UAF
  • BZ - 2253632 - CVE-2023-6622 kernel: null pointer dereference vulnerability in nft_dynset_init()
  • BZ - 2254961 - CVE-2023-24023 kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses
  • BZ - 2254982 - CVE-2023-6915 kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c
  • BZ - 2255283 - CVE-2023-6932 kernel: use-after-free in IPv4 IGMP
  • BZ - 2255498 - CVE-2023-6546 kernel: GSM multiplexing race condition leads to privilege escalation
  • BZ - 2256490 - CVE-2024-0841 kernel: hugetlbfs: Null pointer dereference in hugetlbfs_fill_super function
  • BZ - 2256822 - CVE-2023-51779 kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg
  • BZ - 2257682 - CVE-2023-51780 kernel: use-after-free in net/atm/ioctl.c
  • BZ - 2258013 - CVE-2023-6040 kernel: netfilter: nf_tables: out-of-bounds access in nf_tables_newtable()
  • BZ - 2258518 - CVE-2024-0565 kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client
  • BZ - 2260005 - CVE-2023-51043 kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c
  • BZ - 2262126 - CVE-2024-1086 kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function
  • BZ - 2262127 - CVE-2024-1085 kernel: nf_tables: use-after-free vulnerability in the nft_setelem_catchall_deactivate() function
  • BZ - 2265285 - CVE-2023-52434 kernel: smb: client: fix potential OOBs in smb2_parse_contexts()
  • BZ - 2265517 - CVE-2024-26585 kernel: tls: race between tx work scheduling and socket close
  • BZ - 2265518 - CVE-2024-26582 kernel: tls: use-after-free with partial reads and async decrypt
  • BZ - 2265519 - CVE-2024-26584 kernel: tls: handle backlogging of crypto requests
  • BZ - 2265520 - CVE-2024-26583 kernel: tls: race between async notify and socket close
  • BZ - 2265645 - CVE-2024-26586 kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption
  • BZ - 2265646 - CVE-2024-26593 kernel: i2c: i801: Fix block process call transactions
  • BZ - 2265653 - CVE-2023-52448 kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
  • BZ - 2267041 - CVE-2023-52476 kernel: perf/x86/lbr: Filter vsyscall addresses
  • BZ - 2267695 - CVE-2024-26602 kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier
  • BZ - 2267750 - CVE-2023-52574 kernel: team: NULL pointer dereference when team device type is changed
  • BZ - 2267758 - CVE-2023-52578 kernel: net: bridge: data races indata-races in br_handle_frame_finish()
  • BZ - 2267760 - CVE-2023-52580 kernel: net/core: kernel crash in ETH_P_1588 flow dissector
  • BZ - 2267761 - CVE-2023-52581 kernel: netfilter: nf_tables: memory leak when more than 255 elements expired
  • BZ - 2267788 - CVE-2023-52529 kernel: HID: sony: Fix a potential memory leak in sony_probe()
  • BZ - 2267795 - CVE-2023-52522 kernel: net: fix possible store tearing in neigh_periodic_work()
  • BZ - 2269189 - CVE-2023-52489 kernel: mm/sparsemem: fix race in accessing memory_section->usage
  • BZ - 2269217 - CVE-2024-26609 kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters
  • BZ - 2270080 - CVE-2023-52610 kernel: net/sched: act_ct: fix skb leak and crash on ooo frags
  • BZ - 2270118 - CVE-2024-26633 kernel: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()
  • BZ - 2270883 - CVE-2023-52620 kernel: netfilter: nf_tables: disallow timeout for anonymous sets

x86_64

rhdh/rhdh-hub-rhel9@sha256:ec35fec9a9ed6c855cad5fa1177254c2fcd48cfb24efb3b782e5e5519c9d1aa6

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.