Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2022:0870 - Security Advisory
Issued:
2022-03-22
Updated:
2022-03-22

RHSA-2022:0870 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: OpenShift Container Platform 4.7.45 packages and security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.7.45. is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.45. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2022:0873

Security Fix(es):

  • CRI-O: Arbitrary code execution in cri-o via abusing

“kernel.core_pattern” kernel parameter (CVE-2022-0811)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html

Solution

For OpenShift Container Platform 4.7 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.7 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8 s390x

Fixes

  • BZ - 2059475 - CVE-2022-0811 CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter
  • BZ - 2064013 - Placeholder bug for OCP 4.7.0 rpm release

CVEs

  • CVE-2022-0532
  • CVE-2022-0811

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.7 for RHEL 8

SRPM
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.src.rpm SHA-256: bb0bdd27039e23e54bff4afb805bfb412f999780f159513c45cd1cbd4270f28b
openshift-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.src.rpm SHA-256: afeb7728aeabd61dd7010f48530dff8471f4a131b094cd5788e4679bca6a7fbd
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.src.rpm SHA-256: f9396ced40c1cd6f7af1d3b0436326e4ada425a3d32d6968e79cbb78ce40a952
x86_64
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.x86_64.rpm SHA-256: 03b7ed82978f5c45a30d24b96be05d708cf537dc9fd323638f80008a00bd0978
cri-o-debuginfo-1.20.6-11.rhaos4.7.git76ea3d0.el8.x86_64.rpm SHA-256: 3b98ef9e7d7a8412d2aeb1cb5eabc2be401973385a8a5257c637c72660e7b3c0
cri-o-debugsource-1.20.6-11.rhaos4.7.git76ea3d0.el8.x86_64.rpm SHA-256: eb32cf933ffa6b5142bd6fb20c6c04674ed900a74e370ffed73291b869fb66fe
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.x86_64.rpm SHA-256: d25c7b4639c2200780214ba9db94ba4c05cce266fe2ed56019d36eaf965b67cb
openshift-clients-redistributable-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.x86_64.rpm SHA-256: 2096a56f6bb397cc59741a9ae1556cecd37739abe28a4676a46e97fa3c4a7e6b
openshift-hyperkube-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.x86_64.rpm SHA-256: a424079b648c02a43308c6ac431af4764ceb0a7ffad60456411056190856410e

Red Hat OpenShift Container Platform 4.7 for RHEL 7

SRPM
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el7.src.rpm SHA-256: a2f82d7c75950fdc115a88b69bb32202c0f6f613371dce28f92a76e5a32061eb
openshift-4.7.0-202203091647.p0.g0d60930.assembly.stream.el7.src.rpm SHA-256: a38cdba86d17028ca80cb5ea888542ceb679acee160e65c82779ed3e328c9ec0
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el7.src.rpm SHA-256: 227c2893c78c480c8b468a1792f0207795372751ab530c8dea9cce7292aef78d
x86_64
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el7.x86_64.rpm SHA-256: 692fcb6def6d53fa24415019f212edad308bbfaa44fb997bba248e09a3ebd11c
cri-o-debuginfo-1.20.6-11.rhaos4.7.git76ea3d0.el7.x86_64.rpm SHA-256: 13872442c4e97dbafd2c3df1089967b4f4f64a572947020621cefe4d25a56b43
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el7.x86_64.rpm SHA-256: 95d6ad721575273561336e3ea4b0034b7c679adee785fd343d315f19e1cf6013
openshift-clients-redistributable-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el7.x86_64.rpm SHA-256: a9df01461c229c4836acc7aded59ba1403d4c52d07a4a92568ec7387cf0cf66f
openshift-hyperkube-4.7.0-202203091647.p0.g0d60930.assembly.stream.el7.x86_64.rpm SHA-256: 9a371fc58e02240078e26b51d53018c3d173cc5418d8970017b8da6ab36feeed

Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8

SRPM
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.src.rpm SHA-256: bb0bdd27039e23e54bff4afb805bfb412f999780f159513c45cd1cbd4270f28b
openshift-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.src.rpm SHA-256: afeb7728aeabd61dd7010f48530dff8471f4a131b094cd5788e4679bca6a7fbd
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.src.rpm SHA-256: f9396ced40c1cd6f7af1d3b0436326e4ada425a3d32d6968e79cbb78ce40a952
ppc64le
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.ppc64le.rpm SHA-256: 4cbabad880f04e39348c0dc01169951538ed626da160dde047fae68a15a453f9
cri-o-debuginfo-1.20.6-11.rhaos4.7.git76ea3d0.el8.ppc64le.rpm SHA-256: 7d63563756a6f9c91bfeea44871b6d1dbabe2fa336fa8ec945897eb823b5e7b9
cri-o-debugsource-1.20.6-11.rhaos4.7.git76ea3d0.el8.ppc64le.rpm SHA-256: 95724944db7bf1a671a75928e6392477d9d47f1b061055cf3bc95f72d93eaa7e
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.ppc64le.rpm SHA-256: 6912082a7ef22fd742bd26fb6caf5255f39a273a4ddaf5adfa1e0ac267f8cd87
openshift-hyperkube-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.ppc64le.rpm SHA-256: 620a9b8c2f9516fbd228a202aeb2197f7f63e3dfd02d7f7d8014d17261b5d731

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8

SRPM
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.src.rpm SHA-256: bb0bdd27039e23e54bff4afb805bfb412f999780f159513c45cd1cbd4270f28b
openshift-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.src.rpm SHA-256: afeb7728aeabd61dd7010f48530dff8471f4a131b094cd5788e4679bca6a7fbd
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.src.rpm SHA-256: f9396ced40c1cd6f7af1d3b0436326e4ada425a3d32d6968e79cbb78ce40a952
s390x
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.s390x.rpm SHA-256: dc457e64f96cc3769926b1c42e975b81a9385368dc4c73b10d6484adde0b50fc
cri-o-debuginfo-1.20.6-11.rhaos4.7.git76ea3d0.el8.s390x.rpm SHA-256: 9e0e44b1977133d871bad8bb8c147fb3c910cfab951ae0ffbf3a1c631421d83b
cri-o-debugsource-1.20.6-11.rhaos4.7.git76ea3d0.el8.s390x.rpm SHA-256: ed5189dfcd7b93add3cff5e3c2f8347259b02f0e0292af333059474bcd6928d3
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.s390x.rpm SHA-256: 55117ee8541699b93394816e262575dedc92a2cc608e2b321905cb0ecfacef33
openshift-hyperkube-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.s390x.rpm SHA-256: 1906abe5121cf9e69e8fbf56bf486c2ddc85df65d272e8bbd8184e79057f7480

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility