Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2023:0930 - Security Advisory
Issued:
2023-03-08
Updated:
2023-03-08

RHSA-2023:0930 - Security Advisory

  • Overview
  • Updated Images

Synopsis

Moderate: Logging Subsystem 5.5.8 - Red Hat OpenShift

Type/Severity

Security Advisory: Moderate

Topic

Logging Subsystem 5.5.8 - Red Hat OpenShift

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Logging Subsystem 5.5.8 - Red Hat OpenShift

Security Fix(es):

  • express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
  • golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:

https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html

For Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:

https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html

Affected Products

  • Logging Subsystem for Red Hat OpenShift 5 x86_64
  • Logging Subsystem for Red Hat OpenShift for IBM Power, little endian 5 ppc64le
  • Logging Subsystem for Red Hat OpenShift for IBM Z and LinuxONE 5 s390x
  • Logging Subsystem for Red Hat OpenShift for ARM 64 5 aarch64

Fixes

  • BZ - 2150323 - CVE-2022-24999 express: "qs" prototype poisoning causes the hang of the node process
  • BZ - 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
  • LOG-3630 - [release-5.5] Inconsistencies in vector normalization of systemd logs.

CVEs

  • CVE-2020-10735
  • CVE-2021-28861
  • CVE-2022-2873
  • CVE-2022-4415
  • CVE-2022-24999
  • CVE-2022-40897
  • CVE-2022-41222
  • CVE-2022-41717
  • CVE-2022-43945
  • CVE-2022-45061
  • CVE-2022-48303

References

  • https://access.redhat.com/security/updates/classification/#moderate

aarch64

openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f
openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3
openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad
openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550
openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e
openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497
openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199
openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f
openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181
openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65
openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218
openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578
openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024
openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c
openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2

ppc64le

openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53
openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29
openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec
openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be
openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877
openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104
openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3
openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c
openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c
openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f
openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b
openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d
openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71
openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80
openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6

s390x

openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74
openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb
openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da
openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e
openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078
openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a
openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105
openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf
openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46
openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1
openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4
openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef
openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f
openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326
openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795

x86_64

openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074
openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077
openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af
openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a
openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f
openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37
openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8
openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44
openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8
openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34
openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f
openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1
openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef
openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38
openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5
openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192
openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965
openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter