Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2023:1816 - Security Advisory
Issued:
2023-04-17
Updated:
2023-04-17

RHSA-2023:1816 - Security Advisory

  • Overview
  • Updated Images

Synopsis

Moderate: Red Hat OpenShift Data Foundation 4.12.2 Bug Fix and security update

Type/Severity

Security Advisory: Moderate

Topic

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.2 on Red Hat Enterprise Linux 8 from Red Hat Container Registry.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.

Security Fix(es):

  • golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • [backport 4.12] s3 sync directory to a bucket fails with Internal Error in between the upload operation (BZ#2170416)
  • [4.12 clone] [Noobaa] Secrets are used in env variables (BZ#2171968)
  • [Backport to 4.12.z] Placeholder bug to backport the odf changes for Managed services epic RHSTOR-2442 to 4.12.z (BZ#2174335)
  • [ODF 4.12] Missing the status-reporter binary causing pods "report-status-to-provider" remain in CreateContainerError on ODF to ODF cluster on ROSA (BZ#2179978)
  • [MDR] After upgrade(redhat-operators) on hub from 4.12.1 to 4.12.2 noticed 2 token-exchange-agent pods on managed clusters and one of them on CBLO (BZ#2183198)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenShift Data Foundation 4 for RHEL 8 x86_64
  • Red Hat OpenShift Data Foundation for IBM Power, little endian 4 for RHEL 8 ppc64le
  • Red Hat OpenShift Data Foundation for IBM Z and LinuxONE 4 for RHEL 8 s390x

Fixes

  • BZ - 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
  • BZ - 2171968 - [4.12 clone] [Noobaa] Secrets are used in env variables
  • BZ - 2174335 - [Backport to 4.12.z] Placeholder bug to backport the odf changes for Managed services epic RHSTOR-2442 to 4.12.z
  • BZ - 2175365 - [4.12.z] Upgrade from 4.12.0 to 4.12.1 doesn't work
  • BZ - 2179978 - [ODF 4.12] Missing the status-reporter binary causing pods "report-status-to-provider" remain in CreateContainerError on ODF to ODF cluster on ROSA
  • BZ - 2183198 - [MDR] After upgrade(redhat-operators) on hub from 4.12.1 to 4.12.2 noticed 2 token-exchange-agent pods on managed clusters and one of them on CBLO
  • BZ - 2186455 - Include at ODF 4.12 container images the RHEL8 CVE fix on "openssl"

CVEs

  • CVE-2020-10735
  • CVE-2021-28861
  • CVE-2022-4304
  • CVE-2022-4415
  • CVE-2022-4450
  • CVE-2022-40897
  • CVE-2022-41717
  • CVE-2022-45061
  • CVE-2022-48303
  • CVE-2023-0215
  • CVE-2023-0286
  • CVE-2023-23916

References

  • https://access.redhat.com/security/updates/classification/#moderate

ppc64le

odf4/cephcsi-rhel8@sha256:ec31241541e2abd78bf8cf2a627c7c2372f613462f450f244b5652de4f84be75
odf4/mcg-core-rhel8@sha256:8e832ccabcce01c544a66a8f0dce82bf817fbb57b9c32f9d08fb6648615017a8
odf4/mcg-operator-bundle@sha256:c8d9b5a89e1855d531c36376b746dd04a7bdcce04b756a5e0575eb607cd4c5fb
odf4/mcg-rhel8-operator@sha256:571a9816824bd780addd14bdebdfa33d6e2dae774d2eaf3ce4598f77c5d2f46c
odf4/ocs-metrics-exporter-rhel8@sha256:02aa79c70cdd7d6705901a0251ee034d6f99babffd6b53d284b2887977da56a2
odf4/ocs-must-gather-rhel8@sha256:d9869214ad82dbe0822c6d2fc6e68d3cc5f136eea360c6aa35ef80fc042e0e4f
odf4/ocs-operator-bundle@sha256:1ceee23741fdbd8ea57c896394b7907a0d085747761aaff7499f9acd3da12c05
odf4/ocs-rhel8-operator@sha256:b79e124c25a496d6faf8cb4fc2b6c6cfc16168a375ab74d646aeb47b7d313432
odf4/odf-console-rhel8@sha256:06fcb2723384a47645b02b1e5bf204ee164c237d5858d54dcdf824a3ed0dbb92
odf4/odf-csi-addons-operator-bundle@sha256:eb9a4f71876b95ae09ff265bd775213e5ab5a0a52df72b0e81a235ef9b4dfa0c
odf4/odf-csi-addons-rhel8-operator@sha256:81d995804e8323c5d3f8d97e4cfe3994f8557a570d95ef54d3a3fdb92983e36a
odf4/odf-csi-addons-sidecar-rhel8@sha256:279143d15ee81346544f3d349c31ceca4a961b7a0335ef244897b6f9539b0853
odf4/odf-multicluster-console-rhel8@sha256:f233577ffe579fe96f2bc5e40b31c503d07c1286a4552d13817f29e32a630bbf
odf4/odf-multicluster-operator-bundle@sha256:ce1e95332f5a1f26fda686689524434440cfaf79157b03e19bc6d5a8174ba08c
odf4/odf-multicluster-rhel8-operator@sha256:457dc81080a0b9eb0920edf2f4b485b004bd052b2aed5f67271deeface6d5bcb
odf4/odf-operator-bundle@sha256:d5cb1e7b977ac06f3d135b75039f5e7d9b72712fb56da46b3197934468087089
odf4/odf-rhel8-operator@sha256:548824cea11b74bd3cf029362e0af7ca4e274106536969e06100ed4d8e04c2ae
odf4/odr-cluster-operator-bundle@sha256:34a6065837c1298716257cf0d393d2976d617442690ef476d18f582d179f933f
odf4/odr-hub-operator-bundle@sha256:1c069d2e9b67ebcbaf69d6410556a52acdb54e2eb40fa6894bc849c7786d9453
odf4/odr-rhel8-operator@sha256:43b8ec1e8a4064044087ddfe6f69923bce5760fd6584796b658d91ae5a578af1
odf4/rook-ceph-rhel8-operator@sha256:e1c44a717f76e99f94453222c26c11122a12ff1257b52a5df5e2f298f648d7fc

s390x

odf4/cephcsi-rhel8@sha256:26cd66e3c1b82d8466b45ad04821c15a570ecb4527f5b21e7b80e8c2addc7779
odf4/mcg-core-rhel8@sha256:b6259101dd506a40cf2ada869a74c6dfee70c962ef33059beb93a566fc6a7352
odf4/mcg-operator-bundle@sha256:ae25765423b3c26edbf244565fda9bb803f3f88806e5ad7351e7eea5249dab32
odf4/mcg-rhel8-operator@sha256:6e707cf70c75e3ffe056c741e8f8a743f9274c31136e1e6b0d54849f97f9e839
odf4/ocs-metrics-exporter-rhel8@sha256:6f263c6ff6c9eb52d5a74977705357422750016f0e20aa5b4f0a2758ae2bf714
odf4/ocs-must-gather-rhel8@sha256:f8bb8fc209169c07136bf564d008dc945022d91a2b9701a2c26a8c9e119e48ae
odf4/ocs-operator-bundle@sha256:df37316320641fb32a777267be06ffcf40fac7c5e18347f9082b1ca16e64e6fb
odf4/ocs-rhel8-operator@sha256:f3febb8c575c0008630db316cd445ebfeb4cf22729109d29649e90835cf9864a
odf4/odf-console-rhel8@sha256:05ded1646a55559834a7b5b73efe4cc75eb5766dacbd13625ac762f6b653cd06
odf4/odf-csi-addons-operator-bundle@sha256:a03151222a299e9994de4e490169f326fe97b770966e37107d6615e4f8e5ed54
odf4/odf-csi-addons-rhel8-operator@sha256:dddbe73a0d0cb9cffef5cfe6c29d2fe5b1c47af44e461958dd40a7b1be7655d4
odf4/odf-csi-addons-sidecar-rhel8@sha256:0ef01ac2d319f6316a471a598c228b548496c34f65ac3408b7972a04b0322e9d
odf4/odf-multicluster-console-rhel8@sha256:2c3875c244464a22072601e67a8f823f668e184f5409a00ddbb76c210d16c308
odf4/odf-multicluster-operator-bundle@sha256:5ff129c7bd9895bd061b3f909dfa618a39de63c1a8962909fbd276ddb3cc0eac
odf4/odf-multicluster-rhel8-operator@sha256:5eacb98798e5cdb5230cabc933e73274a97fe4c1e08b2c56f830577ec86461c5
odf4/odf-operator-bundle@sha256:5b2c4038514d3ad2a50a0f1ff69d8bb1b63f68dc0a65cc59d84992544b129748
odf4/odf-rhel8-operator@sha256:ab710ac2f356c8328dddbd1471b0952ffd529de61630dd0d3702e8f9ab17834a
odf4/odr-cluster-operator-bundle@sha256:ea93d88a9abce4772f7fea2e1833d708f70261c99e4954fd1917d8ee8af3105e
odf4/odr-hub-operator-bundle@sha256:a10ee5a6d0925df1836742715253826171f698655c4977ae2825bdab4eb19288
odf4/odr-rhel8-operator@sha256:120ed6dbb7c2001e81ba53ec2a64f5ee8e5108ff65ffbda481cb37b8c548e40f
odf4/rook-ceph-rhel8-operator@sha256:a7a9d2468137c9c37acd96f3754088186491317d90537c6f90cf7a24bbe99ca3

x86_64

odf4/cephcsi-rhel8@sha256:02a45a4526c44cd9723abb0e155a627cd0d7e827dc11e4679ddab1067cf82239
odf4/mcg-core-rhel8@sha256:f870f0e1c9101cc1235955958132cdccc4239a394a91b794f9c7d1076a831fc3
odf4/mcg-operator-bundle@sha256:b359aa18d0e121a5a8806c3bfcab145a432068d96023e1dfb6c0ff61729530ed
odf4/mcg-rhel8-operator@sha256:780f21748e8a2e93c825b73dfa339a10eb40ed118440ec1e6463f18be050660b
odf4/ocs-metrics-exporter-rhel8@sha256:0c16859624d28c4ead088206ffe90a931950846a3f468ffe4180384fafb2e914
odf4/ocs-must-gather-rhel8@sha256:e4a184006675f2b90d4d61dff86314567926a462221d719d4f49b5aa539fd4d7
odf4/ocs-operator-bundle@sha256:5a7eb94cbe7c3c3beb5b0b578a594db5b21952a917b80d5d144fd131983136f6
odf4/ocs-rhel8-operator@sha256:aa296e043b81a7a56f50a030f145fc3ef29f5a5cd629b2e443ae4ebd4a579949
odf4/odf-console-rhel8@sha256:9f618cd8acce0a97eb6da2bd07a198a5ea6dde4f89aed5d3db690e693b934e7b
odf4/odf-csi-addons-operator-bundle@sha256:c749a20a95dd9a2d494c6850269da4c785a991f7f8315f284eb40a009012fad8
odf4/odf-csi-addons-rhel8-operator@sha256:34c31af6bc9075c1e87707424bbd73b2cd958a60a66c6ab2b0b9d0dd5cf43d71
odf4/odf-csi-addons-sidecar-rhel8@sha256:ab6ef8e5bac5ed45620fd70046fae897edf2cb4c3f979f143925ff25e39573fe
odf4/odf-multicluster-console-rhel8@sha256:f91d25a2921acf5dd00c1e02d5004369fb774ac35e74d2ca700707463abc3de9
odf4/odf-multicluster-operator-bundle@sha256:3b6baf191b4c18ab9919b2fdb466fff213423a317a7a4693e8c6b6bbe49fad0e
odf4/odf-multicluster-rhel8-operator@sha256:4882968a8b7e1409be1ffa26de6f7f8d07d381e2b43f79ce7a48b3ac9a6eb31e
odf4/odf-operator-bundle@sha256:ed4edaaa3aff9484ad8edf73b79674239b08e46b47783a32c2cdd30580a76f65
odf4/odf-rhel8-operator@sha256:93687d26b46bc7de5341a5e11a8040fcf47faaf8a21ce6dfd2128a00ede4ba40
odf4/odr-cluster-operator-bundle@sha256:08fb694a868637cc78da5d9a9a7de71c8f36ce54a8a66860aac95c9434207b80
odf4/odr-hub-operator-bundle@sha256:38d189fb8c68a5c1566fb87fc80c633ee21d351a9905cfb17d4585d70b448750
odf4/odr-rhel8-operator@sha256:127ede6c4d4e1d9e1e3639a7002b220e8b5610a0dbb86439f0fd21d7f2a60061
odf4/rook-ceph-rhel8-operator@sha256:a471ad0f59a27bd83a72f56016a53385692b23311ee37e74ae89a067fa931b49

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility