Issued:: 2023-11-15
Updated:: 2023-11-15

RHSA-2023:7218 - Security Advisory

Overview
Updated Images

Synopsis

Important: Kernel Module Management security update

Type/Severity

Security Advisory: Important

Topic

This is an update for the Red Hat OpenShift Kernel Module Management 1.1 operator and images to address CVE-2023-44487 which Red Hat has assessed as being Important (sees https://access.redhat.com/security/cve/CVE-2023-44487 for details)

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

It releases an updated versions of the Kernel Module Management bringing it to v1.1.2
As part of this it updates the following container images that constitute the Kernel Module Management Operator:
kernel-module-management-signing
kernel-module-management-operator
kernel-module-management-worker
kernel-module-management-hub-operator
kernel-module-management-must-gather
kernel-module-management-hub-operator-bundle
kernel-module-management-operator-bundle

Description

kernel module management is Red Hat's operator designed to load and manage out-of-tree kernel modules and device plugins for Red Hat OpenShift Container Platform.

This advisory contains kernel module management 1.1.2 images to address CVE-2023-44487

Security Fix(es):

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Kernel Module Management 1 for RHEL 9 x86_64

Fixes

BZ - 2242803 - CVE-2023-44487 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

CVEs

References

aarch64

kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8

kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6

kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9

kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee

kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47

kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd

ppc64le

kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa

kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6

kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d

kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7

kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716

kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887

x86_64

kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313

kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615

kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c

kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05

kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8

kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation