Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:2088 - Security Advisory
Issued:
2024-04-29
Updated:
2024-04-29

RHSA-2024:2088 - Security Advisory

  • Overview
  • Updated Images

Synopsis

Important: Red Hat build of Cryostat security update

Type/Severity

Security Advisory: Important

Topic

An update is now available for the Red Hat build of Cryostat 2 on RHEL 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

An update is now available for the Red Hat build of Cryostat 2 on RHEL 8.

Security Fix(es):

  • vert.x: io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx (CVE-2024-1023)
  • vertx-core: io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)
  • golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)
  • golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)
  • golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
  • netty-codec-http: Allocation of Resources Without Limits or Throttling (CVE-2024-29025)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Cryostat 2 x86_64

Fixes

  • BZ - 2260840 - CVE-2024-1023 io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx
  • BZ - 2263139 - CVE-2024-1300 io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support
  • BZ - 2268017 - CVE-2023-45290 golang: net/http: memory exhaustion in Request.ParseMultipartForm
  • BZ - 2268019 - CVE-2024-24783 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
  • BZ - 2268273 - CVE-2023-45288 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS
  • BZ - 2272907 - CVE-2024-29025 netty-codec-http: Allocation of Resources Without Limits or Throttling

CVEs

  • CVE-2021-35937
  • CVE-2021-35938
  • CVE-2021-35939
  • CVE-2021-43618
  • CVE-2023-6135
  • CVE-2023-28322
  • CVE-2023-38546
  • CVE-2023-45288
  • CVE-2023-45290
  • CVE-2023-46218
  • CVE-2023-48795
  • CVE-2023-52425
  • CVE-2024-1023
  • CVE-2024-1300
  • CVE-2024-1394
  • CVE-2024-21011
  • CVE-2024-21012
  • CVE-2024-21068
  • CVE-2024-21094
  • CVE-2024-24783
  • CVE-2024-28834
  • CVE-2024-29025

References

  • https://access.redhat.com/security/updates/classification/#important

aarch64

cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:c6f6accf2843a8d682184c4856ed4a33718598ac93f408a6ae176499afebb98c
cryostat-tech-preview/cryostat-operator-bundle@sha256:a737d333ff2270d1c4c5cdee31395840118f8845f1721215a0ed3339d6c0bfc7
cryostat-tech-preview/cryostat-reports-rhel8@sha256:59d2392e2a211b2abfe7d7f077037a3b7d6a5a6300c993d8dd11ab6a833cdaed
cryostat-tech-preview/cryostat-rhel8@sha256:d8b2fe76c91ac7bfc781cb4b73289dfe88f3add9a9e3d2f452c9e1034d83a2c8
cryostat-tech-preview/cryostat-rhel8-operator@sha256:ecbc8c12eb93ba51d9f20bc53f6d83b730e0fd3a48facc3331daa34bd38fefdf
cryostat-tech-preview/jfr-datasource-rhel8@sha256:9b0de728776daa581545cce4c7ffac8ee35374b65968125dea89f5e896a958a7

x86_64

cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:ce37e72beb00a9eb2653cf6c248abf4d569cf3a708f83a67a0d4639f4893b31e
cryostat-tech-preview/cryostat-operator-bundle@sha256:818f32bf078b473ea3d3e414134d55b196333b179db54371c7a283e20ae720be
cryostat-tech-preview/cryostat-reports-rhel8@sha256:007cd4be45dbe9627b80ae749b78b751fe9846da0659f2a4f73e801a7207c663
cryostat-tech-preview/cryostat-rhel8@sha256:99dab409d9e80a951f39c80f3429fa34ab1ed99f68d41f15fedf63cb33eb5c29
cryostat-tech-preview/cryostat-rhel8-operator@sha256:734054cf4f9b68b186ae2024caf7401321c14c63a70188f771617cc3ae83dc64
cryostat-tech-preview/jfr-datasource-rhel8@sha256:f28d25a215222f8d1e19b59ea479dc22b71380cd8c3ffa99ae562727fbb1b487

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility