Synopsis
Moderate: gvisor-tap-vsock security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.
Security Fix(es):
- golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)
Affected Products
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
Fixes
-
BZ - 2268017
- CVE-2023-45290 golang: net/http: memory exhaustion in Request.ParseMultipartForm
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 9
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
x86_64 |
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31 |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
x86_64 |
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31 |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d |
Red Hat Enterprise Linux Server - AUS 9.4
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
x86_64 |
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31 |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d |
Red Hat Enterprise Linux for IBM z Systems 9
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
s390x |
gvisor-tap-vsock-0.7.3-3.el9_4.s390x.rpm
|
SHA-256: 3bb340cd22e09787b13d9cc0cb295eecca56ee520e42d86495ea621267d0694f |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.s390x.rpm
|
SHA-256: d7d649867915e2313585d0aff6cf658a4bdf1f44dfc9ed81ba65421334767347 |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.s390x.rpm
|
SHA-256: c162ab70fcbe3e7007d81efd9309264ddab72e0be0308d6e9491e11ed0041387 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
s390x |
gvisor-tap-vsock-0.7.3-3.el9_4.s390x.rpm
|
SHA-256: 3bb340cd22e09787b13d9cc0cb295eecca56ee520e42d86495ea621267d0694f |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.s390x.rpm
|
SHA-256: d7d649867915e2313585d0aff6cf658a4bdf1f44dfc9ed81ba65421334767347 |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.s390x.rpm
|
SHA-256: c162ab70fcbe3e7007d81efd9309264ddab72e0be0308d6e9491e11ed0041387 |
Red Hat Enterprise Linux for Power, little endian 9
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
ppc64le |
gvisor-tap-vsock-0.7.3-3.el9_4.ppc64le.rpm
|
SHA-256: d01952a8f080278c2dc3370979ced60099cb5c75ea3e951e334ad52e6a9b50be |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.ppc64le.rpm
|
SHA-256: 381f8724a9f43f1fda581ff8e1d5a7839bedddc3634b34182d7869252a386cfe |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.ppc64le.rpm
|
SHA-256: d6393200cd2e9475b05f182aca2784a12833de2bc2e83afc058190f7ae617111 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
ppc64le |
gvisor-tap-vsock-0.7.3-3.el9_4.ppc64le.rpm
|
SHA-256: d01952a8f080278c2dc3370979ced60099cb5c75ea3e951e334ad52e6a9b50be |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.ppc64le.rpm
|
SHA-256: 381f8724a9f43f1fda581ff8e1d5a7839bedddc3634b34182d7869252a386cfe |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.ppc64le.rpm
|
SHA-256: d6393200cd2e9475b05f182aca2784a12833de2bc2e83afc058190f7ae617111 |
Red Hat Enterprise Linux for ARM 64 9
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
aarch64 |
gvisor-tap-vsock-0.7.3-3.el9_4.aarch64.rpm
|
SHA-256: bba2393a360aeecde82fe41df799f1eff18011c724da12dddcb9cb1d412a8309 |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.aarch64.rpm
|
SHA-256: 7d33948972c9e35cb23e854d39c35b1f2808cf90844769bd220e7899da51dd93 |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.aarch64.rpm
|
SHA-256: 35ee3074fa0bc2391884af85ba5a4e230d6b10d71b32b95e536b4d995d3e9bbc |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
aarch64 |
gvisor-tap-vsock-0.7.3-3.el9_4.aarch64.rpm
|
SHA-256: bba2393a360aeecde82fe41df799f1eff18011c724da12dddcb9cb1d412a8309 |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.aarch64.rpm
|
SHA-256: 7d33948972c9e35cb23e854d39c35b1f2808cf90844769bd220e7899da51dd93 |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.aarch64.rpm
|
SHA-256: 35ee3074fa0bc2391884af85ba5a4e230d6b10d71b32b95e536b4d995d3e9bbc |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
ppc64le |
gvisor-tap-vsock-0.7.3-3.el9_4.ppc64le.rpm
|
SHA-256: d01952a8f080278c2dc3370979ced60099cb5c75ea3e951e334ad52e6a9b50be |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.ppc64le.rpm
|
SHA-256: 381f8724a9f43f1fda581ff8e1d5a7839bedddc3634b34182d7869252a386cfe |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.ppc64le.rpm
|
SHA-256: d6393200cd2e9475b05f182aca2784a12833de2bc2e83afc058190f7ae617111 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
x86_64 |
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31 |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm
|
SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
aarch64 |
gvisor-tap-vsock-0.7.3-3.el9_4.aarch64.rpm
|
SHA-256: bba2393a360aeecde82fe41df799f1eff18011c724da12dddcb9cb1d412a8309 |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.aarch64.rpm
|
SHA-256: 7d33948972c9e35cb23e854d39c35b1f2808cf90844769bd220e7899da51dd93 |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.aarch64.rpm
|
SHA-256: 35ee3074fa0bc2391884af85ba5a4e230d6b10d71b32b95e536b4d995d3e9bbc |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4
SRPM |
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm
|
SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb |
s390x |
gvisor-tap-vsock-0.7.3-3.el9_4.s390x.rpm
|
SHA-256: 3bb340cd22e09787b13d9cc0cb295eecca56ee520e42d86495ea621267d0694f |
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.s390x.rpm
|
SHA-256: d7d649867915e2313585d0aff6cf658a4bdf1f44dfc9ed81ba65421334767347 |
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.s390x.rpm
|
SHA-256: c162ab70fcbe3e7007d81efd9309264ddab72e0be0308d6e9491e11ed0041387 |