Red Hat Product Errata RHSA-2024:3830 - Security Advisory
Issued:
2024-06-11
Updated:
2024-06-11

RHSA-2024:3830 - Security Advisory

Synopsis

Moderate: gvisor-tap-vsock security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.

Security Fix(es):

  • golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

  • BZ - 2268017 - CVE-2023-45290 golang: net/http: memory exhaustion in Request.ParseMultipartForm

Red Hat Enterprise Linux for x86_64 9

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
x86_64
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
x86_64
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
x86_64
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
x86_64
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
x86_64
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
s390x
gvisor-tap-vsock-0.7.3-3.el9_4.s390x.rpm SHA-256: 3bb340cd22e09787b13d9cc0cb295eecca56ee520e42d86495ea621267d0694f
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.s390x.rpm SHA-256: d7d649867915e2313585d0aff6cf658a4bdf1f44dfc9ed81ba65421334767347
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.s390x.rpm SHA-256: c162ab70fcbe3e7007d81efd9309264ddab72e0be0308d6e9491e11ed0041387

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
s390x
gvisor-tap-vsock-0.7.3-3.el9_4.s390x.rpm SHA-256: 3bb340cd22e09787b13d9cc0cb295eecca56ee520e42d86495ea621267d0694f
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.s390x.rpm SHA-256: d7d649867915e2313585d0aff6cf658a4bdf1f44dfc9ed81ba65421334767347
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.s390x.rpm SHA-256: c162ab70fcbe3e7007d81efd9309264ddab72e0be0308d6e9491e11ed0041387

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
s390x
gvisor-tap-vsock-0.7.3-3.el9_4.s390x.rpm SHA-256: 3bb340cd22e09787b13d9cc0cb295eecca56ee520e42d86495ea621267d0694f
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.s390x.rpm SHA-256: d7d649867915e2313585d0aff6cf658a4bdf1f44dfc9ed81ba65421334767347
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.s390x.rpm SHA-256: c162ab70fcbe3e7007d81efd9309264ddab72e0be0308d6e9491e11ed0041387

Red Hat Enterprise Linux for Power, little endian 9

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
ppc64le
gvisor-tap-vsock-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d01952a8f080278c2dc3370979ced60099cb5c75ea3e951e334ad52e6a9b50be
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.ppc64le.rpm SHA-256: 381f8724a9f43f1fda581ff8e1d5a7839bedddc3634b34182d7869252a386cfe
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d6393200cd2e9475b05f182aca2784a12833de2bc2e83afc058190f7ae617111

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
ppc64le
gvisor-tap-vsock-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d01952a8f080278c2dc3370979ced60099cb5c75ea3e951e334ad52e6a9b50be
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.ppc64le.rpm SHA-256: 381f8724a9f43f1fda581ff8e1d5a7839bedddc3634b34182d7869252a386cfe
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d6393200cd2e9475b05f182aca2784a12833de2bc2e83afc058190f7ae617111

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
ppc64le
gvisor-tap-vsock-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d01952a8f080278c2dc3370979ced60099cb5c75ea3e951e334ad52e6a9b50be
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.ppc64le.rpm SHA-256: 381f8724a9f43f1fda581ff8e1d5a7839bedddc3634b34182d7869252a386cfe
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d6393200cd2e9475b05f182aca2784a12833de2bc2e83afc058190f7ae617111

Red Hat Enterprise Linux for ARM 64 9

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
aarch64
gvisor-tap-vsock-0.7.3-3.el9_4.aarch64.rpm SHA-256: bba2393a360aeecde82fe41df799f1eff18011c724da12dddcb9cb1d412a8309
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.aarch64.rpm SHA-256: 7d33948972c9e35cb23e854d39c35b1f2808cf90844769bd220e7899da51dd93
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.aarch64.rpm SHA-256: 35ee3074fa0bc2391884af85ba5a4e230d6b10d71b32b95e536b4d995d3e9bbc

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
aarch64
gvisor-tap-vsock-0.7.3-3.el9_4.aarch64.rpm SHA-256: bba2393a360aeecde82fe41df799f1eff18011c724da12dddcb9cb1d412a8309
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.aarch64.rpm SHA-256: 7d33948972c9e35cb23e854d39c35b1f2808cf90844769bd220e7899da51dd93
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.aarch64.rpm SHA-256: 35ee3074fa0bc2391884af85ba5a4e230d6b10d71b32b95e536b4d995d3e9bbc

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
aarch64
gvisor-tap-vsock-0.7.3-3.el9_4.aarch64.rpm SHA-256: bba2393a360aeecde82fe41df799f1eff18011c724da12dddcb9cb1d412a8309
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.aarch64.rpm SHA-256: 7d33948972c9e35cb23e854d39c35b1f2808cf90844769bd220e7899da51dd93
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.aarch64.rpm SHA-256: 35ee3074fa0bc2391884af85ba5a4e230d6b10d71b32b95e536b4d995d3e9bbc

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
ppc64le
gvisor-tap-vsock-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d01952a8f080278c2dc3370979ced60099cb5c75ea3e951e334ad52e6a9b50be
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.ppc64le.rpm SHA-256: 381f8724a9f43f1fda581ff8e1d5a7839bedddc3634b34182d7869252a386cfe
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d6393200cd2e9475b05f182aca2784a12833de2bc2e83afc058190f7ae617111

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
ppc64le
gvisor-tap-vsock-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d01952a8f080278c2dc3370979ced60099cb5c75ea3e951e334ad52e6a9b50be
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.ppc64le.rpm SHA-256: 381f8724a9f43f1fda581ff8e1d5a7839bedddc3634b34182d7869252a386cfe
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.ppc64le.rpm SHA-256: d6393200cd2e9475b05f182aca2784a12833de2bc2e83afc058190f7ae617111

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
x86_64
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
x86_64
gvisor-tap-vsock-0.7.3-3.el9_4.x86_64.rpm SHA-256: b6a79751a28cc1d7ad2e80975307449050487216b11cbc8db398b90c32199c31
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.x86_64.rpm SHA-256: cb4a99c9672a0565df8e5c22fbee7dc24f70b078fbe9ed74c5e0ecc02689229e
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.x86_64.rpm SHA-256: d199b369acae74380aeab0358fe6891603c3e459a3b963d47594e245fc55866d

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
aarch64
gvisor-tap-vsock-0.7.3-3.el9_4.aarch64.rpm SHA-256: bba2393a360aeecde82fe41df799f1eff18011c724da12dddcb9cb1d412a8309
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.aarch64.rpm SHA-256: 7d33948972c9e35cb23e854d39c35b1f2808cf90844769bd220e7899da51dd93
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.aarch64.rpm SHA-256: 35ee3074fa0bc2391884af85ba5a4e230d6b10d71b32b95e536b4d995d3e9bbc

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
aarch64
gvisor-tap-vsock-0.7.3-3.el9_4.aarch64.rpm SHA-256: bba2393a360aeecde82fe41df799f1eff18011c724da12dddcb9cb1d412a8309
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.aarch64.rpm SHA-256: 7d33948972c9e35cb23e854d39c35b1f2808cf90844769bd220e7899da51dd93
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.aarch64.rpm SHA-256: 35ee3074fa0bc2391884af85ba5a4e230d6b10d71b32b95e536b4d995d3e9bbc

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
s390x
gvisor-tap-vsock-0.7.3-3.el9_4.s390x.rpm SHA-256: 3bb340cd22e09787b13d9cc0cb295eecca56ee520e42d86495ea621267d0694f
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.s390x.rpm SHA-256: d7d649867915e2313585d0aff6cf658a4bdf1f44dfc9ed81ba65421334767347
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.s390x.rpm SHA-256: c162ab70fcbe3e7007d81efd9309264ddab72e0be0308d6e9491e11ed0041387

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
gvisor-tap-vsock-0.7.3-3.el9_4.src.rpm SHA-256: a9290d632adb7cc1267ba12f66418e96af7a6ed5c1102aae26536d02595a27fb
s390x
gvisor-tap-vsock-0.7.3-3.el9_4.s390x.rpm SHA-256: 3bb340cd22e09787b13d9cc0cb295eecca56ee520e42d86495ea621267d0694f
gvisor-tap-vsock-debuginfo-0.7.3-3.el9_4.s390x.rpm SHA-256: d7d649867915e2313585d0aff6cf658a4bdf1f44dfc9ed81ba65421334767347
gvisor-tap-vsock-debugsource-0.7.3-3.el9_4.s390x.rpm SHA-256: c162ab70fcbe3e7007d81efd9309264ddab72e0be0308d6e9491e11ed0041387

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.