Rsyslog vulnerability impact on ROSA/OSD/ARO Cluster
Environment
- Red Hat OpenShift Service on AWS (ROSA) 4
- Red Hat OpenShift Dedicated (OSD) 4
- Openshift Azure ( ARO) 4
Issue
- Router Container image is having the rsyslog rpm package installed with lower version.
- Need to know the impact of the vulnerability due to this on the cluster.
Resolution
Rsyslog rpm package is installed in the router container image but it is not in the running state . So this vulnerability won't have any affect on the cluster.
Root Cause
Router Container image is having the rsyslog rpm package installed with version 0:8.1911.0-7.el8_4.3
According to the Rsyslog Vulnerability , If the rsyslog rpm version is lower than 0:8.2102.0-7.el8_6.1, then the system would be affected by this vulnerability.
Diagnostic Steps
-
You can go to the project 'openshift-ingress'
$ oc project openshift-ingress -
Check the running router pods and rsh into the pod
$ oc get po $ oc rsh router-default-xxxx-xxxx sh -
Run the below command to check the package installed inside the pod terminal
$ rpm -qa | grep rsyslog rsyslog-8.1911.0-7.el8_4.3.x86_64
As we can see , the rsyslog rpm version is lower than 0:8.2102.0-7.el8_6.1 .
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments