- Issued:
- 2024-09-16
- Updated:
- 2024-09-16
RHSA-2024:6708 - Moderate: ACS 4.5 enhancement and security update
Synopsis
Moderate: ACS 4.5 enhancement and security update
Type/Severity
Security Advisory Moderate
Topic
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security and bug fixes.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This release of RHACS 4.5.2 includes the security fix for the following CVE:
- containers/image: digest type does not guarantee valid type (CVE-2024-3727)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
This release of RHACS fixes the following bugs:
-
Fixed an issue where Sensor was unable to identify OpenShift Container Platform internal registry secrets due to a change in the pull secret annotation.
-
Fixed an issue where policies incorrectly displayed an enforced value of Yes in the Configuration Management -> Application & Infrastructure -> Deployments page due to inconsistent status handling, while showing No in the Violations page.
-
Fixed an issue where vulnerability data differed between the Vulnerability Management Workload CVE pages and the deprecated Vulnerability Management dashboard due to inconsistencies in vulnerability reporting.
Solution
If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.2.
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Advanced Cluster Security for Kubernetes | 4 | x86_64 |
| Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE | 4 | s390x |
| Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian | 4 | ppc64le |
Fixes
CVEs
- CVE-2024-1737
- CVE-2024-1975
- CVE-2024-2398
- CVE-2024-3727
- CVE-2024-6345
- CVE-2024-37370
- CVE-2024-37371
- CVE-2024-37891
References
- https://access.redhat.com/security/updates/classification/#moderate
- This page is not included, but the link has been rewritten to point to the nearest parent document.This page is not included, but the link has been rewritten to point to the nearest parent document.https://docs.openshift.com/acs/4.5/release_notes/45-release-notes.html
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.