Issued:: 2024-11-13
Updated:: 2024-11-13

RHSA-2024:9485 - Important: Control plane Operators for RHOSO 18.0.3 Feature Release 1 - security update

Synopsis

Important: Control plane Operators for RHOSO 18.0.3 (Feature Release 1) security update

Type/Severity

Security Advisory Important

Topic

Control plane Operators for RHOSO 18.0.3 (Feature Release 1).

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Security fix(es):

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. (CVE-2024-34156)
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded. (CVE-2023-45289)
When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permitted a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. (CVE-2023-45290)
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. (CVE-2024-24783)
The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers. (CVE-2024-24784)
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. (CVE-2024-24785)
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop. (CVE-2024-24788)
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. (CVE-2024-34155)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.

Solution

RHOSO OpenStack Podified Control Plane Operators

Affected Products

Product	Version	Arch
Red Hat OpenStack Services on OpenShift Podifed Operators	1.0	x86_64

Fixes

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.