RHSA-2024:0045

See a problem?
Please try reporting it to the source first.

Source

https://access.redhat.com/errata/RHSA-2024:0045

Import Source

https://security.access.redhat.com/data/osv/RHSA-2024:0045.json

JSON Data

https://api.test.osv.dev/v1/vulns/RHSA-2024:0045

Upstream

CVE-2023-29483

CVE-2023-45289

CVE-2023-45290

CVE-2024-24783

CVE-2024-24784

CVE-2024-24785

CVE-2024-24786

CVE-2024-28176

CVE-2024-3727

Related

Published

2024-10-02T11:03:00Z

Modified

2025-09-25T10:09:24Z

Severity

8.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H CVSS Calculator

Summary

Red Hat Security Advisory: OpenShift Container Platform 4.16.0 security update

Details

References

Affected packages

Red Hat:openshift:4.16::el8

openshift

Package

Name: openshift
Purl: pkg:rpm/redhat/openshift

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el8

openshift-hyperkube

Package

Name: openshift-hyperkube
Purl: pkg:rpm/redhat/openshift-hyperkube

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el8

openshift-kube-apiserver

Package

Name: openshift-kube-apiserver
Purl: pkg:rpm/redhat/openshift-kube-apiserver

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el8

openshift-kube-controller-manager

Package

Name: openshift-kube-controller-manager
Purl: pkg:rpm/redhat/openshift-kube-controller-manager

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el8

openshift-kube-scheduler

Package

Name: openshift-kube-scheduler
Purl: pkg:rpm/redhat/openshift-kube-scheduler

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el8

openshift-kubelet

Package

Name: openshift-kubelet
Purl: pkg:rpm/redhat/openshift-kubelet

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el8

ose-azure-acr-image-credential-provider

Package

Name: ose-azure-acr-image-credential-provider
Purl: pkg:rpm/redhat/ose-azure-acr-image-credential-provider

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202404301345.p0.g0e95532.assembly.stream.el8

butane

Package

Name: butane
Purl: pkg:rpm/redhat/butane

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.21.0-1.rhaos4.16.el8

butane-debuginfo

Package

Name: butane-debuginfo
Purl: pkg:rpm/redhat/butane-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.21.0-1.rhaos4.16.el8

butane-debugsource

Package

Name: butane-debugsource
Purl: pkg:rpm/redhat/butane-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.21.0-1.rhaos4.16.el8

butane-redistributable

Package

Name: butane-redistributable
Purl: pkg:rpm/redhat/butane-redistributable

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.21.0-1.rhaos4.16.el8

cri-o

Package

Name: cri-o
Purl: pkg:rpm/redhat/cri-o

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.5-5.rhaos4.16.git7032128.el8

cri-o-debuginfo

Package

Name: cri-o-debuginfo
Purl: pkg:rpm/redhat/cri-o-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.5-5.rhaos4.16.git7032128.el8

cri-o-debugsource

Package

Name: cri-o-debugsource
Purl: pkg:rpm/redhat/cri-o-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.5-5.rhaos4.16.git7032128.el8

cri-tools

Package

Name: cri-tools
Purl: pkg:rpm/redhat/cri-tools

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.0-3.1.el8

cri-tools-debuginfo

Package

Name: cri-tools-debuginfo
Purl: pkg:rpm/redhat/cri-tools-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.0-3.1.el8

cri-tools-debugsource

Package

Name: cri-tools-debugsource
Purl: pkg:rpm/redhat/cri-tools-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.0-3.1.el8

ose-aws-ecr-image-credential-provider

Package

Name: ose-aws-ecr-image-credential-provider
Purl: pkg:rpm/redhat/ose-aws-ecr-image-credential-provider

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202405311136.p0.ga53e9de.assembly.stream.el8

ose-gcp-gcr-image-credential-provider

Package

Name: ose-gcp-gcr-image-credential-provider
Purl: pkg:rpm/redhat/ose-gcp-gcr-image-credential-provider

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202404181812.p0.g26b43df.assembly.stream.el8

podman

Package

Name: podman
Purl: pkg:rpm/redhat/podman

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-catatonit

Package

Name: podman-catatonit
Purl: pkg:rpm/redhat/podman-catatonit

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-catatonit-debuginfo

Package

Name: podman-catatonit-debuginfo
Purl: pkg:rpm/redhat/podman-catatonit-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-debuginfo

Package

Name: podman-debuginfo
Purl: pkg:rpm/redhat/podman-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-debugsource

Package

Name: podman-debugsource
Purl: pkg:rpm/redhat/podman-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-docker

Package

Name: podman-docker
Purl: pkg:rpm/redhat/podman-docker

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-gvproxy

Package

Name: podman-gvproxy
Purl: pkg:rpm/redhat/podman-gvproxy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-gvproxy-debuginfo

Package

Name: podman-gvproxy-debuginfo
Purl: pkg:rpm/redhat/podman-gvproxy-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-plugins

Package

Name: podman-plugins
Purl: pkg:rpm/redhat/podman-plugins

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-plugins-debuginfo

Package

Name: podman-plugins-debuginfo
Purl: pkg:rpm/redhat/podman-plugins-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-remote

Package

Name: podman-remote
Purl: pkg:rpm/redhat/podman-remote

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-remote-debuginfo

Package

Name: podman-remote-debuginfo
Purl: pkg:rpm/redhat/podman-remote-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

podman-tests

Package

Name: podman-tests
Purl: pkg:rpm/redhat/podman-tests

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el8

skopeo

Package

Name: skopeo
Purl: pkg:rpm/redhat/skopeo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.14.4-1.rhaos4.16.el8

skopeo-tests

Package

Name: skopeo-tests
Purl: pkg:rpm/redhat/skopeo-tests

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.14.4-1.rhaos4.16.el8

runc

Package

Name: runc
Purl: pkg:rpm/redhat/runc

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:1.1.12-3.1.rhaos4.16.el8

runc-debuginfo

Package

Name: runc-debuginfo
Purl: pkg:rpm/redhat/runc-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:1.1.12-3.1.rhaos4.16.el8

runc-debugsource

Package

Name: runc-debugsource
Purl: pkg:rpm/redhat/runc-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:1.1.12-3.1.rhaos4.16.el8

Red Hat:openshift:4.16::el9

openshift

Package

Name: openshift
Purl: pkg:rpm/redhat/openshift

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9

openshift-hyperkube

Package

Name: openshift-hyperkube
Purl: pkg:rpm/redhat/openshift-hyperkube

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9

openshift-kube-apiserver

Package

Name: openshift-kube-apiserver
Purl: pkg:rpm/redhat/openshift-kube-apiserver

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9

openshift-kube-controller-manager

Package

Name: openshift-kube-controller-manager
Purl: pkg:rpm/redhat/openshift-kube-controller-manager

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9

openshift-kube-scheduler

Package

Name: openshift-kube-scheduler
Purl: pkg:rpm/redhat/openshift-kube-scheduler

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9

openshift-kubelet

Package

Name: openshift-kubelet
Purl: pkg:rpm/redhat/openshift-kubelet

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9

ose-azure-acr-image-credential-provider

Package

Name: ose-azure-acr-image-credential-provider
Purl: pkg:rpm/redhat/ose-azure-acr-image-credential-provider

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202404301345.p0.g0e95532.assembly.stream.el9

cri-o

Package

Name: cri-o
Purl: pkg:rpm/redhat/cri-o

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.5-5.rhaos4.16.git7032128.el9

cri-o-debuginfo

Package

Name: cri-o-debuginfo
Purl: pkg:rpm/redhat/cri-o-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.5-5.rhaos4.16.git7032128.el9

cri-o-debugsource

Package

Name: cri-o-debugsource
Purl: pkg:rpm/redhat/cri-o-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.5-5.rhaos4.16.git7032128.el9

cri-tools

Package

Name: cri-tools
Purl: pkg:rpm/redhat/cri-tools

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.0-3.1.el9

cri-tools-debuginfo

Package

Name: cri-tools-debuginfo
Purl: pkg:rpm/redhat/cri-tools-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.0-3.1.el9

cri-tools-debugsource

Package

Name: cri-tools-debugsource
Purl: pkg:rpm/redhat/cri-tools-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.29.0-3.1.el9

golang-github-prometheus-promu

Package

Name: golang-github-prometheus-promu
Purl: pkg:rpm/redhat/golang-github-prometheus-promu

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.15.0-15.2.gitd5383c5.el9

openshift-prometheus-promu

Package

Name: openshift-prometheus-promu
Purl: pkg:rpm/redhat/openshift-prometheus-promu

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.15.0-15.2.gitd5383c5.el9

ose-aws-ecr-image-credential-provider

Package

Name: ose-aws-ecr-image-credential-provider
Purl: pkg:rpm/redhat/ose-aws-ecr-image-credential-provider

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202405311136.p0.ga53e9de.assembly.stream.el9

ose-gcp-gcr-image-credential-provider

Package

Name: ose-gcp-gcr-image-credential-provider
Purl: pkg:rpm/redhat/ose-gcp-gcr-image-credential-provider

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.16.0-202404181812.p0.g26b43df.assembly.stream.el9

podman

Package

Name: podman
Purl: pkg:rpm/redhat/podman

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el9

podman-debuginfo

Package

Name: podman-debuginfo
Purl: pkg:rpm/redhat/podman-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el9

podman-debugsource

Package

Name: podman-debugsource
Purl: pkg:rpm/redhat/podman-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el9

podman-docker

Package

Name: podman-docker
Purl: pkg:rpm/redhat/podman-docker

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el9

podman-plugins

Package

Name: podman-plugins
Purl: pkg:rpm/redhat/podman-plugins

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el9

podman-plugins-debuginfo

Package

Name: podman-plugins-debuginfo
Purl: pkg:rpm/redhat/podman-plugins-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el9

podman-remote

Package

Name: podman-remote
Purl: pkg:rpm/redhat/podman-remote

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el9

podman-remote-debuginfo

Package

Name: podman-remote-debuginfo
Purl: pkg:rpm/redhat/podman-remote-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el9

podman-tests

Package

Name: podman-tests
Purl: pkg:rpm/redhat/podman-tests

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:4.9.4-5.1.rhaos4.16.el9

skopeo

Package

Name: skopeo
Purl: pkg:rpm/redhat/skopeo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.14.4-1.rhaos4.16.el9

skopeo-debuginfo

Package

Name: skopeo-debuginfo
Purl: pkg:rpm/redhat/skopeo-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.14.4-1.rhaos4.16.el9

skopeo-debugsource

Package

Name: skopeo-debugsource
Purl: pkg:rpm/redhat/skopeo-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.14.4-1.rhaos4.16.el9

skopeo-tests

Package

Name: skopeo-tests
Purl: pkg:rpm/redhat/skopeo-tests

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.14.4-1.rhaos4.16.el9

runc

Package

Name: runc
Purl: pkg:rpm/redhat/runc

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:1.1.12-3.1.rhaos4.16.el9

runc-debuginfo

Package

Name: runc-debuginfo
Purl: pkg:rpm/redhat/runc-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:1.1.12-3.1.rhaos4.16.el9

runc-debugsource

Package

Name: runc-debugsource
Purl: pkg:rpm/redhat/runc-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:1.1.12-3.1.rhaos4.16.el9

ignition

Package

Name: ignition
Purl: pkg:rpm/redhat/ignition

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.18.0-2.1.rhaos4.16.el9

ignition-debuginfo

Package

Name: ignition-debuginfo
Purl: pkg:rpm/redhat/ignition-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.18.0-2.1.rhaos4.16.el9

ignition-debugsource

Package

Name: ignition-debugsource
Purl: pkg:rpm/redhat/ignition-debugsource

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.18.0-2.1.rhaos4.16.el9

ignition-validate

Package

Name: ignition-validate
Purl: pkg:rpm/redhat/ignition-validate

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.18.0-2.1.rhaos4.16.el9

ignition-validate-debuginfo

Package

Name: ignition-validate-debuginfo
Purl: pkg:rpm/redhat/ignition-validate-debuginfo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.18.0-2.1.rhaos4.16.el9

Red Hat:openshift_ironic:4.16::el9

python-eventlet

Package

Name: python-eventlet
Purl: pkg:rpm/redhat/python-eventlet

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.33.1-6.el9

python3-eventlet

Package

Name: python3-eventlet
Purl: pkg:rpm/redhat/python3-eventlet

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.33.1-6.el9