-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenShift support for Windows Containers 7.1.1 security update
Advisory ID:       RHSA-2023:4777-01
Product:           Red Hat OpenShift Enterprise
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4777
Issue date:        2023-08-28
CVE Names:         CVE-2023-3676 CVE-2023-3955 
=====================================================================

1. Summary:

The components for Red Hat OpenShift support for Windows Containers 7.1.1
are now available. This product release includes bug fixes and security
updates for the following packages: windows-machine-config-operator and
windows-machine-config-operator-bundle.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Red Hat OpenShift support for Windows Containers allows you to deploy
Windows container workloads running on Windows Server containers.

Security Fix(es):

* kubernetes: Insufficient input sanitization on Windows nodes leads to
privilege escalation (CVE-2023-3676)

* kubernetes: Insufficient input sanitization on Windows nodes leads to
privilege escalation (CVE-2023-3955)

For more details about the security issue(s), including the impact, CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

3. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2227126 - CVE-2023-3676 kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation
2227128 - CVE-2023-3955 kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation

5. References:

https://access.redhat.com/security/cve/CVE-2023-3676
https://access.redhat.com/security/cve/CVE-2023-3955
https://access.redhat.com/security/updates/classification/#important

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIbBAEBCAAGBQJk7QgFAAoJENzjgjWX9erEmqkP9inmtPoqB7oeTMo+3UfERI9+
HqA7c7OWb7VCc9KV/kkwFDh7qtEnx7qdEj1s4nht+eEyBR7nWBdZ1/WeCxgYoN8c
SBd1QFtu9rhjmfxZBeyao9BiLr4cn3d8wigNaNZ9usMbBWfEzXc/proTc0xcGB3L
hq6v/AMxxyo9iuAHUe98tJ6d39dV8rwIMn+Aw8A4vRocdtHK6mOmLUCKqHtaxJ6W
2E0rBZFbjo9icuPbe4WaHAJlMXX9UAiK//5N8aCohOtTnoCv2dT5nnyYWWQw/4Ip
CkpAkWakIX0pDlQB7nTcCdtYBggb33zZFR/Ft5W4KJZVDyKiwaP+JpyZQxi6go6X
0XJhHoRxwvn6URaplhtyuEZeFi8Z5vdzH6zDRhMxD6zhOe0JR2xGZEuKLksQp+ZF
Y3NftucitelDvtfjMdovUXMMvEJVs+CtXJns/FfUI/XCQFZOF9kmI008rApvcVWZ
W5xw3AC5SGAru8rot2sBcw/eYHf/Q/7vk6mXw/Z1J+FE7zTui2F4fD3XM9+TlOsG
UgOj6ZSEdTvdW8oZ92sMXYGqsIbAkkynL+J4uKphi4jDQyLIEKgymvh0mkOXNMeD
ZAh8Ms5e25fi8rQBB9Q19LBKuEuQQhSzMubwigCePXARdJEunTLTMXW9UFCVrrJ2
0/IqW7z1YqqLbnq6sCU=
=2xCj
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2023-4777:01 Important: Red Hat OpenShift support for Windows

The components for Red Hat OpenShift support for Windows Containers 7.1.1 are now available

Summary

Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.
Security Fix(es):
* kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation (CVE-2023-3676)
* kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation (CVE-2023-3955)
For more details about the security issue(s), including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Summary


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2023-3676 https://access.redhat.com/security/cve/CVE-2023-3955 https://access.redhat.com/security/updates/classification/#important

Package List


Severity
Advisory ID: RHSA-2023:4777-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:4777
Issued Date: : 2023-08-28
CVE Names: CVE-2023-3676 CVE-2023-3955

Topic

The components for Red Hat OpenShift support for Windows Containers 7.1.1are now available. This product release includes bug fixes and securityupdates for the following packages: windows-machine-config-operator andwindows-machine-config-operator-bundle.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures


Bugs Fixed

2227126 - CVE-2023-3676 kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation

2227128 - CVE-2023-3955 kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation


Related News

22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved