-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenShift support for Windows Containers 6.0.2 security update
Advisory ID:       RHSA-2023:4780-01
Product:           Red Hat OpenShift Enterprise
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4780
Issue date:        2023-08-28
CVE Names:         CVE-2023-3676 CVE-2023-3955 
=====================================================================

1. Summary:

The components for Red Hat OpenShift support for Windows Containers 6.0.2
are now available. This product release includes bug fixes and security
updates for the following packages: windows-machine-config-operator and
windows-machine-config-operator-bundle.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Red Hat OpenShift support for Windows Containers allows you to deploy
Windows container workloads running on Windows Server containers.

Security Fix(es):

* kubernetes: Insufficient input sanitization on Windows nodes leads to
privilege escalation (CVE-2023-3676)

* kubernetes: Insufficient input sanitization on Windows nodes leads to
privilege escalation (CVE-2023-3955)

For more details about the security issue(s), including the impact, CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

3. Solution:

For Windows Machine Config Operator upgrades, see the following
documentation:
https://docs.openshift.com/container-platform/4.14/windows_containers/windows-node-upgrades.html

4. Bugs fixed (https://bugzilla.redhat.com/):

2227126 - CVE-2023-3676 kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation
2227128 - CVE-2023-3955 kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation

5. References:

https://access.redhat.com/security/cve/CVE-2023-3676
https://access.redhat.com/security/cve/CVE-2023-3955
https://access.redhat.com/security/updates/classification/#important

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJk7QgkAAoJENzjgjWX9erEUu4P/2Hvmeyg0jHQw2rLQ1ED3dX0
kptdygVzvyG+z1Pp8iweV07E/9BGA1EyzF48mZJFH97j8fHXHSJQMfq9oGNzl32H
T3p+WgELIUK9i7xiXRm18vma4ROIcXyUVI3Z2rKxqfDaeQa3+5C5BafFku+cXp6l
Dh5k7nl2cImTpHqgqS95W82H1SIHzcgfORWRpPxzfFIyPSajXHZSHSfpY0XnPcRK
kRetszPrvTrO4ISE7JM29kQVmz3DBNLtjTKpTYG1mT4yCB5qVsWShwZBEqs3X30y
3eSPD1YREzUyP2bhgU8/RS09wxxbo00XJT5gqDZG6A9evM1yhbf4SuoTUl0+CuyU
AT+qaLZ6HUbJavEkSqmkbtayg4uS/E87gKl3x/542TzmuK9hoFCJOnY4aPsfUkWu
teIVxcp8egLWm4K4pjQq2yBErPmsbge+KI2RI3dlgdY35ZXU3bw3nxczVM6dBVfO
A/51iXilr4zKtlI/REYPiAm4Q3eBIZ/B8EgmDjV4O+qduK0kO6jgK60Qg0DFxFe7
ZUTdnErMGiSzREMwVygNVL7p0OKKdvlA18D7vI6Nu48YPl4hXYgEPE2k9p/HfNJi
WUqJzw9rYp8dxNeyfG1zIUEcPzjgL0YlnAOG25nAQcxTYdScKbzoAzhXxdPOl8Io
B4qqW7RTnAQxucT/TlbG
=Yghj
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2023-4780:01 Important: Red Hat OpenShift support for Windows

The components for Red Hat OpenShift support for Windows Containers 6.0.2 are now available

Summary

Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.
Security Fix(es):
* kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation (CVE-2023-3676)
* kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation (CVE-2023-3955)
For more details about the security issue(s), including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Summary


Solution

For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/4.14/windows_containers/windows-node-upgrades.html

References

https://access.redhat.com/security/cve/CVE-2023-3676 https://access.redhat.com/security/cve/CVE-2023-3955 https://access.redhat.com/security/updates/classification/#important

Package List


Severity
Advisory ID: RHSA-2023:4780-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:4780
Issued Date: : 2023-08-28
CVE Names: CVE-2023-3676 CVE-2023-3955

Topic

The components for Red Hat OpenShift support for Windows Containers 6.0.2are now available. This product release includes bug fixes and securityupdates for the following packages: windows-machine-config-operator andwindows-machine-config-operator-bundle.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures


Bugs Fixed

2227126 - CVE-2023-3676 kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation

2227128 - CVE-2023-3955 kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation


Related News

8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved