- Vulnerability/
- RHSA-2022:9096
RHSA-2022:9096: Moderate: Red Hat OpenShift support for Windows Containers 7.0.0 [security update]
First published: Mon Jan 30 2023(Updated: )
Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.<br>Security Fix(es):<br><li> prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)</li> <li> golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)</li> <li> kubelet: runAsNonRoot logic bypass for Windows containers (CVE-2021-25749)</li> For more details about the security issue(s), including the impact, a CVSS<br>score, acknowledgments, and other related information, refer to the CVE page(s)<br>listed in the References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat OpenShift Container Platform |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2045880
- https://bugzilla.redhat.com/show_bug.cgi?id=2064702
- https://bugzilla.redhat.com/show_bug.cgi?id=2107261
- https://bugzilla.redhat.com/show_bug.cgi?id=2127808
- https://issues.redhat.com/browse/WINC-740
- https://issues.redhat.com/browse/WINC-830
- https://issues.redhat.com/browse/WINC-738
- https://issues.redhat.com/browse/WINC-888
- https://issues.redhat.com/browse/WINC-739
- https://issues.redhat.com/browse/OCPBUGS-3509
- https://issues.redhat.com/browse/WINC-732
- https://issues.redhat.com/browse/WINC-949
- https://issues.redhat.com/browse/OCPBUGS-4092
- https://issues.redhat.com/browse/OCPBUGS-3573
- https://issues.redhat.com/browse/WINC-713
- https://issues.redhat.com/browse/WINC-718
- https://issues.redhat.com/browse/WINC-731
- https://issues.redhat.com/browse/WINC-737
- https://issues.redhat.com/browse/WINC-815
- https://issues.redhat.com/browse/WINC-848
- https://issues.redhat.com/browse/WINC-873
- https://issues.redhat.com/browse/WINC-874
- https://issues.redhat.com/browse/WINC-927
- https://issues.redhat.com/browse/WINC-941
- https://issues.redhat.com/browse/OCPBUGS-5803
- https://issues.redhat.com/browse/OCPBUGS-5749
- https://issues.redhat.com/browse/WINC-957
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/errata/RHSA-2022:9096 (Advisory)
Frequently Asked Questions
What is the severity of RHSA-2022:9096?
The severity of RHSA-2022:9096 is categorized as a critical vulnerability.
How do I fix RHSA-2022:9096?
To fix RHSA-2022:9096, it is recommended to update the affected packages to their latest versions.
What vulnerabilities are addressed in RHSA-2022:9096?
RHSA-2022:9096 addresses vulnerabilities including CVE-2022-21698 related to denial of service in prometheus/client_golang.
Which software is affected by RHSA-2022:9096?
RHSA-2022:9096 affects Red Hat OpenShift and its components that support Windows Containers.
Is there a known workaround for RHSA-2022:9096?
No specific workarounds are provided for RHSA-2022:9096 and updating is the best recommended solution.
- agent/severity
- agent/type
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2022:9096
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/trending
- agent/title
- agent/remedy
- agent/references
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/red hat openshift container platform