- Vulnerability/
- RHSA-2023:1014
RHSA-2023:1014: Important: Red Hat OpenStack Platform 17.0 (etcd) security update
First published: Tue Feb 28 2023(Updated: )
A highly-available key value store for shared configuration<br>Security Fix(es):<br><li> Improve heuristics preventing CPU/memory abuse by parsing malicious or</li> large YAML documents (CVE-2022-3064)<br>For more details about the security issue(s), including the impact, a CVSS<br>score, acknowledgments, and other related information, refer to the CVE<br>page listed in the References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/etcd | <3.4.14-3.el9 | 3.4.14-3.el9 |
| redhat/etcd-debuginfo | <3.4.14-3.el9 | 3.4.14-3.el9 |
| redhat/etcd-debugsource | <3.4.14-3.el9 | 3.4.14-3.el9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of RHSA-2023:1014?
The severity of RHSA-2023:1014 is classified as important.
How do I fix RHSA-2023:1014?
To fix RHSA-2023:1014, update etcd and related packages to version 3.4.14-3.el9.
What vulnerability is addressed by RHSA-2023:1014?
RHSA-2023:1014 addresses CPU and memory abuse vulnerabilities arising from parsing malicious or large YAML documents (CVE-2022-3064).
What packages are affected by RHSA-2023:1014?
The affected packages in RHSA-2023:1014 include etcd, etcd-debuginfo, and etcd-debugsource.
Is there a workaround for RHSA-2023:1014?
Currently, no specific workaround is provided for RHSA-2023:1014; the recommended action is to apply the patch.
- agent/severity
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/remedy
- agent/title
- agent/references
- agent/description
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2023:1014
- agent/software-canonical-lookup
- agent/event
- agent/trending
- agent/tags
- agent/source
- package-manager/redhat