Headline
RHSA-2022:0871: Red Hat Security Advisory: OpenShift Container Platform 4.8.35 security update
Red Hat OpenShift Container Platform release 4.8.35 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-0811: CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-03-22
Updated:
2022-03-22
RHSA-2022:0871 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: OpenShift Container Platform 4.8.35 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
Red Hat OpenShift Container Platform release 4.8.35 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.35. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2022:0872
Security Fix(es):
- CRI-O: Arbitrary code execution in cri-o via abusing
“kernel.core_pattern” kernel parameter (CVE-2022-0811)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.8 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.8 for RHEL 7 x86_64
- Red Hat OpenShift Container Platform for Power 4.8 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.8 for RHEL 8 s390x
Fixes
- BZ - 2059475 - CVE-2022-0811 CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter
- BZ - 2064010 - Placeholder bug for OCP 4.8.0 rpm release
Red Hat OpenShift Container Platform 4.8 for RHEL 8
SRPM
cri-o-1.21.5-3.rhaos4.8.gitaf64931.el8.src.rpm
SHA-256: 0f083ae5e3d4a1b88710782b2ff371ec20f102d05b924a75e9b3ad9ffc20f83b
jenkins-2-plugins-4.8.1646993358-1.el8.src.rpm
SHA-256: c8ec872e3ff51d84c959de66d92d8efcbcc927ada923f307531529f82964084f
openshift-4.8.0-202203100757.p0.gee73ea2.assembly.stream.el8.src.rpm
SHA-256: 2f508b84f5426acbd23a1c34509ce800fbd9e2eb193678473a2543c77c9c5e8c
x86_64
cri-o-1.21.5-3.rhaos4.8.gitaf64931.el8.x86_64.rpm
SHA-256: 6ca68c78bc4446c10a173bb78532bb829a2f683092524412dd589447fe0bee12
cri-o-debuginfo-1.21.5-3.rhaos4.8.gitaf64931.el8.x86_64.rpm
SHA-256: a19739f4daf08757f040d11562bfff1873e69fbda1fed7189b77b502a26698a2
cri-o-debugsource-1.21.5-3.rhaos4.8.gitaf64931.el8.x86_64.rpm
SHA-256: 030a2c0af06ef4230d8bb5bf5699ce5b4029d22a092d6dc411b319436aef8bce
jenkins-2-plugins-4.8.1646993358-1.el8.noarch.rpm
SHA-256: 5e20074b58162e4d5d9e4f9f93ef7cfa3c7a96c78c6ca9b383ca7ff52a8c597b
openshift-hyperkube-4.8.0-202203100757.p0.gee73ea2.assembly.stream.el8.x86_64.rpm
SHA-256: bfb14770cbb9ccfaad758941a268da666abf961536995ddac84b750f14206bfd
Red Hat OpenShift Container Platform 4.8 for RHEL 7
SRPM
cri-o-1.21.5-3.rhaos4.8.gitaf64931.el7.src.rpm
SHA-256: c0da7437317079e34205fbc173c2fafb242be62f6fd187dd6ddba483139ce279
openshift-4.8.0-202203100757.p0.gee73ea2.assembly.stream.el7.src.rpm
SHA-256: fe744e72c9df0faeb7ab3e6f5902043b3bb318c8bee54690eb61860b96715533
openshift-ansible-4.8.0-202203100145.p0.gfccb320.assembly.stream.el7.src.rpm
SHA-256: 1bc26d134b4967aba26383a1d2fb709097df1ac4cd72b566c3db1a99eb1e7498
x86_64
cri-o-1.21.5-3.rhaos4.8.gitaf64931.el7.x86_64.rpm
SHA-256: 844eef69055999dfad8866c1a2ba97bfa6dc01596813830b17e4598f67f6479f
cri-o-debuginfo-1.21.5-3.rhaos4.8.gitaf64931.el7.x86_64.rpm
SHA-256: a4834bc9011f0c2afc78b1344237c9bb62485acc28f8d17224745267c92fb9e5
openshift-ansible-4.8.0-202203100145.p0.gfccb320.assembly.stream.el7.noarch.rpm
SHA-256: c6fd4a78e49feffb63ac1e4edf2d9c19ae8605c5adca57bee59e9a6b508043b5
openshift-ansible-test-4.8.0-202203100145.p0.gfccb320.assembly.stream.el7.noarch.rpm
SHA-256: e8344a006247896f5d03c9e1fa78b7bb6c509315266a739910485486c8a122bd
openshift-hyperkube-4.8.0-202203100757.p0.gee73ea2.assembly.stream.el7.x86_64.rpm
SHA-256: a9ea316d684bcc4410d822fd118da3fa92a943f21b8d45b663d2d6497e485bae
Red Hat OpenShift Container Platform for Power 4.8 for RHEL 8
SRPM
cri-o-1.21.5-3.rhaos4.8.gitaf64931.el8.src.rpm
SHA-256: 0f083ae5e3d4a1b88710782b2ff371ec20f102d05b924a75e9b3ad9ffc20f83b
jenkins-2-plugins-4.8.1646993358-1.el8.src.rpm
SHA-256: c8ec872e3ff51d84c959de66d92d8efcbcc927ada923f307531529f82964084f
openshift-4.8.0-202203100757.p0.gee73ea2.assembly.stream.el8.src.rpm
SHA-256: 2f508b84f5426acbd23a1c34509ce800fbd9e2eb193678473a2543c77c9c5e8c
ppc64le
cri-o-1.21.5-3.rhaos4.8.gitaf64931.el8.ppc64le.rpm
SHA-256: 16583d81367cab64f596e70e1af902610b4338185df9f9b69137d1b9b4b83ae9
cri-o-debuginfo-1.21.5-3.rhaos4.8.gitaf64931.el8.ppc64le.rpm
SHA-256: dd137f98337d274a0c98c5231a993363035873b8be00846f34114fb91334a544
cri-o-debugsource-1.21.5-3.rhaos4.8.gitaf64931.el8.ppc64le.rpm
SHA-256: e4d7dff0fd9c4c04f15175a9b4871055912f479b7840291ec1cc3500c3b32dc8
jenkins-2-plugins-4.8.1646993358-1.el8.noarch.rpm
SHA-256: 5e20074b58162e4d5d9e4f9f93ef7cfa3c7a96c78c6ca9b383ca7ff52a8c597b
openshift-hyperkube-4.8.0-202203100757.p0.gee73ea2.assembly.stream.el8.ppc64le.rpm
SHA-256: 730e7d36ce84458332472eed25cacd611b5103fe1b37d744034db66f6e1daf04
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.8 for RHEL 8
SRPM
cri-o-1.21.5-3.rhaos4.8.gitaf64931.el8.src.rpm
SHA-256: 0f083ae5e3d4a1b88710782b2ff371ec20f102d05b924a75e9b3ad9ffc20f83b
jenkins-2-plugins-4.8.1646993358-1.el8.src.rpm
SHA-256: c8ec872e3ff51d84c959de66d92d8efcbcc927ada923f307531529f82964084f
openshift-4.8.0-202203100757.p0.gee73ea2.assembly.stream.el8.src.rpm
SHA-256: 2f508b84f5426acbd23a1c34509ce800fbd9e2eb193678473a2543c77c9c5e8c
s390x
cri-o-1.21.5-3.rhaos4.8.gitaf64931.el8.s390x.rpm
SHA-256: 51a4e014341936ebef8cf27a374c7855dce20a3e2d2ad90a15b6995518b2113d
cri-o-debuginfo-1.21.5-3.rhaos4.8.gitaf64931.el8.s390x.rpm
SHA-256: 401fe8a993dc79b7ab9404cf5ad6dd6df51639b839b75bd4f848e92c497211ea
cri-o-debugsource-1.21.5-3.rhaos4.8.gitaf64931.el8.s390x.rpm
SHA-256: b4b429929f0a8a3e14d9ad671311fd537b0c51672a2b039637abd3e40a8f3068
jenkins-2-plugins-4.8.1646993358-1.el8.noarch.rpm
SHA-256: 5e20074b58162e4d5d9e4f9f93ef7cfa3c7a96c78c6ca9b383ca7ff52a8c597b
openshift-hyperkube-4.8.0-202203100757.p0.gee73ea2.assembly.stream.el8.s390x.rpm
SHA-256: 8aa07dbc2e6231b1c0e31bccb5ddb89b4fa25b9e2e053b5a5e934cda740490db
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.