access.redhat.com
Open in
urlscan Pro
2600:1408:ec00:b::1730:cbab
Public Scan
URL:
https://access.redhat.com/errata/RHSA-2024:4697
Submission: On July 30 via api from BE — Scanned from US
Submission: On July 30 via api from BE — Scanned from US
Form analysis 1 forms found in the DOM
Name: topSearchForm — GET /search/browse/search/
<form class="ng-pristine ng-valid topSearchForm" id="topSearchForm" name="topSearchForm" action="/search/browse/search/" method="get" enctype="application/x-www-form-urlencoded">
<cp-search-autocomplete class="push-bottom PFElement" path="/webassets/avalon/j/data.json" num-items="5" placeholder="Enter your search term" pfelement="" type="container"></cp-search-autocomplete>
<div> Or <a href="/support/cases/#/troubleshoot">troubleshoot an issue</a>. </div>
</form>Text Content
Note: Our personalized web services require that your browser be enabled for
JavaScript and cookies
Skip to navigation Skip to main content
UTILITIES
* Subscriptions
* Downloads
* Red Hat Console
* Get Support
* Subscriptions
* Downloads
* Red Hat Console
* Get Support
* Products
TOP PRODUCTS
* Red Hat Enterprise Linux
* Red Hat OpenShift
* Red Hat Ansible Automation Platform
All Products
DOWNLOADS AND CONTAINERS
* Downloads
* Packages
* Containers
TOP RESOURCES
* Documentation
* Product Life Cycles
* Product Compliance
* Errata
* Knowledge
RED HAT KNOWLEDGE CENTER
* Knowledgebase Solutions
* Knowledgebase Articles
* Customer Portal Labs
* Errata
TOP PRODUCT DOCS
* Red Hat Enterprise Linux
* Red Hat OpenShift
* Red Hat Ansible Automation Platform
All Product Docs
TRAINING AND CERTIFICATION
* About
* Course Index
* Certification Index
* Skill Assessment
* Security
RED HAT PRODUCT SECURITY CENTER
* Security Updates
* Security Advisories
* Red Hat CVE Database
* Errata
REFERENCES
* Security Bulletins
* Security Classifications
* Severety Ratings
* Security Data
TOP RESOURCES
* Security Labs
* Backporting Policies
* Security Blog
* Support
RED HAT SUPPORT
* Support Cases
* Troubleshoot
* Get Support
* Contact Red Hat Support
RED HAT COMMUNITY SUPPORT
* Customer Portal Community
* Community Discussions
* Customer Portal Announcements
* Red Hat Accelerator Program
TOP RESOURCES
* Product Life Cycles
* Customer Portal Labs
* Red Hat JBoss Supported Configurations
* Red Hat Insights
Or troubleshoot an issue.
English
SELECT YOUR LANGUAGE
* English
* Français
* 한국어
* 日本語
* 中文 (中国)
Infrastructure and Management
* Red Hat Enterprise Linux
* Red Hat Satellite
* Red Hat Subscription Management
* Red Hat Insights
* Red Hat Ansible Automation Platform
Cloud Computing
* Red Hat OpenShift
* Red Hat OpenStack Platform
* Red Hat OpenShift
* Red Hat OpenShift AI
* Red Hat OpenShift Dedicated
* Red Hat Advanced Cluster Security for Kubernetes
* Red Hat Advanced Cluster Management for Kubernetes
* Red Hat Quay
* Red Hat OpenShift Dev Spaces
* Red Hat OpenShift Service on AWS
Storage
* Red Hat Gluster Storage
* Red Hat Hyperconverged Infrastructure
* Red Hat Ceph Storage
* Red Hat OpenShift Data Foundation
Runtimes
* Red Hat Runtimes
* Red Hat JBoss Enterprise Application Platform
* Red Hat Data Grid
* Red Hat JBoss Web Server
* Red Hat build of Keycloak
* Red Hat support for Spring Boot
* Red Hat build of Node.js
* Red Hat build of Quarkus
Integration and Automation
* Red Hat Application Foundations
* Red Hat Fuse
* Red Hat AMQ
* Red Hat 3scale API Management
All Products
All Red Hat
QUICK LINKS: REDHAT.COM, CUSTOMER PORTAL, RED HAT'S DEVELOPER SITE, RED HAT'S
PARTNER SITE.
* You are here
RED HAT
Learn about our open source products, services, and company.
* You are here
RED HAT CUSTOMER PORTAL
Get product support and knowledge from the open source experts.
* You are here
RED HAT DEVELOPER
Read developer tutorials and download Red Hat software for cloud application
development.
* You are here
RED HAT PARTNER CONNECT
Get training, subscriptions, certifications, and more for partners to build,
sell, and support customer solutions.
PRODUCTS & TOOLS
* ANSIBLE.COM
Learn about and try our IT automation product.
* RED HAT ECOSYSTEM CATALOG
Find hardware, software, and cloud providers―and download container
images―certified to perform with Red Hat technologies.
TRY, BUY, & SELL
* RED HAT HYBRID CLOUD CONSOLE
Access technical how-tos, tutorials, and learning paths focused on Red Hat’s
hybrid cloud managed services.
* RED HAT STORE
Buy select Red Hat products and services online.
* RED HAT MARKETPLACE
Try, buy, sell, and manage certified enterprise software for container-based
environments.
EVENTS
* RED HAT SUMMIT AND ANSIBLEFEST
Register for and learn about our annual open source IT industry event.
Red Hat Product Errata RHSA-2024:4697 - Security Advisory
Issued: 2024-07-22 Updated: 2024-07-22
RHSA-2024:4697 - SECURITY ADVISORY
* Overview
* Updated Images
SYNOPSIS
Moderate: Red Hat build of Cryostat security update
TYPE/SEVERITY
Security Advisory: Moderate
TOPIC
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
DESCRIPTION
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Security Fix(es):
* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6
addresses (CVE-2024-24790)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
SOLUTION
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
AFFECTED PRODUCTS
* Cryostat 3 x86_64
FIXES
* BZ - 2279814 - CVE-2024-24788 golang: net: malformed DNS message can cause
infinite loop
* BZ - 2292787 - CVE-2024-24790 golang: net/netip: Unexpected behavior from Is
methods for IPv4-mapped IPv6 addresses
CVES
* CVE-2022-48624
* CVE-2023-2953
* CVE-2024-3651
* CVE-2024-21131
* CVE-2024-21138
* CVE-2024-21140
* CVE-2024-21145
* CVE-2024-21147
* CVE-2024-24788
* CVE-2024-24790
* CVE-2024-24806
* CVE-2024-28182
* CVE-2024-32487
* CVE-2024-35235
REFERENCES
* https://access.redhat.com/security/updates/classification/#moderate
AARCH64
cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58
cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c
cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a
cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8
cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674
cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09
cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34
cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67
cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe
X86_64
cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22
cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c
cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146
cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a
cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16
cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0
cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182
cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4
cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd
The Red Hat security contact is secalert@redhat.com. More contact details at
https://access.redhat.com/security/team/contact/.
X (formerly Twitter)
QUICK LINKS
* Downloads
* Subscriptions
* Support Cases
* Customer Service
* Product Documentation
HELP
* Contact Us
* Customer Portal FAQ
* Log-in Assistance
SITE INFO
* Trust Red Hat
* Browser Support Policy
* Accessibility
* Awards and Recognition
* Colophon
RELATED SITES
* redhat.com
* developers.redhat.com
* connect.redhat.com
* cloud.redhat.com
SYSTEMS STATUS
* All systems operational
ABOUT
* Red Hat Subscription Value
* About Red Hat
* Red Hat Jobs
RED HAT LEGAL AND PRIVACY LINKS
* About Red Hat
* Jobs
* Events
* Locations
* Contact Red Hat
* Red Hat Blog
* Diversity, equity, and inclusion
* Cool Stuff Store
* Red Hat Summit
© 2024 Red Hat, Inc.
RED HAT LEGAL AND PRIVACY LINKS
* Privacy statement
* Terms of use
* All policies and guidelines
* Digital accessibility
* Cookie preferences
HOW WE USE COOKIES
We use cookies on our websites to deliver our online services. Details about how
we use cookies and how you may disable them are set out in our Privacy
Statement. By using this website you agree to our use of cookies.