CVE & CISA-KEV Catalog

CVE-2024-43803

MEDIUM
4.9
CVSS v3
NVD

Description

The Bare Metal Operator (BMO) implements a Kubernetes API for managing bare metal hosts in Metal3. The `BareMetalHost` (BMH) CRD allows the `userData`, `metaData`, and `networkData` for the provisioned host to be specified as links to Kubernetes Secrets. There are fields for both the `Name` and `Namespace` of the Secret, meaning that versions of the baremetal-operator prior to 0.8.0, 0.6.2, and 0.5.2 will read a `Secret` from any namespace. A user with access to create or edit a `BareMetalHost` can thus exfiltrate a `Secret` from another namespace by using it as e.g. the `userData` for provisioning some host (note that this need not be a real host, it could be a VM somewhere). BMO will only read a key with the name `value` (or `userData`, `metaData`, or `networkData`), so that limits the exposure somewhat. `value` is probably a pretty common key though. Secrets used by _other_ `BareMetalHost`s in different namespaces are always vulnerable. It is probably relatively unusual for anyone other than cluster administrators to have RBAC access to create/edit a `BareMetalHost`. This vulnerability is only meaningful, if the cluster has users other than administrators and users' privileges are limited to their respective namespaces. The patch prevents BMO from accepting links to Secrets from other namespaces as BMH input. Any BMH configuration is only read from the same namespace only. The problem is patched in BMO releases v0.7.0, v0.6.2 and v0.5.2 and users should upgrade to those versions. Prior upgrading, duplicate the BMC Secrets to the namespace where the corresponding BMH is. After upgrade, remove the old Secrets. As a workaround, an operator can configure BMO RBAC to be namespace scoped for Secrets, instead of cluster scoped, to prevent BMO from accessing Secrets from other namespaces.

How to fix

Remediation Available
openshift4/driverRocky
Fixed in:toolkit-rhel9@sha256:9cb0e38af3d7b3bc79cda54f50146969ca4f52834a13a74df50736fa0b89162b_ppc64leRHSA-2024:6824
Fixed in:toolkit-rhel9@sha256:31e5005e80d4f31e953e576306cf7c67257d1ea0e67f23df0becb17ff8c4d5c2_arm64RHSA-2024:6824
Fixed in:toolkit-rhel9@sha256:78828089c880e1c7187e0e61948628721a5d686fc0f13e9804e60897c78594dd_amd64RHSA-2024:6824
Fixed in:toolkit-rhel9@sha256:fc4a33a78d59e8230791781ea5926e9a201a45d70d71fe53194b82fa0bf582fb_s390xRHSA-2024:6824
openshift4/driverRed Hat / RHEL
Fixed in:toolkit-rhel9@sha256:78828089c880e1c7187e0e61948628721a5d686fc0f13e9804e60897c78594dd_amd64RHSA-2024:6824
Fixed in:toolkit-rhel9@sha256:fc4a33a78d59e8230791781ea5926e9a201a45d70d71fe53194b82fa0bf582fb_s390xRHSA-2024:6824
Fixed in:toolkit-rhel9@sha256:31e5005e80d4f31e953e576306cf7c67257d1ea0e67f23df0becb17ff8c4d5c2_arm64RHSA-2024:6824
Fixed in:toolkit-rhel9@sha256:9cb0e38af3d7b3bc79cda54f50146969ca4f52834a13a74df50736fa0b89162b_ppc64leRHSA-2024:6824
openshift4/networkRed Hat / RHEL
Fixed in:tools-rhel9@sha256:7ba513237c24c05214b5f84dea3ebd2f5acfce6f3e874ef47b8be6d74b850fcb_ppc64leRHSA-2024:6824
Fixed in:tools-rhel9@sha256:d4eef75db4b42fb328435312624fd481eae6a60b9741c7b1727a88f09e50f5e3_arm64RHSA-2024:6824
Fixed in:tools-rhel9@sha256:a8cffde8f3ea7e5f446475c77d5815f7f6f7a8b5bba6fa85f23ed54a9e6153bb_s390xRHSA-2024:6824
Fixed in:tools-rhel9@sha256:e386bd6b25eb9d12e1ea380e8e19bde61b6d717fc4085c2ff495625bf7b6599c_amd64RHSA-2024:6824
openshift4/networkRocky
Fixed in:tools-rhel9@sha256:e386bd6b25eb9d12e1ea380e8e19bde61b6d717fc4085c2ff495625bf7b6599c_amd64RHSA-2024:6824
Fixed in:tools-rhel9@sha256:a8cffde8f3ea7e5f446475c77d5815f7f6f7a8b5bba6fa85f23ed54a9e6153bb_s390xRHSA-2024:6824
Fixed in:tools-rhel9@sha256:7ba513237c24c05214b5f84dea3ebd2f5acfce6f3e874ef47b8be6d74b850fcb_ppc64leRHSA-2024:6824
Fixed in:tools-rhel9@sha256:d4eef75db4b42fb328435312624fd481eae6a60b9741c7b1727a88f09e50f5e3_arm64RHSA-2024:6824
openshift4/oseRed Hat / RHEL
Fixed in:tools-rhel9@sha256:6c3f7eadc425368d3d395bd7ffbbfc97e19005f09fba227cce1e6a05dbc5af12_amd64RHSA-2024:6824
Fixed in:prometheus-rhel9@sha256:a20482a7501eb47e690c9905d3625766a367ff33e6c29e95b8bce4fd834c878e_s390xRHSA-2024:6824
Fixed in:console-rhel9@sha256:9d2dfefb615a6600bc824cfd9f10f1d033d75ed58e6bed677f4736138bda981a_s390xRHSA-2024:6824
Fixed in:tests-rhel9@sha256:9294040c1bbfa2b243e9a30a8a61e6999df9012de10488ab1f075027eb16549e_s390xRHSA-2024:6824
Fixed in:prometheus-rhel9@sha256:855d02d3125dfb47079d0e19bd6c806951ccf25adb67fe8cd0ea02b309592c3b_amd64RHSA-2024:6824
Fixed in:ironic-rhel9@sha256:a549a9739ae4a82a58c207fd97efe3c0fea972fa201e833e5820a41c0645007c_amd64RHSA-2024:6824
Fixed in:console-rhel9@sha256:4a6ea66336fc875f84f24bf9ebfdf5b7c166eb19dd68d88ec6035392162b4c5a_amd64RHSA-2024:6824
Fixed in:tests-rhel9@sha256:08f71efa1fae48219efef6ab2f633fb125581197c9bedc853d2d00c463706078_amd64RHSA-2024:6824
Fixed in:hypershift-rhel9@sha256:a7a4275ecc7b990b2f60dc22ae88d3bcb8af94d2ef01fd0747c252a206c6ee7a_amd64RHSA-2024:6824
Fixed in:installer-rhel9@sha256:a3c4bd54ee274f8bd7e700a163455505bb2c318f1b0b9307c9257614dfe06b81_amd64RHSA-2024:6824
Fixed in:sdn-rhel9@sha256:2c6396dcb07d870949289991fb33a883d760aba5190696aa316e9e2ad6e85b03_amd64RHSA-2024:6824
Fixed in:hypershift-rhel9@sha256:f627f1d7a3398158a9f3c710887ed00033715784c5bac36857299387edff3d65_s390xRHSA-2024:6824
Fixed in:installer-rhel9@sha256:2d30f3f1feb2507a349703763cfcac0bbe05a0fdd51fb695b8d79bf0c23f8c9b_s390xRHSA-2024:6824
Fixed in:sdn-rhel9@sha256:12cb8789e210e266114f43ffeadafe9d39553b8f41257abd7b48685cde42c18a_s390xRHSA-2024:6824
Fixed in:tools-rhel9@sha256:690a930a8b94b71f1c30ff0e87ca28751a0e8d7eb1188cd2a3009b17938bb65f_s390xRHSA-2024:6824
Fixed in:prometheus-rhel9@sha256:aa2e892a93dda722e3b06f1cc1f87395ad004e22b99e270ead9b184f856f0f5c_arm64RHSA-2024:6824
Fixed in:ironic-rhel9@sha256:700977dc30c75023a4a9648eee0f541072f7233118869425ed13d69d086dfa07_arm64RHSA-2024:6824
Fixed in:console-rhel9@sha256:e82cd14bcac074e1e6c6d112b5b815c8c1bcd7b7cf99d98f570f5dad42c87a85_arm64RHSA-2024:6824
Fixed in:tests-rhel9@sha256:cf6887f465c14e4edae9bacfb833b646b04d055328c3b746244b295a41ef0ff4_arm64RHSA-2024:6824
Fixed in:hypershift-rhel9@sha256:b788e76278fc12f33c086dd5c26a60415661247c83d6edb2c8672c5020b70650_arm64RHSA-2024:6824
Fixed in:installer-rhel9@sha256:a77c2d7ad9d4b826d3aa54ab32ada87adbf25ca3150767216c732834632e734e_arm64RHSA-2024:6824
Fixed in:sdn-rhel9@sha256:328b91c8e3c8a8d341ff1f4876c19741b098cfbcef013d90767f771763a634c0_arm64RHSA-2024:6824
Fixed in:tools-rhel9@sha256:8cf75ea8bd6d1f358c3d800cdaf427573ad3c56e3e5ae8099729812e3cad32a7_arm64RHSA-2024:6824
Fixed in:prometheus-rhel9@sha256:aaf36fb18a00a412de987bef34fb5024f60601503e8bb27a74bba3919ce6cac8_ppc64leRHSA-2024:6824
Fixed in:console-rhel9@sha256:f5ba627324841f89645e47a77c7e0dbec3b56ecc49199af92566dea9505ab9df_ppc64leRHSA-2024:6824
Fixed in:tests-rhel9@sha256:8de2055243c93b1258602e71afc62421febe4ea2099063d5ccd4eb60a0185365_ppc64leRHSA-2024:6824
Fixed in:hypershift-rhel9@sha256:8db432a58f621b4500852a32cdaab8f1c5b06be29fc6fe7f288222a373fd86ca_ppc64leRHSA-2024:6824
Fixed in:installer-rhel9@sha256:ff2c2ec17636d208ba50cdac9114c6909561a946113f0e845930a808139fc0b8_ppc64leRHSA-2024:6824
Fixed in:sdn-rhel9@sha256:4503bae1437bb3491a73fb74718818373597930e00dd46caa00f5d08f55e05f1_ppc64leRHSA-2024:6824
Fixed in:tools-rhel9@sha256:905282bc2187efc9452c61ba14b7c6ccbac88b6fea3a2524ffe89faaacdca465_ppc64leRHSA-2024:6824
openshift4/oseRocky
Fixed in:tools-rhel9@sha256:905282bc2187efc9452c61ba14b7c6ccbac88b6fea3a2524ffe89faaacdca465_ppc64leRHSA-2024:6824
Fixed in:sdn-rhel9@sha256:328b91c8e3c8a8d341ff1f4876c19741b098cfbcef013d90767f771763a634c0_arm64RHSA-2024:6824
Fixed in:installer-rhel9@sha256:a77c2d7ad9d4b826d3aa54ab32ada87adbf25ca3150767216c732834632e734e_arm64RHSA-2024:6824
Fixed in:hypershift-rhel9@sha256:b788e76278fc12f33c086dd5c26a60415661247c83d6edb2c8672c5020b70650_arm64RHSA-2024:6824
Fixed in:console-rhel9@sha256:4a6ea66336fc875f84f24bf9ebfdf5b7c166eb19dd68d88ec6035392162b4c5a_amd64RHSA-2024:6824
Fixed in:ironic-rhel9@sha256:a549a9739ae4a82a58c207fd97efe3c0fea972fa201e833e5820a41c0645007c_amd64RHSA-2024:6824
Fixed in:prometheus-rhel9@sha256:855d02d3125dfb47079d0e19bd6c806951ccf25adb67fe8cd0ea02b309592c3b_amd64RHSA-2024:6824
Fixed in:installer-rhel9@sha256:ff2c2ec17636d208ba50cdac9114c6909561a946113f0e845930a808139fc0b8_ppc64leRHSA-2024:6824
Fixed in:hypershift-rhel9@sha256:8db432a58f621b4500852a32cdaab8f1c5b06be29fc6fe7f288222a373fd86ca_ppc64leRHSA-2024:6824
Fixed in:tests-rhel9@sha256:8de2055243c93b1258602e71afc62421febe4ea2099063d5ccd4eb60a0185365_ppc64leRHSA-2024:6824
Fixed in:console-rhel9@sha256:f5ba627324841f89645e47a77c7e0dbec3b56ecc49199af92566dea9505ab9df_ppc64leRHSA-2024:6824
Fixed in:prometheus-rhel9@sha256:aaf36fb18a00a412de987bef34fb5024f60601503e8bb27a74bba3919ce6cac8_ppc64leRHSA-2024:6824
Fixed in:tools-rhel9@sha256:8cf75ea8bd6d1f358c3d800cdaf427573ad3c56e3e5ae8099729812e3cad32a7_arm64RHSA-2024:6824
Fixed in:tests-rhel9@sha256:cf6887f465c14e4edae9bacfb833b646b04d055328c3b746244b295a41ef0ff4_arm64RHSA-2024:6824
Fixed in:console-rhel9@sha256:e82cd14bcac074e1e6c6d112b5b815c8c1bcd7b7cf99d98f570f5dad42c87a85_arm64RHSA-2024:6824
Fixed in:ironic-rhel9@sha256:700977dc30c75023a4a9648eee0f541072f7233118869425ed13d69d086dfa07_arm64RHSA-2024:6824
Fixed in:sdn-rhel9@sha256:4503bae1437bb3491a73fb74718818373597930e00dd46caa00f5d08f55e05f1_ppc64leRHSA-2024:6824
Fixed in:prometheus-rhel9@sha256:aa2e892a93dda722e3b06f1cc1f87395ad004e22b99e270ead9b184f856f0f5c_arm64RHSA-2024:6824
Fixed in:tools-rhel9@sha256:690a930a8b94b71f1c30ff0e87ca28751a0e8d7eb1188cd2a3009b17938bb65f_s390xRHSA-2024:6824
Fixed in:sdn-rhel9@sha256:12cb8789e210e266114f43ffeadafe9d39553b8f41257abd7b48685cde42c18a_s390xRHSA-2024:6824
Fixed in:installer-rhel9@sha256:2d30f3f1feb2507a349703763cfcac0bbe05a0fdd51fb695b8d79bf0c23f8c9b_s390xRHSA-2024:6824
Fixed in:hypershift-rhel9@sha256:f627f1d7a3398158a9f3c710887ed00033715784c5bac36857299387edff3d65_s390xRHSA-2024:6824
Fixed in:tests-rhel9@sha256:9294040c1bbfa2b243e9a30a8a61e6999df9012de10488ab1f075027eb16549e_s390xRHSA-2024:6824
Fixed in:console-rhel9@sha256:9d2dfefb615a6600bc824cfd9f10f1d033d75ed58e6bed677f4736138bda981a_s390xRHSA-2024:6824
Fixed in:prometheus-rhel9@sha256:a20482a7501eb47e690c9905d3625766a367ff33e6c29e95b8bce4fd834c878e_s390xRHSA-2024:6824
Fixed in:tools-rhel9@sha256:6c3f7eadc425368d3d395bd7ffbbfc97e19005f09fba227cce1e6a05dbc5af12_amd64RHSA-2024:6824
Fixed in:sdn-rhel9@sha256:2c6396dcb07d870949289991fb33a883d760aba5190696aa316e9e2ad6e85b03_amd64RHSA-2024:6824
Fixed in:installer-rhel9@sha256:a3c4bd54ee274f8bd7e700a163455505bb2c318f1b0b9307c9257614dfe06b81_amd64RHSA-2024:6824
Fixed in:hypershift-rhel9@sha256:a7a4275ecc7b990b2f60dc22ae88d3bcb8af94d2ef01fd0747c252a206c6ee7a_amd64RHSA-2024:6824
Fixed in:tests-rhel9@sha256:08f71efa1fae48219efef6ab2f633fb125581197c9bedc853d2d00c463706078_amd64RHSA-2024:6824
openshift4/ose-agent-installer-apiRocky
Fixed in:server-rhel9@sha256:1c4b4c5a60dcfdda7efff3ff7f872818705838efce31e0b39373d020b30ad4f6_ppc64leRHSA-2024:6824
Fixed in:server-rhel9@sha256:1adc2d2ab97d3478b695a3a68dbfcdd845fbf80d9d2a945c3e0254d9e9439c33_s390xRHSA-2024:6824
Fixed in:server-rhel9@sha256:5a7a7e5ef9f32ccad34f0ebe3c09bb6297b99673e80ef3474d93e161ce2dd0b1_amd64RHSA-2024:6824
Fixed in:server-rhel9@sha256:40f530a556977bfa19e58bfde7101e622424de65a0a9949da8b26d87c49dee7c_arm64RHSA-2024:6824
openshift4/ose-agent-installer-apiRed Hat / RHEL
Fixed in:server-rhel9@sha256:1c4b4c5a60dcfdda7efff3ff7f872818705838efce31e0b39373d020b30ad4f6_ppc64leRHSA-2024:6824
Fixed in:server-rhel9@sha256:40f530a556977bfa19e58bfde7101e622424de65a0a9949da8b26d87c49dee7c_arm64RHSA-2024:6824
Fixed in:server-rhel9@sha256:1adc2d2ab97d3478b695a3a68dbfcdd845fbf80d9d2a945c3e0254d9e9439c33_s390xRHSA-2024:6824
Fixed in:server-rhel9@sha256:5a7a7e5ef9f32ccad34f0ebe3c09bb6297b99673e80ef3474d93e161ce2dd0b1_amd64RHSA-2024:6824
openshift4/ose-agent-installer-nodeRocky
Fixed in:agent-rhel9@sha256:44729e4283cff8f8406b7a1f28530eacda8156de7df8477f3911d5b861b3a6e1_ppc64leRHSA-2024:6824
Fixed in:agent-rhel9@sha256:b9f05ac7b5a6314c855a2ca7883aec45b71d23a8a7aef5e5477d33c26f085560_s390xRHSA-2024:6824
Fixed in:agent-rhel9@sha256:33516a841e32c04c6e4ec752143831098c9a72ede3f36c1ac0fced5326142c2e_arm64RHSA-2024:6824
Fixed in:agent-rhel9@sha256:714d0b45472e190849c890c80e257b64c4a685d0f0368629082d602566c11d42_amd64RHSA-2024:6824
openshift4/ose-agent-installer-nodeRed Hat / RHEL
Fixed in:agent-rhel9@sha256:33516a841e32c04c6e4ec752143831098c9a72ede3f36c1ac0fced5326142c2e_arm64RHSA-2024:6824
Fixed in:agent-rhel9@sha256:44729e4283cff8f8406b7a1f28530eacda8156de7df8477f3911d5b861b3a6e1_ppc64leRHSA-2024:6824
Fixed in:agent-rhel9@sha256:714d0b45472e190849c890c80e257b64c4a685d0f0368629082d602566c11d42_amd64RHSA-2024:6824
Fixed in:agent-rhel9@sha256:b9f05ac7b5a6314c855a2ca7883aec45b71d23a8a7aef5e5477d33c26f085560_s390xRHSA-2024:6824
openshift4/ose-baremetalRocky
Fixed in:rhel9-operator@sha256:de5033d11f6c639de1b06740b31945162aae8646c8e7b5e484c852f26e92a17d_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:112b3425320153e99d849c7504fd15fbf4da3c1a368ede93a57c8cd6d9eb727e_s390xRHSA-2024:6824
Fixed in:installer-rhel9@sha256:41196df24c4f256b46b53463d022a8632b6ffea5d397c1e0c6f8cf4a434babd7_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:556e01f12bf0a0e8ca58180117e18a850bdba719fd75dd24b27b5f990cb86b5d_arm64RHSA-2024:6824
Fixed in:installer-rhel9@sha256:ce79dfdb1ae435829bcdac0f51a7a25ba299fb7e7845b428489f31eb7ba0f04d_arm64RHSA-2024:6824
Fixed in:installer-rhel9@sha256:ac0755e6b6d19452c63af18f4082a387981dbde70b597902a5aa213a27a4082b_ppc64leRHSA-2024:6824
Fixed in:installer-rhel9@sha256:2bc033a4f5e23f63bfbb83a5f84cf917c0add171af3b01f958e3a20e9bb07742_amd64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:668064a51555749931487c8a86a47bedb98bfe4d54bded3da613e73b848e52be_amd64RHSA-2024:6824
openshift4/ose-baremetalRed Hat / RHEL
Fixed in:installer-rhel9@sha256:41196df24c4f256b46b53463d022a8632b6ffea5d397c1e0c6f8cf4a434babd7_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:112b3425320153e99d849c7504fd15fbf4da3c1a368ede93a57c8cd6d9eb727e_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:668064a51555749931487c8a86a47bedb98bfe4d54bded3da613e73b848e52be_amd64RHSA-2024:6824
Fixed in:installer-rhel9@sha256:ac0755e6b6d19452c63af18f4082a387981dbde70b597902a5aa213a27a4082b_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:de5033d11f6c639de1b06740b31945162aae8646c8e7b5e484c852f26e92a17d_ppc64leRHSA-2024:6824
Fixed in:installer-rhel9@sha256:2bc033a4f5e23f63bfbb83a5f84cf917c0add171af3b01f958e3a20e9bb07742_amd64RHSA-2024:6824
Fixed in:installer-rhel9@sha256:ce79dfdb1ae435829bcdac0f51a7a25ba299fb7e7845b428489f31eb7ba0f04d_arm64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:556e01f12bf0a0e8ca58180117e18a850bdba719fd75dd24b27b5f990cb86b5d_arm64RHSA-2024:6824
openshift4/ose-cluster-image-registryRed Hat / RHEL
Fixed in:rhel9-operator@sha256:0a8fffa32447a35c1cd0ef3a463e2af132a9e9aa03a8d65b43c1ad6f0eab9832_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:600bbd69fe2ab78844231034820273f9716c23f86fc1d9cb81ad7d80f2cc78ab_arm64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:ac0c984e3c435668f91c9d042f9634b6f4e02d63a76bc8943bcda8b5a73eb44c_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:4b5f20bf03294e377f8e8784cc8ee976bab1c8243947c39bf52c4bc77e0b3695_amd64RHSA-2024:6824
openshift4/ose-cluster-image-registryRocky
Fixed in:rhel9-operator@sha256:4b5f20bf03294e377f8e8784cc8ee976bab1c8243947c39bf52c4bc77e0b3695_amd64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:600bbd69fe2ab78844231034820273f9716c23f86fc1d9cb81ad7d80f2cc78ab_arm64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:ac0c984e3c435668f91c9d042f9634b6f4e02d63a76bc8943bcda8b5a73eb44c_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:0a8fffa32447a35c1cd0ef3a463e2af132a9e9aa03a8d65b43c1ad6f0eab9832_s390xRHSA-2024:6824
openshift4/ose-cluster-monitoringRocky
Fixed in:rhel9-operator@sha256:993d06c62de4e6a6eefed9eb2a475a53cbb0431ff278ba1df1c33389626d7966_amd64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:15bfcb901bd2f36f622dde8f25206642c26972f99ddbcaaaa4b2c1896ef4eb87_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:b990d1195547ca994c12af66649a674f9191c3d6f8e9106e7173b3adad997f6b_arm64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:979f61e8d048b8d2f7cf7d69df99235d9ff96a5612cea0c631b4e67bbd69c6be_ppc64leRHSA-2024:6824
openshift4/ose-cluster-monitoringRed Hat / RHEL
Fixed in:rhel9-operator@sha256:15bfcb901bd2f36f622dde8f25206642c26972f99ddbcaaaa4b2c1896ef4eb87_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:b990d1195547ca994c12af66649a674f9191c3d6f8e9106e7173b3adad997f6b_arm64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:979f61e8d048b8d2f7cf7d69df99235d9ff96a5612cea0c631b4e67bbd69c6be_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:993d06c62de4e6a6eefed9eb2a475a53cbb0431ff278ba1df1c33389626d7966_amd64RHSA-2024:6824
openshift4/ose-cluster-networkRed Hat / RHEL
Fixed in:rhel9-operator@sha256:081623c73a2f7623eb80bdd6852c8f72b716839ee02bf6d799cc81541fad6677_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:bb80585f6c6fa9dc2be91e59c88ed78e721c57554c139e4b4ce188c682024d15_amd64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:9a739b5a1476efd6411be39c86a44baa1c3dcc06d87bbe0a61646ba6a440a842_arm64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:22ae6217de33558d94d9a1c91f9d332fc80e1479c31ec0c21f66346c1235e231_ppc64leRHSA-2024:6824
openshift4/ose-cluster-networkRocky
Fixed in:rhel9-operator@sha256:22ae6217de33558d94d9a1c91f9d332fc80e1479c31ec0c21f66346c1235e231_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:9a739b5a1476efd6411be39c86a44baa1c3dcc06d87bbe0a61646ba6a440a842_arm64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:bb80585f6c6fa9dc2be91e59c88ed78e721c57554c139e4b4ce188c682024d15_amd64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:081623c73a2f7623eb80bdd6852c8f72b716839ee02bf6d799cc81541fad6677_s390xRHSA-2024:6824
openshift4/ose-cluster-node-tuningRocky
Fixed in:rhel9-operator@sha256:cfbe77fa9a3c8b544b95f8dd3128a7211786e4370e844c3c76bedd7435e1b8f0_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:177f32a086a772100c9a8c1db9e419d7a5d30863eead5d174746b2e0c5cc3a71_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:c5ebb637466e7be51fb2efc750b147cb61768da513cceb0e51f62c199bea9831_amd64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:f75ae71d338ee4aba248799884d81aee02d9a1d5fe57a366e9ffa72390dfb2fc_arm64RHSA-2024:6824
openshift4/ose-cluster-node-tuningRed Hat / RHEL
Fixed in:rhel9-operator@sha256:cfbe77fa9a3c8b544b95f8dd3128a7211786e4370e844c3c76bedd7435e1b8f0_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:177f32a086a772100c9a8c1db9e419d7a5d30863eead5d174746b2e0c5cc3a71_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:c5ebb637466e7be51fb2efc750b147cb61768da513cceb0e51f62c199bea9831_amd64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:f75ae71d338ee4aba248799884d81aee02d9a1d5fe57a366e9ffa72390dfb2fc_arm64RHSA-2024:6824
openshift4/ose-dockerRocky
Fixed in:builder-rhel9@sha256:b2ff712df13c1eb4692d85f23793470ffed0db44d339e7162f37386716a65546_arm64RHSA-2024:6824
Fixed in:builder-rhel9@sha256:a782ed52dae54e88cbdc1813d1d48903c11c7fe7b17a3b482e5ac6b343c0275a_amd64RHSA-2024:6824
Fixed in:builder-rhel9@sha256:a7aa1a6f6d04e9af0b0ebabf715738dacf756934a1d8fa000f7f7edfbb78a77b_ppc64leRHSA-2024:6824
Fixed in:builder-rhel9@sha256:24f5f0f1b5011caa74c4b1654ddf6a76fb361673f99e81ea761242a4138b4201_s390xRHSA-2024:6824
openshift4/ose-dockerRed Hat / RHEL
Fixed in:builder-rhel9@sha256:a782ed52dae54e88cbdc1813d1d48903c11c7fe7b17a3b482e5ac6b343c0275a_amd64RHSA-2024:6824
Fixed in:builder-rhel9@sha256:a7aa1a6f6d04e9af0b0ebabf715738dacf756934a1d8fa000f7f7edfbb78a77b_ppc64leRHSA-2024:6824
Fixed in:builder-rhel9@sha256:24f5f0f1b5011caa74c4b1654ddf6a76fb361673f99e81ea761242a4138b4201_s390xRHSA-2024:6824
Fixed in:builder-rhel9@sha256:b2ff712df13c1eb4692d85f23793470ffed0db44d339e7162f37386716a65546_arm64RHSA-2024:6824
openshift4/ose-installerRed Hat / RHEL
Fixed in:artifacts-rhel9@sha256:12bc04a4df1e1ef2f4bd0a02a62ef905718b514dbce049aea8ebb97fab2bf60b_amd64RHSA-2024:6824
Fixed in:altinfra-rhel9@sha256:62506be4fcba83e9e912ed72533d8f222d4f06922b653b42bd575a4a33684800_amd64RHSA-2024:6824
Fixed in:altinfra-rhel9@sha256:ec10da6428ff547cc6e3719f686abda1aebff143192d0248fd3435203d5494b6_ppc64leRHSA-2024:6824
Fixed in:altinfra-rhel9@sha256:464837e99e914749c5481bb61b4a8036304a96df6b2a41a52b1e815dd2e6c039_s390xRHSA-2024:6824
Fixed in:artifacts-rhel9@sha256:7a30a4a113391f5cabfd8e32f2a890ae11bc407cf267ecf865effc6888c11789_s390xRHSA-2024:6824
Fixed in:artifacts-rhel9@sha256:6ed02648a2659f7af4a7c5b557aada55e463b91324bf66f0f1c5ca7615fcb33a_ppc64leRHSA-2024:6824
Fixed in:artifacts-rhel9@sha256:27a8296e09425a0c9ce3dc1a27b33498d741511f3bdfabc8b9906249793afcd4_arm64RHSA-2024:6824
Fixed in:altinfra-rhel9@sha256:298ff59588db24863a5b8892888591b86214f9d3330d3e375141982339e63edb_arm64RHSA-2024:6824
openshift4/ose-installerRocky
Fixed in:artifacts-rhel9@sha256:7a30a4a113391f5cabfd8e32f2a890ae11bc407cf267ecf865effc6888c11789_s390xRHSA-2024:6824
Fixed in:artifacts-rhel9@sha256:12bc04a4df1e1ef2f4bd0a02a62ef905718b514dbce049aea8ebb97fab2bf60b_amd64RHSA-2024:6824
Fixed in:artifacts-rhel9@sha256:27a8296e09425a0c9ce3dc1a27b33498d741511f3bdfabc8b9906249793afcd4_arm64RHSA-2024:6824
Fixed in:altinfra-rhel9@sha256:298ff59588db24863a5b8892888591b86214f9d3330d3e375141982339e63edb_arm64RHSA-2024:6824
Fixed in:altinfra-rhel9@sha256:62506be4fcba83e9e912ed72533d8f222d4f06922b653b42bd575a4a33684800_amd64RHSA-2024:6824
Fixed in:altinfra-rhel9@sha256:ec10da6428ff547cc6e3719f686abda1aebff143192d0248fd3435203d5494b6_ppc64leRHSA-2024:6824
Fixed in:artifacts-rhel9@sha256:6ed02648a2659f7af4a7c5b557aada55e463b91324bf66f0f1c5ca7615fcb33a_ppc64leRHSA-2024:6824
Fixed in:altinfra-rhel9@sha256:464837e99e914749c5481bb61b4a8036304a96df6b2a41a52b1e815dd2e6c039_s390xRHSA-2024:6824
openshift4/ose-ironicRed Hat / RHEL
Fixed in:agent-rhel9@sha256:01ed32303addbf7bcb237627e3573c0584fa48a81db00a423cc49902781a4007_amd64RHSA-2024:6824
Fixed in:agent-rhel9@sha256:efe220b06cfac6185c47f71a8604213f7693f5df9a55c95fd1525b2c1e03d2fd_arm64RHSA-2024:6824
openshift4/ose-ironicRocky
Fixed in:agent-rhel9@sha256:01ed32303addbf7bcb237627e3573c0584fa48a81db00a423cc49902781a4007_amd64RHSA-2024:6824
Fixed in:agent-rhel9@sha256:efe220b06cfac6185c47f71a8604213f7693f5df9a55c95fd1525b2c1e03d2fd_arm64RHSA-2024:6824
openshift4/ose-ironic-machine-osRocky
Fixed in:downloader-rhel9@sha256:df53cf3808a773e5922dddb959b754525fc9c427a8e3532107bf0a9a26e0e2c7_amd64RHSA-2024:6824
Fixed in:downloader-rhel9@sha256:b49ab7156282acd619e635f021393d97a9a8b31286a4f499cbbde025331acd1c_arm64RHSA-2024:6824
openshift4/ose-ironic-machine-osRed Hat / RHEL
Fixed in:downloader-rhel9@sha256:b49ab7156282acd619e635f021393d97a9a8b31286a4f499cbbde025331acd1c_arm64RHSA-2024:6824
Fixed in:downloader-rhel9@sha256:df53cf3808a773e5922dddb959b754525fc9c427a8e3532107bf0a9a26e0e2c7_amd64RHSA-2024:6824
openshift4/ose-machine-configRocky
Fixed in:rhel9-operator@sha256:dc3bd56bcb747005008877041bbd9a526f0a065a79ee3a8e179bd619c47a01bb_amd64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:33b0eb7523385d3cdcc38e7ece1b9c5dd325cbbe7574596d259267c8ee6c77fd_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:68e473ad3cb1859d32a1505b924f65c7b4e7c4939665a410425700331ae7cf3e_s390xRHSA-2024:6824
Fixed in:rhel9-operator@sha256:eaaf1eec7df11116648c8b2979b8a55b7fe949e479d25a1bcc371ec73b7a3954_arm64RHSA-2024:6824
openshift4/ose-machine-configRed Hat / RHEL
Fixed in:rhel9-operator@sha256:dc3bd56bcb747005008877041bbd9a526f0a065a79ee3a8e179bd619c47a01bb_amd64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:eaaf1eec7df11116648c8b2979b8a55b7fe949e479d25a1bcc371ec73b7a3954_arm64RHSA-2024:6824
Fixed in:rhel9-operator@sha256:33b0eb7523385d3cdcc38e7ece1b9c5dd325cbbe7574596d259267c8ee6c77fd_ppc64leRHSA-2024:6824
Fixed in:rhel9-operator@sha256:68e473ad3cb1859d32a1505b924f65c7b4e7c4939665a410425700331ae7cf3e_s390xRHSA-2024:6824
openshift4/ose-machine-osRed Hat / RHEL
Fixed in:images-rhel9@sha256:2f6df07275d6e2c6e425dc33b82000df22b31f0dc81ca5d02b1324d1a3e5f171_s390xRHSA-2024:6824
Fixed in:images-rhel9@sha256:7a3ef2d33e39f0ea8a24f7043d1b3ba75955f19e4915cd40d6f967e5dcb5280e_arm64RHSA-2024:6824
Fixed in:images-rhel9@sha256:3cb43c8ea36b72e268e6af3ceb59793d8b78d3d8c0b71889629983be92420606_amd64RHSA-2024:6824
Fixed in:images-rhel9@sha256:a349105bb704bbf4d7fbc710ba491ba48cd8e9cf4233f311bdaeb95d36ebe32c_ppc64leRHSA-2024:6824
openshift4/ose-machine-osRocky
Fixed in:images-rhel9@sha256:3cb43c8ea36b72e268e6af3ceb59793d8b78d3d8c0b71889629983be92420606_amd64RHSA-2024:6824
Fixed in:images-rhel9@sha256:a349105bb704bbf4d7fbc710ba491ba48cd8e9cf4233f311bdaeb95d36ebe32c_ppc64leRHSA-2024:6824
Fixed in:images-rhel9@sha256:7a3ef2d33e39f0ea8a24f7043d1b3ba75955f19e4915cd40d6f967e5dcb5280e_arm64RHSA-2024:6824
Fixed in:images-rhel9@sha256:2f6df07275d6e2c6e425dc33b82000df22b31f0dc81ca5d02b1324d1a3e5f171_s390xRHSA-2024:6824
openshift4/ose-openshift-controllerRed Hat / RHEL
Fixed in:manager-rhel9@sha256:522ac211c0883a278282c66340c7c5f3d8241f2b81c70fc69a8c9e93caa85863_amd64RHSA-2024:6824
Fixed in:manager-rhel9@sha256:aaa256e9cd208cfd0687a982e4da362c22903e5b59814af5e1a8ad252cd4d7f9_arm64RHSA-2024:6824
Fixed in:manager-rhel9@sha256:f6411328c20a4f251d651114428e5f156bc85b01bd6846c5e7401033a5947081_ppc64leRHSA-2024:6824
Fixed in:manager-rhel9@sha256:c1829302b192d5e3477ea13f77392e86d244d8fbe79f415882fb91f6e9069c80_s390xRHSA-2024:6824
openshift4/ose-openshift-controllerRocky
Fixed in:manager-rhel9@sha256:522ac211c0883a278282c66340c7c5f3d8241f2b81c70fc69a8c9e93caa85863_amd64RHSA-2024:6824
Fixed in:manager-rhel9@sha256:aaa256e9cd208cfd0687a982e4da362c22903e5b59814af5e1a8ad252cd4d7f9_arm64RHSA-2024:6824
Fixed in:manager-rhel9@sha256:f6411328c20a4f251d651114428e5f156bc85b01bd6846c5e7401033a5947081_ppc64leRHSA-2024:6824
Fixed in:manager-rhel9@sha256:c1829302b192d5e3477ea13f77392e86d244d8fbe79f415882fb91f6e9069c80_s390xRHSA-2024:6824
openshift4/ose-operatorRocky
Fixed in:registry-rhel9@sha256:70ef5e22104569f83e5c709ad73f02b5080ab9424032483b3cd55124d5605e3d_arm64RHSA-2024:6824
Fixed in:registry-rhel9@sha256:4ebb00b77b3692fba823a16ca4ab1b0da70e7c576eaa07688918517a74e87a0e_s390xRHSA-2024:6824
Fixed in:registry-rhel9@sha256:e5d912997a6a1542ed91e6894633b12024cb12b55962d56b8324cfae8e53e5d0_ppc64leRHSA-2024:6824
Fixed in:registry-rhel9@sha256:f645f23ca813b27920b3224e4ecfdd0f7a680790c2aa459504474f456fccb826_amd64RHSA-2024:6824
openshift4/ose-operatorRed Hat / RHEL
Fixed in:registry-rhel9@sha256:70ef5e22104569f83e5c709ad73f02b5080ab9424032483b3cd55124d5605e3d_arm64RHSA-2024:6824
Fixed in:registry-rhel9@sha256:4ebb00b77b3692fba823a16ca4ab1b0da70e7c576eaa07688918517a74e87a0e_s390xRHSA-2024:6824
Fixed in:registry-rhel9@sha256:e5d912997a6a1542ed91e6894633b12024cb12b55962d56b8324cfae8e53e5d0_ppc64leRHSA-2024:6824
Fixed in:registry-rhel9@sha256:f645f23ca813b27920b3224e4ecfdd0f7a680790c2aa459504474f456fccb826_amd64RHSA-2024:6824
openshift4/ose-operator-frameworkRocky
Fixed in:tools-rhel9@sha256:15ee02d965027dfbf12bd573e288c2b169f49c29c4671f6364fc9812a668eca6_arm64RHSA-2024:6824
Fixed in:tools-rhel9@sha256:fae902beb4fe0c52ade38b75196bfee48026c1e56f0e8bf4ecb2f4089ef5fdcb_s390xRHSA-2024:6824
Fixed in:tools-rhel9@sha256:6db193624023b885d2383f5934f5535d774ec5d34524e42cfd837e452e4c9ad5_ppc64leRHSA-2024:6824
Fixed in:tools-rhel9@sha256:1af8392e3cb64b8c39274c249f23876e0bf76da80c74487d250c98ee450bb89e_amd64RHSA-2024:6824
openshift4/ose-operator-frameworkRed Hat / RHEL
Fixed in:tools-rhel9@sha256:15ee02d965027dfbf12bd573e288c2b169f49c29c4671f6364fc9812a668eca6_arm64RHSA-2024:6824
Fixed in:tools-rhel9@sha256:6db193624023b885d2383f5934f5535d774ec5d34524e42cfd837e452e4c9ad5_ppc64leRHSA-2024:6824
Fixed in:tools-rhel9@sha256:1af8392e3cb64b8c39274c249f23876e0bf76da80c74487d250c98ee450bb89e_amd64RHSA-2024:6824
Fixed in:tools-rhel9@sha256:fae902beb4fe0c52ade38b75196bfee48026c1e56f0e8bf4ecb2f4089ef5fdcb_s390xRHSA-2024:6824
openshift4/ose-operator-lifecycleRed Hat / RHEL
Fixed in:manager-rhel9@sha256:a5fdf2a09d37a352fa93fc1c38f9ebd6e613f0b003601d7bbb01ba6f4faebc5d_amd64RHSA-2024:6824
Fixed in:manager-rhel9@sha256:40d0aa3c269319e3e27078577f3e5d4005506b18a94a1d62e60d1b4c7a787fab_ppc64leRHSA-2024:6824
Fixed in:manager-rhel9@sha256:5cb980e301853c27e5d099c968dd3abc737c2ba91ab9ee331a1ce1bb192956e0_s390xRHSA-2024:6824
Fixed in:manager-rhel9@sha256:5fd6ad50fbd679e4b1f3db11a73dce85dbbe93b77ca2e57eea356012d54175cf_arm64RHSA-2024:6824
openshift4/ose-operator-lifecycleRocky
Fixed in:manager-rhel9@sha256:40d0aa3c269319e3e27078577f3e5d4005506b18a94a1d62e60d1b4c7a787fab_ppc64leRHSA-2024:6824
Fixed in:manager-rhel9@sha256:5cb980e301853c27e5d099c968dd3abc737c2ba91ab9ee331a1ce1bb192956e0_s390xRHSA-2024:6824
Fixed in:manager-rhel9@sha256:5fd6ad50fbd679e4b1f3db11a73dce85dbbe93b77ca2e57eea356012d54175cf_arm64RHSA-2024:6824
Fixed in:manager-rhel9@sha256:a5fdf2a09d37a352fa93fc1c38f9ebd6e613f0b003601d7bbb01ba6f4faebc5d_amd64RHSA-2024:6824
openshift4/ose-ovnRocky
Fixed in:kubernetes-rhel9@sha256:5c0248d38f1fec7df00ae62a73b72a2655ebc7824377f6cbb32cde49db14334f_s390xRHSA-2024:6824
Fixed in:kubernetes-rhel9@sha256:1235fcdba0913f8a5253b72b853c9dea3d7a219649c035c9b4f6d96ab78ee158_ppc64leRHSA-2024:6824
Fixed in:kubernetes-rhel9@sha256:f2bc0af72448d92260679d392d2cbc3ebaa8de4a2423ca9c468c3d954d89b534_amd64RHSA-2024:6824
Fixed in:kubernetes-rhel9@sha256:ae723a979ca43a8b6508985c123246e4db095947678478aa3d70f22db3f54bc7_arm64RHSA-2024:6824
openshift4/ose-ovnRed Hat / RHEL
Fixed in:kubernetes-rhel9@sha256:f2bc0af72448d92260679d392d2cbc3ebaa8de4a2423ca9c468c3d954d89b534_amd64RHSA-2024:6824
Fixed in:kubernetes-rhel9@sha256:1235fcdba0913f8a5253b72b853c9dea3d7a219649c035c9b4f6d96ab78ee158_ppc64leRHSA-2024:6824
Fixed in:kubernetes-rhel9@sha256:ae723a979ca43a8b6508985c123246e4db095947678478aa3d70f22db3f54bc7_arm64RHSA-2024:6824
Fixed in:kubernetes-rhel9@sha256:5c0248d38f1fec7df00ae62a73b72a2655ebc7824377f6cbb32cde49db14334f_s390xRHSA-2024:6824
openshift4/ose-powervs-machineRed Hat / RHEL
Fixed in:controllers-rhel9@sha256:02c150f0451f868c4b39dcfaf034c5a3e54e41f913ffb02bdafa174c7d78efeb_ppc64leRHSA-2024:6824
Fixed in:controllers-rhel9@sha256:63f7e096ee725c1f57af558d848601414ce8d8c6976c40601f53f415b29a3abe_amd64RHSA-2024:6824
openshift4/ose-powervs-machineRocky
Fixed in:controllers-rhel9@sha256:02c150f0451f868c4b39dcfaf034c5a3e54e41f913ffb02bdafa174c7d78efeb_ppc64leRHSA-2024:6824
Fixed in:controllers-rhel9@sha256:63f7e096ee725c1f57af558d848601414ce8d8c6976c40601f53f415b29a3abe_amd64RHSA-2024:6824

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityNone
AvailabilityNone

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploit Intelligence

0.57%probability of exploitation in 30 days
43rdpercentile

Moderate risk: more likely to be exploited than 43% of all known CVEs.

References

Embed a live status badge for CVE-2024-43803
CVE-2024-43803 severity badge

Markdown

[![CVE-2024-43803](https://tridentstack.com/cve/badge/CVE-2024-43803.svg)](https://tridentstack.com/cve/CVE-2024-43803)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-43803"><img src="https://tridentstack.com/cve/badge/CVE-2024-43803.svg" alt="CVE-2024-43803"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-09-03.