Red Hat Openshift Container Platform 4
Monthly
NULL pointer dereference in GnuTLS TLS handshake processing enables unauthenticated remote attackers to crash servers via malformed ClientHello messages containing invalid Pre-Shared Key binder values. Vulnerability affects Red Hat Enterprise Linux 6-10, OpenShift Container Platform 4, and Red Hat Hardened Images. Attack requires network access only with low complexity and no user interaction. CVSS 7.5 (High) reflects severe availability impact. No public exploit identified at time of analysis.
Local privilege escalation in libcap allows unprivileged users to exploit a race condition in cap_set_file() by redirecting capability updates to attacker-controlled files via symlink manipulation in parent directories. An authenticated local attacker with write access to a parent directory and user interaction can inject or strip capabilities from arbitrary executables, achieving privilege escalation. No public exploit code or confirmed active exploitation has been identified at this time.
High severity vulnerability in systemd. A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This al...
NULL pointer dereference in GnuTLS TLS handshake processing enables unauthenticated remote attackers to crash servers via malformed ClientHello messages containing invalid Pre-Shared Key binder values. Vulnerability affects Red Hat Enterprise Linux 6-10, OpenShift Container Platform 4, and Red Hat Hardened Images. Attack requires network access only with low complexity and no user interaction. CVSS 7.5 (High) reflects severe availability impact. No public exploit identified at time of analysis.
Local privilege escalation in libcap allows unprivileged users to exploit a race condition in cap_set_file() by redirecting capability updates to attacker-controlled files via symlink manipulation in parent directories. An authenticated local attacker with write access to a parent directory and user interaction can inject or strip capabilities from arbitrary executables, achieving privilege escalation. No public exploit code or confirmed active exploitation has been identified at this time.
High severity vulnerability in systemd. A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This al...