RHSA-2022:0721: Moderate: OpenShift Logging bug fix and security update (5.3.5)
OpenShift Logging bug fix and security update (5.3.5)Security Fix(es): jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception (CVE-2020-28491) origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409 (CVE-2022-0552) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2022:0721?
The severity of RHSA-2022:0721 is classified as high due to the potential for denial of service through an OutOfMemoryError.
How do I fix RHSA-2022:0721?
To fix RHSA-2022:0721, apply the latest security patch provided in the Red Hat advisory.
What vulnerabilities are addressed in RHSA-2022:0721?
RHSA-2022:0721 addresses vulnerabilities related to jackson-dataformat-cbor and Elasticsearch components.
What are the potential impacts of not addressing RHSA-2022:0721?
Failing to address RHSA-2022:0721 may lead to service outages or crashes due to unchecked byte buffer allocations.
Which software versions are affected by RHSA-2022:0721?
RHSA-2022:0721 affects specific versions of OpenShift Logging components that utilize affected packages.