RHSA-2022:9096: Moderate: Red Hat OpenShift support for Windows Containers 7.0.0 [security update]
Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.Security Fix(es): prometheus/clientgolang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698) golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191) kubelet: runAsNonRoot logic bypass for Windows containers (CVE-2021-25749) For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVE page(s)listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2022:9096?
The severity of RHSA-2022:9096 is categorized as a critical vulnerability.
How do I fix RHSA-2022:9096?
To fix RHSA-2022:9096, it is recommended to update the affected packages to their latest versions.
What vulnerabilities are addressed in RHSA-2022:9096?
RHSA-2022:9096 addresses vulnerabilities including CVE-2022-21698 related to denial of service in prometheus/client_golang.
Which software is affected by RHSA-2022:9096?
RHSA-2022:9096 affects Red Hat OpenShift and its components that support Windows Containers.
Is there a known workaround for RHSA-2022:9096?
No specific workarounds are provided for RHSA-2022:9096 and updating is the best recommended solution.