Incomplete container isolation
CVE-2023-1636

6MEDIUM

Key Information:

Vendor: Red Hat
Status: Openstack-barbican; Red Hat Openstack Platform 13 (queens); Red Hat Openstack Platform 16.1; Red Hat Openstack Platform 16.2
Vendor: CVE Published:; 24 September 2023

What is CVE-2023-1636?

A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/security/cve/CVE-2023-1636

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2181765

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Sep 24, 2023
Vulnerability Reserved
Mar 25, 2023

Credit

Red Hat would like to thank ANSSI and Amossys for reporting this issue.

JSON

Red Hat