Python-eventlet: patch regression for cve-2021-21419 in some red hat builds
CVE-2023-5625

5.3MEDIUM

Key Information:

Vendor

Red Hat
Status
Ironic Content For Red Hat Openshift Container Platform 4.12
Red Hat Openstack Platform 17.1 For Rhel 8
Red Hat Openstack Platform 17.1 For Rhel 9
Vendor
CVE Published:
1 November 2023

What is CVE-2023-5625?

A regression has been identified in the Red Hat build of python-eventlet. This issue arose from a modification in the patch application strategy, leading to the failure of a critical patch for CVE-2021-21419 to be applied across all builds of Red Hat products. Consequently, users may be exposed to vulnerabilities stemming from this oversight, impacting the security and stability of affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Ironic content for Red Hat OpenShift Container Platform 4.12 0:0.30.2-4.el9

Red Hat OpenStack Platform 17.1 for RHEL 8 0:0.30.2-4.el8ost

Red Hat OpenStack Platform 17.1 for RHEL 9 0:0.30.2-4.el9ost

References

https://access.redhat.com/errata/RHSA-2023:6128
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0188
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0213
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.