Red Hat Security Advisory: OpenShift Container Platform 4.15.30 bug fix and security update
Red Hat OpenShift Container Platform 4. 15. 30 includes important security updates addressing multiple vulnerabilities in components such as bind9 and helm. These issues include performance degradation due to large DNS record sets (CVE-2024-1737), CPU exhaustion via SIG(0) in bind9 (CVE-2024-1975), assertion failures when serving stale cache and authoritative data (CVE-2024-4076), and a helm panic caused by missing YAML content (CVE-2024-26147). The update is rated as important by Red Hat Product Security and users are advised to upgrade to the fixed packages and container images as soon as they are available through official release channels.
AI Analysis
Technical Summary
This advisory covers Red Hat OpenShift Container Platform 4.15.30, which contains fixes for four security vulnerabilities affecting bind9 and helm components. CVE-2024-1737 addresses slow database performance when a large number of resource records exist at the same name. CVE-2024-1975 involves CPU resource exhaustion triggered by SIG(0) in bind9. CVE-2024-4076 is an assertion failure in bind9 when serving both stale cache data and authoritative zone content. CVE-2024-26147 is a helm vulnerability causing a panic due to missing YAML content. The update includes container images and RPM packages to remediate these issues. Users should upgrade their OpenShift Container Platform 4.15 clusters using the provided official instructions and tools.
Potential Impact
The vulnerabilities can cause degraded performance, resource exhaustion, and service instability in OpenShift Container Platform deployments. Specifically, bind9 issues may lead to slow DNS responses, CPU exhaustion, or assertion failures causing potential service disruptions. The helm vulnerability can cause application deployment failures due to panics triggered by malformed or missing YAML content. These impacts can affect the reliability and availability of OpenShift clusters if left unpatched.
Mitigation Recommendations
Red Hat has released updated container images and RPM packages for OpenShift Container Platform 4.15.30 that address these vulnerabilities. Users should upgrade to these updated packages and images as soon as they are available in the appropriate release channels. Upgrades can be performed using the OpenShift CLI (oc) or the web console following official Red Hat documentation. No alternative mitigations are indicated; patching is the recommended and supported remediation.
Red Hat Security Advisory: OpenShift Container Platform 4.15.30 bug fix and security update
Description
Red Hat OpenShift Container Platform 4. 15. 30 includes important security updates addressing multiple vulnerabilities in components such as bind9 and helm. These issues include performance degradation due to large DNS record sets (CVE-2024-1737), CPU exhaustion via SIG(0) in bind9 (CVE-2024-1975), assertion failures when serving stale cache and authoritative data (CVE-2024-4076), and a helm panic caused by missing YAML content (CVE-2024-26147). The update is rated as important by Red Hat Product Security and users are advised to upgrade to the fixed packages and container images as soon as they are available through official release channels.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers Red Hat OpenShift Container Platform 4.15.30, which contains fixes for four security vulnerabilities affecting bind9 and helm components. CVE-2024-1737 addresses slow database performance when a large number of resource records exist at the same name. CVE-2024-1975 involves CPU resource exhaustion triggered by SIG(0) in bind9. CVE-2024-4076 is an assertion failure in bind9 when serving both stale cache data and authoritative zone content. CVE-2024-26147 is a helm vulnerability causing a panic due to missing YAML content. The update includes container images and RPM packages to remediate these issues. Users should upgrade their OpenShift Container Platform 4.15 clusters using the provided official instructions and tools.
Potential Impact
The vulnerabilities can cause degraded performance, resource exhaustion, and service instability in OpenShift Container Platform deployments. Specifically, bind9 issues may lead to slow DNS responses, CPU exhaustion, or assertion failures causing potential service disruptions. The helm vulnerability can cause application deployment failures due to panics triggered by malformed or missing YAML content. These impacts can affect the reliability and availability of OpenShift clusters if left unpatched.
Mitigation Recommendations
Red Hat has released updated container images and RPM packages for OpenShift Container Platform 4.15.30 that address these vulnerabilities. Users should upgrade to these updated packages and images as soon as they are available in the appropriate release channels. Upgrades can be performed using the OpenShift CLI (oc) or the web console following official Red Hat documentation. No alternative mitigations are indicated; patching is the recommended and supported remediation.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:6013
- Cve Count
- 4
- Additional Cves
- ["CVE-2024-1975","CVE-2024-4076","CVE-2024-26147"]
- Cvss Version
- null
Threat ID: 6a1f4ea3e29bf47b500889ef
Added to database: 6/2/2026, 9:44:03 PM
Last enriched: 6/2/2026, 10:30:08 PM
Last updated: 6/3/2026, 4:59:20 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.