This advisory covers Red Hat OpenShift Container Platform 4.15.46, which fixes multiple security issues. The key vulnerabilities addressed include CVE-2024-21626, a file descriptor leak in runc; CVE-2024-45338, a non-linear parsing vulnerability in golang.org/x/net/html; and CVE-2024-53104, a kernel media driver issue where frames of type UVC_VS_UNDEFINED are skipped in uvc_parse_format. These issues are resolved in updated container images and RPM packages. Red Hat recommends all OpenShift Container Platform 4.15 users upgrade to these updated versions using the OpenShift CLI or web console. The advisory does not provide CVSS scores but classifies the update as important. No known exploits in the wild have been reported at the time of this advisory.

The vulnerabilities fixed in this update could lead to resource leaks (file descriptor leak), improper parsing of HTML content, and potential kernel media driver issues. While no known exploits in the wild have been reported, these issues could affect the stability and security of OpenShift Container Platform deployments. The update is rated as important by Red Hat Product Security, indicating a significant security impact that warrants prompt attention.

Red Hat has released updated container images and RPM packages for OpenShift Container Platform 4.15.46 that address these vulnerabilities. Users should upgrade their OpenShift clusters to this version using the OpenShift CLI (oc) or web console as soon as the updates are available in their release channel. Detailed upgrade instructions are provided by Red Hat at https://docs.openshift.com/container-platform/4.15/updating/updating_a_cluster/updating-cluster-cli.html. Applying these updates fully mitigates the described security issues.