This advisory covers the release of Red Hat OpenShift Container Platform 4.17.12, which includes fixes for three security vulnerabilities: CVE-2024-21626 (runc file descriptor leak), CVE-2024-45338 (non-linear parsing of case-insensitive content in golang.org/x/net/html), and CVE-2024-50312 (information disclosure via GraphQL introspection). The update addresses these issues by providing patched container images and RPM packages. Red Hat rates the security impact as important and recommends all users of OpenShift Container Platform 4.17 to upgrade to this release. The advisory includes references to official documentation for upgrade procedures and image digests for multiple architectures. No CVSS scores are provided in the advisory; users should consult the linked CVE pages for detailed scoring.

The vulnerabilities fixed in this release could lead to resource leaks (file descriptor leak), potential parsing issues that might affect application behavior, and information disclosure through GraphQL introspection. These issues may impact confidentiality and stability of the OpenShift Container Platform environment. Red Hat classifies the security impact as important, indicating a high but not critical severity level. There are no reports of known exploits in the wild at the time of this advisory.

Red Hat has released updated container images and RPM packages as part of OpenShift Container Platform 4.17.12 to address these vulnerabilities. Users should upgrade their OpenShift clusters to this version using the OpenShift CLI (oc) or web console following the official upgrade instructions provided by Red Hat. The vendor manages remediation through these updates; no additional mitigations are specified or required beyond applying the official patches. Patch status is confirmed as available and users are strongly advised to apply the update promptly.