Red Hat Security Advisory: Red Hat build of Cryostat 3.0.0: new RHEL 8 container image security update
A moderate severity vulnerability (CVE-2024-30171) affects the Red Hat build of Cryostat 3. 0. 0 on RHEL 8 container images. The issue involves a timing variant of the Bleichenbacher attack (known as the Marvin Attack) in the BouncyCastle cryptographic library. Red Hat has released updated container images with backported patches to address this vulnerability. Users of Cryostat 2. 4. 0 on RHEL 8 container images are advised to upgrade to the new images and rebuild dependent container images to incorporate the fixes. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
The Red Hat build of Cryostat 3.0.0 on RHEL 8 container images includes a security update that patches a vulnerability in the BouncyCastle library (org.bouncycastle-bcprov-jdk18on) identified as CVE-2024-30171. This vulnerability is a timing variant of the Bleichenbacher attack (Marvin Attack), which can potentially leak cryptographic information through timing side channels. The update contains backported patches addressing this issue. Users running Cryostat 2.4.0 on RHEL 8 container images should upgrade to the updated Cryostat 3.0.0 images and rebuild any container images that depend on them to ensure the vulnerability is mitigated.
Potential Impact
The vulnerability allows a timing side-channel attack variant of Bleichenbacher (Marvin Attack) against the BouncyCastle cryptographic library used in Cryostat container images. This could potentially allow an attacker to gain information about cryptographic operations, which may weaken the security of cryptographic protocols relying on BouncyCastle. However, no known exploits are reported in the wild, and the overall security impact is rated as moderate by Red Hat.
Mitigation Recommendations
Red Hat has released updated Cryostat 3.0.0 container images on RHEL 8 that include backported patches fixing this vulnerability. Users of Cryostat 2.4.0 on RHEL 8 container images should upgrade to these updated images promptly. Additionally, users are encouraged to rebuild all container images that depend on these Cryostat images to ensure the patches are fully applied. Refer to the Red Hat Container Catalog and the official Red Hat advisory RHSA-2024:4173 for detailed update instructions. Patch status is confirmed by the vendor advisory as available and official.
Red Hat Security Advisory: Red Hat build of Cryostat 3.0.0: new RHEL 8 container image security update
Description
A moderate severity vulnerability (CVE-2024-30171) affects the Red Hat build of Cryostat 3. 0. 0 on RHEL 8 container images. The issue involves a timing variant of the Bleichenbacher attack (known as the Marvin Attack) in the BouncyCastle cryptographic library. Red Hat has released updated container images with backported patches to address this vulnerability. Users of Cryostat 2. 4. 0 on RHEL 8 container images are advised to upgrade to the new images and rebuild dependent container images to incorporate the fixes. No known exploits are reported in the wild at this time.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Red Hat build of Cryostat 3.0.0 on RHEL 8 container images includes a security update that patches a vulnerability in the BouncyCastle library (org.bouncycastle-bcprov-jdk18on) identified as CVE-2024-30171. This vulnerability is a timing variant of the Bleichenbacher attack (Marvin Attack), which can potentially leak cryptographic information through timing side channels. The update contains backported patches addressing this issue. Users running Cryostat 2.4.0 on RHEL 8 container images should upgrade to the updated Cryostat 3.0.0 images and rebuild any container images that depend on them to ensure the vulnerability is mitigated.
Potential Impact
The vulnerability allows a timing side-channel attack variant of Bleichenbacher (Marvin Attack) against the BouncyCastle cryptographic library used in Cryostat container images. This could potentially allow an attacker to gain information about cryptographic operations, which may weaken the security of cryptographic protocols relying on BouncyCastle. However, no known exploits are reported in the wild, and the overall security impact is rated as moderate by Red Hat.
Mitigation Recommendations
Red Hat has released updated Cryostat 3.0.0 container images on RHEL 8 that include backported patches fixing this vulnerability. Users of Cryostat 2.4.0 on RHEL 8 container images should upgrade to these updated images promptly. Additionally, users are encouraged to rebuild all container images that depend on these Cryostat images to ensure the patches are fully applied. Refer to the Red Hat Container Catalog and the official Red Hat advisory RHSA-2024:4173 for detailed update instructions. Patch status is confirmed by the vendor advisory as available and official.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:4173
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a1df669e29bf47b5046246a
Added to database: 6/1/2026, 9:15:21 PM
Last enriched: 6/1/2026, 9:24:38 PM
Last updated: 6/2/2026, 5:03:31 AM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.