Red Hat Security Advisory: Red Hat build of MicroShift 4.16.0 security update
Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift Container Platform. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments. This advisory contains the RPM packages for Red Hat build of MicroShift 4.16.0. Read the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2024:0041 All Red Hat build of MicroShift 4.16 users are advised to use these updated packages and images when they are available in the RPM repository. Security Fix(es): * golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786) * kubernetes: kube-apiserver: bypassing mountable secrets policy imposed by the ServiceAccount admission plugin (CVE-2024-3177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat Security Advisory: Red Hat build of MicroShift 4.16.0 security update
Description
Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift Container Platform. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments. This advisory contains the RPM packages for Red Hat build of MicroShift 4.16.0. Read the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2024:0041 All Red Hat build of MicroShift 4.16 users are advised to use these updated packages and images when they are available in the RPM repository. Security Fix(es): * golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786) * kubernetes: kube-apiserver: bypassing mountable secrets policy imposed by the ServiceAccount admission plugin (CVE-2024-3177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:0043
- Cve Count
- 2
- Additional Cves
- ["CVE-2024-24786"]
- Cvss Version
- null
Threat ID: 6a160957e29bf47b5061e483
Added to database: 5/26/2026, 8:57:59 PM
Last updated: 5/26/2026, 9:02:28 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.