VDB

RHSA-2021%3A3262

RHSA-2021%3A3262 PUBLISHED CVSS 8.600000381469727 HIGH

A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.

Risk Scores

CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-tests@sha256:564dbad6b24d5df9a2276b52f71a75f70bb63dc41c2cfd101a2a6df277c016fd_ppc64le as a component of Red Hat OpenShift Container Platform 4.7*
Red Hatopenshift4/ose-csi-driver-manila-rhel8@sha256:8b4fd7a3c2bdef7b1b00c866f9a285c7eab40d15d8e0d66e808f023a0e08724b_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-csi-driver-manila-rhel8@sha256:8b4fd7a3c2bdef7b1b00c866f9a285c7eab40d15d8e0d66e808f023a0e08724b_amd64
Red Hatopenshift4/ose-csi-node-driver-registrar@sha256:3ce7f3f2c0de189af6a63ce0ae85863fad938a4df248336401b69c545ffc5b88_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-csi-node-driver-registrar@sha256:3ce7f3f2c0de189af6a63ce0ae85863fad938a4df248336401b69c545ffc5b88_s390x
Red Hatopenshift4/ose-cluster-openshift-controller-manager-operator@sha256:4bd39aa86cadf0ba360fb605d2c08ebf074b1653d2491f928750edf0597a7f57_ppc64le as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-cluster-openshift-controller-manager-operator@sha256:4bd39aa86cadf0ba360fb605d2c08ebf074b1653d2491f928750edf0597a7f57_ppc64le
Red Hatopenshift4/ose-vsphere-problem-detector-rhel8@sha256:dab476b3a326e72f2630dc9d925216656b893649dd5183100edaea76b57bd871_ppc64le as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-vsphere-problem-detector-rhel8@sha256:dab476b3a326e72f2630dc9d925216656b893649dd5183100edaea76b57bd871_ppc64le
Red Hatopenshift4/ose-aws-ebs-csi-driver-rhel8@sha256:5b96b3b555d150c6e0297c4fde52fbadf1e17422706aee3924ab30758803f11b_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-aws-ebs-csi-driver-rhel8@sha256:5b96b3b555d150c6e0297c4fde52fbadf1e17422706aee3924ab30758803f11b_s390x
Red Hatopenshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:eadfe7df9c1cbc3b97094892a9f08af10ec973afa2b4b2c7c6c34d5ce40f0702_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:eadfe7df9c1cbc3b97094892a9f08af10ec973afa2b4b2c7c6c34d5ce40f0702_amd64
Red Hatopenshift4/ose-multus-cni@sha256:a03d82578f15881c51b4a064773c1edff231bbef60838b734fdfbf1b435f6e6d_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-multus-cni@sha256:a03d82578f15881c51b4a064773c1edff231bbef60838b734fdfbf1b435f6e6d_s390x
Red Hatopenshift4/ose-cluster-storage-operator@sha256:b26740b50a9be1ecae95e40190f3d7bff6441419217cd8f9dd1cff8c4ca3c330_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-cluster-storage-operator@sha256:b26740b50a9be1ecae95e40190f3d7bff6441419217cd8f9dd1cff8c4ca3c330_s390x
Red Hatopenshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:e9c650b4bf781d7c798cfcbfd7d769e632cd2fb1fff5b7a5573efcf462e6abab_ppc64le as a component of Red Hat OpenShift Container Platform 4.7*
Red Hatopenshift4/ose-libvirt-machine-controllers@sha256:63c97b10a3faa3f67430c89310730b40b7c40b0fd6f819dd3cce89d807df8727_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-libvirt-machine-controllers@sha256:63c97b10a3faa3f67430c89310730b40b7c40b0fd6f819dd3cce89d807df8727_s390x
Red Hatopenshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:d8cab074310670fd6e5e62009a3770bf4d925057a1a1af16d8ce5f12758354ac_ppc64le as a component of Red Hat OpenShift Container Platform 4.7*
Red Hatopenshift4/ose-docker-registry@sha256:237dc315c444f22e12e5c297c0b038c63d8d2f41c91a03e1220219b41514f411_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-docker-registry@sha256:237dc315c444f22e12e5c297c0b038c63d8d2f41c91a03e1220219b41514f411_s390x
Red Hatopenshift4/ose-hyperkube@sha256:d5620d5c717ae53b55f5305d414457f77660cefd95cf8fc4a1eb55aef8274fa2_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-hyperkube@sha256:d5620d5c717ae53b55f5305d414457f77660cefd95cf8fc4a1eb55aef8274fa2_s390x
Red Hatopenshift4/ose-cluster-dns-operator@sha256:44eb838f819a263c31d48b8ec541d44be6a38127bc19b8104964ef6168646ada_ppc64le as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-cluster-dns-operator@sha256:44eb838f819a263c31d48b8ec541d44be6a38127bc19b8104964ef6168646ada_ppc64le
Red Hatopenshift4/ose-libvirt-machine-controllers@sha256:9f10cacd013a66d5264ec3b717fbc4a7a9d6205e8fe9047dc46a9215cd8b6e89_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-libvirt-machine-controllers@sha256:9f10cacd013a66d5264ec3b717fbc4a7a9d6205e8fe9047dc46a9215cd8b6e89_amd64
Red Hatopenshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:aea7f86e319a7704b60f41c8787197866fae995f9faeaf41e6de0fee5534cb9d_ppc64le as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:aea7f86e319a7704b60f41c8787197866fae995f9faeaf41e6de0fee5534cb9d_ppc64le
Red Hatopenshift4/ose-installer-artifacts@sha256:67022eba0c11bceee37c38e257996f332797fbd52740b39629ac96d7abeaa9c9_ppc64le as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-installer-artifacts@sha256:67022eba0c11bceee37c38e257996f332797fbd52740b39629ac96d7abeaa9c9_ppc64le
Red Hatopenshift4/ose-kube-state-metrics@sha256:d9226b3b1bdacfec068074ee5ca49dc31d79fe73cb9085a6a77e52786cd1f5e0_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-kube-state-metrics@sha256:d9226b3b1bdacfec068074ee5ca49dc31d79fe73cb9085a6a77e52786cd1f5e0_s390x
Red Hatopenshift4/ose-configmap-reloader@sha256:bc7e8895e4e6ad7948a8a0a219c1924d7dacefb1f4334b9dea6decde4f0f4574_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-configmap-reloader@sha256:bc7e8895e4e6ad7948a8a0a219c1924d7dacefb1f4334b9dea6decde4f0f4574_amd64

…and 372 more

Timeline

  • Sep 1, 2021 CVE Published
  • Mar 26, 2026 CVE Updated
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›