VDB
RHSA-2022%3A5070
RHSA-2022%3A5070
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-ptp-operator@sha256:0fb4cb66c819c3c84cfb5c003d6ec50aac4a4062631528b4e32cb05ce0f83221_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-ptp-operator@sha256:0fb4cb66c819c3c84cfb5c003d6ec50aac4a4062631528b4e32cb05ce0f83221_amd64, * |
| Red Hat | openshift4/ose-cloud-event-proxy-rhel8@sha256:3d90118071c2695aa4508a924d0a0fd48abc1fdadc48c319920b982d92fdde28_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cloud-event-proxy-rhel8@sha256:3d90118071c2695aa4508a924d0a0fd48abc1fdadc48c319920b982d92fdde28_ppc64le, openshift4/ose-cloud-event-proxy-rhel8@sha256:3d90118071c2695aa4508a924d0a0fd48abc1fdadc48c319920b982d92fdde28_ppc64le |
| Red Hat | openshift4/ose-descheduler@sha256:838edf922fd9ef485f841077052f2d316b0292ad36aae90c2e4754f9f5d46e5b_s390x as a component of Red Hat OpenShift Container Platform 4.11 | *, openshift4/ose-descheduler@sha256:838edf922fd9ef485f841077052f2d316b0292ad36aae90c2e4754f9f5d46e5b_s390x |
| Red Hat | openshift4/ose-cluster-kube-descheduler-operator@sha256:e0f0ae36af359353f90cb34fa554e3f57116bcc39299883c3061502f12203ad1_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | *, openshift4/ose-cluster-kube-descheduler-operator@sha256:e0f0ae36af359353f90cb34fa554e3f57116bcc39299883c3061502f12203ad1_ppc64le |
| Red Hat | openshift4/ose-node-feature-discovery@sha256:7586c36639dccb3baff37d709de4f76238907a00b67c3347d9f0cdb5c50899c5_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-node-feature-discovery@sha256:7586c36639dccb3baff37d709de4f76238907a00b67c3347d9f0cdb5c50899c5_ppc64le, openshift4/ose-node-feature-discovery@sha256:7586c36639dccb3baff37d709de4f76238907a00b67c3347d9f0cdb5c50899c5_ppc64le |
| Red Hat | openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f06c4e8bdde7cf0a374e8fddf95987431160865b717f15bbd65b50f89c7d8d50_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | *, openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f06c4e8bdde7cf0a374e8fddf95987431160865b717f15bbd65b50f89c7d8d50_amd64 |
| Red Hat | openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:97bd392577a367d7cf51564ee62be49e350aae9056c4013fb1b5512022122203_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:97bd392577a367d7cf51564ee62be49e350aae9056c4013fb1b5512022122203_ppc64le, * |
| Red Hat | openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:1c574cb82ba558af5444afef664957107a32c65b38dde06f1ff9682920297ae1_s390x as a component of Red Hat OpenShift Container Platform 4.11 | *, * |
| Red Hat | openshift4/metallb-rhel8-operator@sha256:43d375f5281a9ba701173f7d3e07f386f306c04d46157ddbdd4e16c7bca5dff4_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | *, openshift4/metallb-rhel8-operator@sha256:43d375f5281a9ba701173f7d3e07f386f306c04d46157ddbdd4e16c7bca5dff4_arm64 |
| Red Hat | openshift4/ose-ansible-operator@sha256:66d9c1e00551918d80f4963e7c89a1d4ed1190c94f50357bba15cf384bc09447_s390x as a component of Red Hat OpenShift Container Platform 4.11 | *, openshift4/ose-ansible-operator@sha256:66d9c1e00551918d80f4963e7c89a1d4ed1190c94f50357bba15cf384bc09447_s390x |
| Red Hat | openshift4/ose-local-storage-diskmaker@sha256:9cd67188d12ffe1a30cfe729fbe536da1789fb48032b06e9d334423aa1658d85_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-local-storage-diskmaker@sha256:9cd67188d12ffe1a30cfe729fbe536da1789fb48032b06e9d334423aa1658d85_amd64, * |
| Red Hat | openshift4/ose-cluster-kube-descheduler-operator@sha256:78076f8ac11116eb5ab637304eae76c3baf5bbc85181bb489cd7f2eb058a0d48_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-kube-descheduler-operator@sha256:78076f8ac11116eb5ab637304eae76c3baf5bbc85181bb489cd7f2eb058a0d48_amd64, * |
| Red Hat | openshift4/ose-clusterresourceoverride-rhel8@sha256:50f04b9e3ba9f18f207377827ce76a9870914ec6f5c2c66fede948bb1bafbfb2_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-clusterresourceoverride-rhel8@sha256:50f04b9e3ba9f18f207377827ce76a9870914ec6f5c2c66fede948bb1bafbfb2_s390x, openshift4/ose-clusterresourceoverride-rhel8@sha256:50f04b9e3ba9f18f207377827ce76a9870914ec6f5c2c66fede948bb1bafbfb2_s390x |
| Red Hat | openshift4/ptp-must-gather-rhel8@sha256:be9871f5d21fdec1d20bb5ee0f5c84c7bfb83d7a9f76c8a3eec5604af2ea072f_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ptp-must-gather-rhel8@sha256:be9871f5d21fdec1d20bb5ee0f5c84c7bfb83d7a9f76c8a3eec5604af2ea072f_ppc64le, openshift4/ptp-must-gather-rhel8@sha256:be9871f5d21fdec1d20bb5ee0f5c84c7bfb83d7a9f76c8a3eec5604af2ea072f_ppc64le |
| Red Hat | openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:c36b07bb1a41ba5d63d9e74f0612d3c8f35507ded60af8981927a713cd1a75a9_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:c36b07bb1a41ba5d63d9e74f0612d3c8f35507ded60af8981927a713cd1a75a9_s390x, openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:c36b07bb1a41ba5d63d9e74f0612d3c8f35507ded60af8981927a713cd1a75a9_s390x |
| Red Hat | openshift4/ose-egress-http-proxy@sha256:6536de6383d60f5aafe497ba29b9a23133db42f48e572cd77c7d21634a48c0aa_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | *, * |
| Red Hat | openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:93e46a89eec3026b3ecba89d28cbcea305c137eb5c458fe297f0af89bf2d90c5_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:93e46a89eec3026b3ecba89d28cbcea305c137eb5c458fe297f0af89bf2d90c5_s390x, openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:93e46a89eec3026b3ecba89d28cbcea305c137eb5c458fe297f0af89bf2d90c5_s390x |
| Red Hat | openshift4/ose-sriov-cni@sha256:73ddb99a9c5b3179dc8903f4d49d5e5aba5fe274a9885c21d9506ebbdc2c80d3_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-sriov-cni@sha256:73ddb99a9c5b3179dc8903f4d49d5e5aba5fe274a9885c21d9506ebbdc2c80d3_arm64, openshift4/ose-sriov-cni@sha256:73ddb99a9c5b3179dc8903f4d49d5e5aba5fe274a9885c21d9506ebbdc2c80d3_arm64 |
| Red Hat | openshift4/ose-cluster-kube-descheduler-operator@sha256:2bab63f0be96e3b9d5677627705ec980f114041124df571904d926f4c864ff94_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | *, * |
| Red Hat | openshift-tech-preview/metallb-rhel8@sha256:08ecc186deede0fda1e705a675121579e3c4c3e1869d782263a9e3fd1633d371_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift-tech-preview/metallb-rhel8@sha256:08ecc186deede0fda1e705a675121579e3c4c3e1869d782263a9e3fd1633d371_s390x, * |
…and 310 more
Timeline
- Aug 10, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 14, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:5070 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2042536 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2042652 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2045880 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2047308 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2055049 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2055436 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2055439 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2057569 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2058256 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2062849 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2066860 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2066887 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2066889 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2067312 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2077243 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2087511 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2089962 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2090774 issue
…and 17 more