VDB
RHSA-2022%3A5556
RHSA-2022%3A5556
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:1ea894d436235c11a1a69a262887e51a700f771e9b254535959b6b989addf83b_s390x as a component of RHOL 5.4 for RHEL 8 | openshift-logging/elasticsearch6-rhel8@sha256:1ea894d436235c11a1a69a262887e51a700f771e9b254535959b6b989addf83b_s390x |
| Red Hat | openshift-logging/logging-loki-rhel8@sha256:e06bc505ef8ac8dd5c7124a0bc20bedb17a599f597d7f0b45a52b7ca6f33c8c0_s390x as a component of RHOL 5.4 for RHEL 8 | * |
| Red Hat | openshift-logging/log-file-metric-exporter-rhel8@sha256:e3c7566f8c56fb3e1783e042f7ca3d6b439e9e371eb2b17b067d24ecfff021c9_ppc64le as a component of RHOL 5.4 for RHEL 8 | * |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:cb22f5072c613aa30c81904b2e4e6792852c8a77c19bc7c2b3502c2ccc443362_arm64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/kibana6-rhel8@sha256:cb22f5072c613aa30c81904b2e4e6792852c8a77c19bc7c2b3502c2ccc443362_arm64 |
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:c1b2b31af6e69d35c408f29f1439f5dad45a42fcad826053b3f535e6ee9f1c79_ppc64le as a component of RHOL 5.4 for RHEL 8 | openshift-logging/elasticsearch6-rhel8@sha256:c1b2b31af6e69d35c408f29f1439f5dad45a42fcad826053b3f535e6ee9f1c79_ppc64le |
| Red Hat | openshift-logging/lokistack-gateway-rhel8@sha256:f52665af05e06fceb6791827c8ca29e0ed4e0c3c75e681bc9078dc7759a93c78_arm64 as a component of RHOL 5.4 for RHEL 8 | * |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:fe59fbf37855a870f6955bbc8e190965670f8df413b70cfacaf8c8493585a809_ppc64le as a component of RHOL 5.4 for RHEL 8 | * |
| Red Hat | openshift-logging/opa-openshift-rhel8@sha256:7f6f1afd476391041fa58b71b81a06a0f8e743147f46b9a51f66fab929041120_ppc64le as a component of RHOL 5.4 for RHEL 8 | * |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:bc5ab07c9bb0d53912faaafa6148fff2b7bbc96170cb172c55b3f2aeb4081111_s390x as a component of RHOL 5.4 for RHEL 8 | openshift-logging/kibana6-rhel8@sha256:bc5ab07c9bb0d53912faaafa6148fff2b7bbc96170cb172c55b3f2aeb4081111_s390x |
| Red Hat | openshift-logging/lokistack-gateway-rhel8@sha256:52359b23276b47ab99c2cc8358eab379375ce4971040666643de46a3acaec2c3_s390x as a component of RHOL 5.4 for RHEL 8 | openshift-logging/lokistack-gateway-rhel8@sha256:52359b23276b47ab99c2cc8358eab379375ce4971040666643de46a3acaec2c3_s390x |
| Red Hat | openshift-logging/elasticsearch-proxy-rhel8@sha256:6df37d6a597336647c514852cd280afcdba2e960901cf05c824542f58813d31a_amd64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/elasticsearch-proxy-rhel8@sha256:6df37d6a597336647c514852cd280afcdba2e960901cf05c824542f58813d31a_amd64 |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:e081a8d8ece5fe59a8e61459887accb9d5050d5eaf775edf6bbb117cadb89c0e_s390x as a component of RHOL 5.4 for RHEL 8 | openshift-logging/elasticsearch-rhel8-operator@sha256:e081a8d8ece5fe59a8e61459887accb9d5050d5eaf775edf6bbb117cadb89c0e_s390x |
| Red Hat | openshift-logging/elasticsearch-proxy-rhel8@sha256:7cd850ee191f53f024c093a9b71d8f61a7de6ff1b5d0dcaf45ef1e08212c6dd3_s390x as a component of RHOL 5.4 for RHEL 8 | openshift-logging/elasticsearch-proxy-rhel8@sha256:7cd850ee191f53f024c093a9b71d8f61a7de6ff1b5d0dcaf45ef1e08212c6dd3_s390x |
| Red Hat | openshift-logging/vector-rhel8@sha256:7812804efdab9e6623a8115903679bb589f27cf744a33c401ea93cc1a45c54f6_amd64 as a component of RHOL 5.4 for RHEL 8 | * |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:e36c8044fd3032095ca5fb02c912bc0f5533f0795ef6201dc7767e9821145e09_ppc64le as a component of RHOL 5.4 for RHEL 8 | openshift-logging/kibana6-rhel8@sha256:e36c8044fd3032095ca5fb02c912bc0f5533f0795ef6201dc7767e9821145e09_ppc64le |
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:823787b313a31c0bb4dfa594bdd947f0be3386a17417e0507e4498c1768a323a_amd64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/elasticsearch6-rhel8@sha256:823787b313a31c0bb4dfa594bdd947f0be3386a17417e0507e4498c1768a323a_amd64 |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:56d31fb7f9b94018267696df2a2efa497997c743361ab921c107bfcbad7047a0_arm64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/elasticsearch-rhel8-operator@sha256:56d31fb7f9b94018267696df2a2efa497997c743361ab921c107bfcbad7047a0_arm64 |
| Red Hat | openshift-logging/loki-operator-bundle@sha256:e45fbdfaaac95255ccebb961aba990ba912d4cc7136bb1f9dae05accd3d22b53_amd64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/loki-operator-bundle@sha256:e45fbdfaaac95255ccebb961aba990ba912d4cc7136bb1f9dae05accd3d22b53_amd64 |
| Red Hat | openshift-logging/elasticsearch-operator-bundle@sha256:6595640c4fb1a554dd9460eec37da84c4a87f876c05c3a158f5c33560ccc7730_amd64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/elasticsearch-operator-bundle@sha256:6595640c4fb1a554dd9460eec37da84c4a87f876c05c3a158f5c33560ccc7730_amd64 |
| Red Hat | openshift-logging/fluentd-rhel8@sha256:86abe9a1ff8a869efd8c25bf60b524c235b2829e4e016a5b170882d001236896_amd64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/fluentd-rhel8@sha256:86abe9a1ff8a869efd8c25bf60b524c235b2829e4e016a5b170882d001236896_amd64 |
…and 98 more
Timeline
- Jul 18, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:5556 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2100495 issue
- https://issues.redhat.com/browse/LOG-2536 advisory
- https://issues.redhat.com/browse/LOG-2640 advisory
- https://issues.redhat.com/browse/LOG-2757 advisory
- https://issues.redhat.com/browse/LOG-2762 advisory
- https://issues.redhat.com/browse/LOG-2780 advisory
- https://issues.redhat.com/browse/LOG-2781 advisory
- https://issues.redhat.com/browse/LOG-2786 advisory
- https://issues.redhat.com/browse/LOG-2791 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5556.json advisory
- https://access.redhat.com/security/cve/CVE-2021-38561 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-38561 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-38561 advisory
- https://pkg.go.dev/vuln/GO-2021-0113 advisory