VDB
RHSA-2022%3A5908
RHSA-2022%3A5908
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:8abca8585eff035f45616a265500f2ce06ef4e442f13875b3c21211652bf7f7f_ppc64le as a component of OpenShift Logging 5.3 | openshift-logging/elasticsearch6-rhel8@sha256:8abca8585eff035f45616a265500f2ce06ef4e442f13875b3c21211652bf7f7f_ppc64le |
| Red Hat | openshift-logging/elasticsearch-proxy-rhel8@sha256:81436241c1042cff2523bfcc73d050700efa107b3fb41c0475ae18b4a3b7b43c_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/elasticsearch-proxy-rhel8@sha256:81436241c1042cff2523bfcc73d050700efa107b3fb41c0475ae18b4a3b7b43c_amd64 |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:b7562f5d22d8860bca1fd0d4dd7610e84153f111aeced03b7c6646495f3ee5a5_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/kibana6-rhel8@sha256:b7562f5d22d8860bca1fd0d4dd7610e84153f111aeced03b7c6646495f3ee5a5_amd64 |
| Red Hat | openshift-logging/cluster-logging-rhel8-operator@sha256:2e702a519f72ff4b69d77c6226c23645f7499cf5c3fa25e44804bbb67e9b0e3f_ppc64le as a component of OpenShift Logging 5.3 | openshift-logging/cluster-logging-rhel8-operator@sha256:2e702a519f72ff4b69d77c6226c23645f7499cf5c3fa25e44804bbb67e9b0e3f_ppc64le |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:0d0bd7b54472b47a65480f5b5832b773c5c79161eedbc15cbf80a8615f7d7e47_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/elasticsearch-rhel8-operator@sha256:0d0bd7b54472b47a65480f5b5832b773c5c79161eedbc15cbf80a8615f7d7e47_amd64 |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:150f56a69ff535982d1af00896a1b0f951cbb75666f9d139811a79b29e86b04b_s390x as a component of OpenShift Logging 5.3 | openshift-logging/elasticsearch-rhel8-operator@sha256:150f56a69ff535982d1af00896a1b0f951cbb75666f9d139811a79b29e86b04b_s390x |
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:849379f0269df32524a3faeb5c3d57bf75494159d34395b50eb9452611310054_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/elasticsearch6-rhel8@sha256:849379f0269df32524a3faeb5c3d57bf75494159d34395b50eb9452611310054_amd64 |
| Red Hat | openshift-logging/logging-curator5-rhel8@sha256:8968f9ce2e74fdc5d8256c5a5c3f34ae6db8f6f86de0149fd66168168df54015_s390x as a component of OpenShift Logging 5.3 | * |
| Red Hat | openshift-logging/elasticsearch-proxy-rhel8@sha256:5830aaf028a6a94ade5bb40840180911dd80ef0dc4eb93080cf8bde3476cd585_s390x as a component of OpenShift Logging 5.3 | openshift-logging/elasticsearch-proxy-rhel8@sha256:5830aaf028a6a94ade5bb40840180911dd80ef0dc4eb93080cf8bde3476cd585_s390x |
| Red Hat | openshift-logging/logging-curator5-rhel8@sha256:8968f9ce2e74fdc5d8256c5a5c3f34ae6db8f6f86de0149fd66168168df54015_s390x as a component of OpenShift Logging 5.3 | * |
| Red Hat | openshift-logging/logging-curator5-rhel8@sha256:363822fd64a18478e51fd30c6851172c4554cff467059e61d643e8d048fe4cec_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/logging-curator5-rhel8@sha256:363822fd64a18478e51fd30c6851172c4554cff467059e61d643e8d048fe4cec_amd64 |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:ece1828d3b83d7d080c14061017a0954454d6eaa1b64cbbe9eeed51d3fbaaa59_ppc64le as a component of OpenShift Logging 5.3 | openshift-logging/kibana6-rhel8@sha256:ece1828d3b83d7d080c14061017a0954454d6eaa1b64cbbe9eeed51d3fbaaa59_ppc64le |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:a834960d45d27966bb4f866b87014c02b80c463cf0298fecb2d943b51200d2dd_ppc64le as a component of OpenShift Logging 5.3 | openshift-logging/elasticsearch-rhel8-operator@sha256:a834960d45d27966bb4f866b87014c02b80c463cf0298fecb2d943b51200d2dd_ppc64le |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:a834960d45d27966bb4f866b87014c02b80c463cf0298fecb2d943b51200d2dd_ppc64le as a component of OpenShift Logging 5.3 | * |
| Red Hat | openshift-logging/log-file-metric-exporter-rhel8@sha256:6690639a20a9b1f65561bbbd8bd3655ff1bbeeeec4f6382b7ba4b44a07cc77c8_ppc64le as a component of OpenShift Logging 5.3 | openshift-logging/log-file-metric-exporter-rhel8@sha256:6690639a20a9b1f65561bbbd8bd3655ff1bbeeeec4f6382b7ba4b44a07cc77c8_ppc64le |
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:849379f0269df32524a3faeb5c3d57bf75494159d34395b50eb9452611310054_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/elasticsearch6-rhel8@sha256:849379f0269df32524a3faeb5c3d57bf75494159d34395b50eb9452611310054_amd64 |
| Red Hat | openshift-logging/log-file-metric-exporter-rhel8@sha256:639c977e126b76ce05dd0a80bd9f771b5830674cc435969c6c2850d1b353b64d_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/log-file-metric-exporter-rhel8@sha256:639c977e126b76ce05dd0a80bd9f771b5830674cc435969c6c2850d1b353b64d_amd64 |
| Red Hat | openshift-logging/cluster-logging-rhel8-operator@sha256:2310451aa8b11142f632b6327050f166b65f37c6072019ceb5da9448ab79386a_amd64 as a component of OpenShift Logging 5.3 | openshift-logging/cluster-logging-rhel8-operator@sha256:2310451aa8b11142f632b6327050f166b65f37c6072019ceb5da9448ab79386a_amd64 |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:ece1828d3b83d7d080c14061017a0954454d6eaa1b64cbbe9eeed51d3fbaaa59_ppc64le as a component of OpenShift Logging 5.3 | openshift-logging/kibana6-rhel8@sha256:ece1828d3b83d7d080c14061017a0954454d6eaa1b64cbbe9eeed51d3fbaaa59_ppc64le |
| Red Hat | openshift-logging/fluentd-rhel8@sha256:38cd5c2bac627b8350740f44eb9f3b49edcb178d1bc067d656bbe1edb12439ce_ppc64le as a component of OpenShift Logging 5.3 | * |
…and 32 more
Timeline
- Aug 4, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:5908 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2100495 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5908.json advisory
- https://access.redhat.com/security/cve/CVE-2021-38561 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-38561 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-38561 advisory
- https://pkg.go.dev/vuln/GO-2021-0113 advisory