VDB

RHSA-2022%3A5923

RHSA-2022%3A5923 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatstf/service-telemetry-operator-bundle@sha256:3b706752e59dbae16e7424afb0ee50a5964e2819a9a59d63c1ce24ce2916cefa_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8*, *, stf/service-telemetry-operator-bundle@sha256:3b706752e59dbae16e7424afb0ee50a5964e2819a9a59d63c1ce24ce2916cefa_amd64
Red Hatstf/service-telemetry-rhel8-operator@sha256:ea215ee4babe69cc2ba93fcf1dc08d2eb28235085e0c2971fd5925e02e1be2ab_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8stf/service-telemetry-rhel8-operator@sha256:ea215ee4babe69cc2ba93fcf1dc08d2eb28235085e0c2971fd5925e02e1be2ab_amd64, stf/service-telemetry-rhel8-operator@sha256:ea215ee4babe69cc2ba93fcf1dc08d2eb28235085e0c2971fd5925e02e1be2ab_amd64, stf/service-telemetry-rhel8-operator@sha256:ea215ee4babe69cc2ba93fcf1dc08d2eb28235085e0c2971fd5925e02e1be2ab_amd64
golangGo
Red Hatstf/sg-core-rhel8@sha256:bdd4cd7a04030d1663942b2a17af821bed0ffe9821bface25b2bbeaca9b55e53_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8*, *, stf/sg-core-rhel8@sha256:bdd4cd7a04030d1663942b2a17af821bed0ffe9821bface25b2bbeaca9b55e53_amd64
golanggolang
Red Hatstf/smart-gateway-operator-bundle@sha256:692ce55706263a37bed081fbdbf3014214c88c566f28cc6bf2aff36ed1b4e15d_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8*, stf/smart-gateway-operator-bundle@sha256:692ce55706263a37bed081fbdbf3014214c88c566f28cc6bf2aff36ed1b4e15d_amd64, *
Red Hatstf/prometheus-webhook-snmp@sha256:9ff69fe8a9920c2ec729ad560ce8f2c18c7f6987f19966b906cee553c58d5332_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8*, stf/prometheus-webhook-snmp@sha256:9ff69fe8a9920c2ec729ad560ce8f2c18c7f6987f19966b906cee553c58d5332_amd64, *
Red Hatstf/service-telemetry-rhel8-operator@sha256:ea215ee4babe69cc2ba93fcf1dc08d2eb28235085e0c2971fd5925e02e1be2ab_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8stf/service-telemetry-rhel8-operator@sha256:ea215ee4babe69cc2ba93fcf1dc08d2eb28235085e0c2971fd5925e02e1be2ab_amd64, *, stf/service-telemetry-rhel8-operator@sha256:ea215ee4babe69cc2ba93fcf1dc08d2eb28235085e0c2971fd5925e02e1be2ab_amd64
Red Hatstf/smart-gateway-rhel8-operator@sha256:e9035549419b2ce67fcfcd04f5dbd5d69baa4079b259e8431ba0a8c88dd34a02_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8stf/smart-gateway-rhel8-operator@sha256:e9035549419b2ce67fcfcd04f5dbd5d69baa4079b259e8431ba0a8c88dd34a02_amd64, stf/smart-gateway-rhel8-operator@sha256:e9035549419b2ce67fcfcd04f5dbd5d69baa4079b259e8431ba0a8c88dd34a02_amd64, stf/smart-gateway-rhel8-operator@sha256:e9035549419b2ce67fcfcd04f5dbd5d69baa4079b259e8431ba0a8c88dd34a02_amd64
Red Hatstf/prometheus-webhook-snmp@sha256:9ff69fe8a9920c2ec729ad560ce8f2c18c7f6987f19966b906cee553c58d5332_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8*, stf/prometheus-webhook-snmp@sha256:9ff69fe8a9920c2ec729ad560ce8f2c18c7f6987f19966b906cee553c58d5332_amd64, *
Red Hatstf/service-telemetry-operator-bundle@sha256:3b706752e59dbae16e7424afb0ee50a5964e2819a9a59d63c1ce24ce2916cefa_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8stf/service-telemetry-operator-bundle@sha256:3b706752e59dbae16e7424afb0ee50a5964e2819a9a59d63c1ce24ce2916cefa_amd64, stf/service-telemetry-operator-bundle@sha256:3b706752e59dbae16e7424afb0ee50a5964e2819a9a59d63c1ce24ce2916cefa_amd64, stf/service-telemetry-operator-bundle@sha256:3b706752e59dbae16e7424afb0ee50a5964e2819a9a59d63c1ce24ce2916cefa_amd64
Red Hatstf/sg-bridge-rhel8@sha256:7b458c31fd82033bb3fe70646bb1e6b6ae8f81b7531b66ceea494c0d72b79986_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8*, stf/sg-bridge-rhel8@sha256:7b458c31fd82033bb3fe70646bb1e6b6ae8f81b7531b66ceea494c0d72b79986_amd64, *
Red Hatstf/smart-gateway-operator-bundle@sha256:692ce55706263a37bed081fbdbf3014214c88c566f28cc6bf2aff36ed1b4e15d_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8stf/smart-gateway-operator-bundle@sha256:692ce55706263a37bed081fbdbf3014214c88c566f28cc6bf2aff36ed1b4e15d_amd64, *, stf/smart-gateway-operator-bundle@sha256:692ce55706263a37bed081fbdbf3014214c88c566f28cc6bf2aff36ed1b4e15d_amd64
Red Hatstf/sg-core-rhel8@sha256:bdd4cd7a04030d1663942b2a17af821bed0ffe9821bface25b2bbeaca9b55e53_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8stf/sg-core-rhel8@sha256:bdd4cd7a04030d1663942b2a17af821bed0ffe9821bface25b2bbeaca9b55e53_amd64, stf/sg-core-rhel8@sha256:bdd4cd7a04030d1663942b2a17af821bed0ffe9821bface25b2bbeaca9b55e53_amd64, stf/sg-core-rhel8@sha256:bdd4cd7a04030d1663942b2a17af821bed0ffe9821bface25b2bbeaca9b55e53_amd64
Red Hatstf/smart-gateway-rhel8-operator@sha256:e9035549419b2ce67fcfcd04f5dbd5d69baa4079b259e8431ba0a8c88dd34a02_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8*, stf/smart-gateway-rhel8-operator@sha256:e9035549419b2ce67fcfcd04f5dbd5d69baa4079b259e8431ba0a8c88dd34a02_amd64, stf/smart-gateway-rhel8-operator@sha256:e9035549419b2ce67fcfcd04f5dbd5d69baa4079b259e8431ba0a8c88dd34a02_amd64
Red Hatstf/sg-bridge-rhel8@sha256:7b458c31fd82033bb3fe70646bb1e6b6ae8f81b7531b66ceea494c0d72b79986_amd64 as a component of Service Telemetry Framework 1.3 for RHEL 8*, *, stf/sg-bridge-rhel8@sha256:7b458c31fd82033bb3fe70646bb1e6b6ae8f81b7531b66ceea494c0d72b79986_amd64

Timeline

  • Aug 8, 2022 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Jun 19, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›