VDB

RHSA-2022%3A6318

RHSA-2022%3A6318 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-ansible-operator@sha256:aab2a25350d1d1489a09a77bc15555214e8e3a85fd4763d1858e482fcfccf07c_s390x as a component of Red Hat OpenShift Container Platform 4.9*
Red Hatopenshift4/ose-operator-sdk-rhel8@sha256:4ba28b55eb4cad28d8521f334d2ebc22dd4a903098911a40aa156fde6f1b2e3b_ppc64le as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-operator-sdk-rhel8@sha256:4ba28b55eb4cad28d8521f334d2ebc22dd4a903098911a40aa156fde6f1b2e3b_ppc64le
Red Hatopenshift4/kubernetes-nmstate-rhel8-operator@sha256:dcb7e3bb04ad6a367402dd6b459322df74a8c3e9b296823603b0588e50c86672_ppc64le as a component of Red Hat OpenShift Container Platform 4.9*
Red Hatopenshift4/ose-node-problem-detector-rhel8@sha256:29e51cc9d88efbf545852fddd49ce1f06beaafdfc81c6f702a4cf28c5304f107_ppc64le as a component of Red Hat OpenShift Container Platform 4.9*
Red Hatopenshift4/ose-sriov-network-device-plugin@sha256:fe91022ed0551c0120f569edb65624d6fd83ec6eb9483a2747b463a4e4a7e2a9_ppc64le as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-sriov-network-device-plugin@sha256:fe91022ed0551c0120f569edb65624d6fd83ec6eb9483a2747b463a4e4a7e2a9_ppc64le
Red Hatopenshift4/ose-sriov-network-device-plugin@sha256:5d8bbd5c3178d9db9fca251c69c1f3e4fa8c5bbea872e0da743bbb8ba29a906e_amd64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-sriov-network-device-plugin@sha256:5d8bbd5c3178d9db9fca251c69c1f3e4fa8c5bbea872e0da743bbb8ba29a906e_amd64
Red Hatopenshift4/ose-sriov-network-webhook@sha256:2b4371a8fb6860505fb126dd79148b33caa62d6b8d3a2ba24dd8c0f5574e3cd4_s390x as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-sriov-network-webhook@sha256:2b4371a8fb6860505fb126dd79148b33caa62d6b8d3a2ba24dd8c0f5574e3cd4_s390x
Red Hatopenshift4/ose-operator-sdk-rhel8@sha256:52b27027f00d90b386ca4c79a03b9605f1abfa8bfba99f7034ee2e252cf28ee6_amd64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-operator-sdk-rhel8@sha256:52b27027f00d90b386ca4c79a03b9605f1abfa8bfba99f7034ee2e252cf28ee6_amd64
Red Hatopenshift4/ose-operator-sdk-rhel8@sha256:b5e03578b14adf42f044db7c8b7eb67d0920a2c4d908da7976fc8d14a9e329a6_arm64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-operator-sdk-rhel8@sha256:b5e03578b14adf42f044db7c8b7eb67d0920a2c4d908da7976fc8d14a9e329a6_arm64
Red Hatopenshift4/ose-ptp@sha256:e325a7a2d9e3e752137b7361376effb022cd4a7e744388405a8f498d839531e1_amd64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-ptp@sha256:e325a7a2d9e3e752137b7361376effb022cd4a7e744388405a8f498d839531e1_amd64
Red Hatopenshift4/ose-clusterresourceoverride-rhel8@sha256:986f98937827100be9e6e47a9912d444843c59bab86064e18d0e64b0a431e764_arm64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-clusterresourceoverride-rhel8@sha256:986f98937827100be9e6e47a9912d444843c59bab86064e18d0e64b0a431e764_arm64
Red Hatopenshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:a951404b33a17dca554c0ff060ea1a3ec1446f9389a22c9305e3ce61e4540bee_amd64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:a951404b33a17dca554c0ff060ea1a3ec1446f9389a22c9305e3ce61e4540bee_amd64
Red Hatopenshift4/ose-aws-efs-csi-driver-rhel8-operator@sha256:6e6fbfa43e2892a7a9dc90984e9c8b0c364f5a0c46c8bc2e8fb8ef84763b10c5_amd64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-aws-efs-csi-driver-rhel8-operator@sha256:6e6fbfa43e2892a7a9dc90984e9c8b0c364f5a0c46c8bc2e8fb8ef84763b10c5_amd64
Red Hatopenshift4/ose-clusterresourceoverride-rhel8@sha256:d72650ebed3b7132feb37cb9114b77f36df71e37249e6cd67198e53bfc26dd27_amd64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-clusterresourceoverride-rhel8@sha256:d72650ebed3b7132feb37cb9114b77f36df71e37249e6cd67198e53bfc26dd27_amd64
Red Hatopenshift4/ose-cluster-capacity@sha256:b0c9af67116a57fe50ffaa87c9daf80cfa90191a0cf98014da8e1ff93c366274_arm64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-cluster-capacity@sha256:b0c9af67116a57fe50ffaa87c9daf80cfa90191a0cf98014da8e1ff93c366274_arm64
Red Hatopenshift4/ose-ptp@sha256:e325a7a2d9e3e752137b7361376effb022cd4a7e744388405a8f498d839531e1_amd64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-ptp@sha256:e325a7a2d9e3e752137b7361376effb022cd4a7e744388405a8f498d839531e1_amd64
Red Hatopenshift4/ose-ansible-operator@sha256:e7cd527466d35b1f37b5f57e44e4bf5d03f7c8643ae8ce7aa5547844dc045688_arm64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-ansible-operator@sha256:e7cd527466d35b1f37b5f57e44e4bf5d03f7c8643ae8ce7aa5547844dc045688_arm64
Red Hatopenshift4/ose-local-storage-static-provisioner@sha256:850c50c34e222ca2bd1e52f464f254d69742dfa38bcc87de9276ccfda418f4e6_amd64 as a component of Red Hat OpenShift Container Platform 4.9*
Red Hatopenshift4/ose-egress-dns-proxy@sha256:d3aff70876283c01ca9ac1730ff4fa30fb7ab580c4493704ec505252086ca858_arm64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-egress-dns-proxy@sha256:d3aff70876283c01ca9ac1730ff4fa30fb7ab580c4493704ec505252086ca858_arm64
Red Hatopenshift4/ose-sriov-network-config-daemon@sha256:0e2fe7e0133da3e3f0098e537046b325e950f98d92c71c63341768ced5bbf4c8_arm64 as a component of Red Hat OpenShift Container Platform 4.9openshift4/ose-sriov-network-config-daemon@sha256:0e2fe7e0133da3e3f0098e537046b325e950f98d92c71c63341768ced5bbf4c8_arm64

…and 332 more

Timeline

  • Sep 12, 2022 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›