VDB

RHSA-2022%3A6536

RHSA-2022%3A6536 PUBLISHED CVSS 8.600000381469727 HIGH

A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.

Risk Scores

CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-azure-disk-csi-driver-rhel8@sha256:b19ad4db77fed01bdc1d5994949d72a11961a7ffb5825149065ed36df681f143_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-azure-disk-csi-driver-rhel8@sha256:b19ad4db77fed01bdc1d5994949d72a11961a7ffb5825149065ed36df681f143_amd64
Red Hatopenshift4/ose-insights-rhel8-operator@sha256:d83cd1aad94bcb53b0859ecf0465a7cc11a9255813f925e38d0fdd41f5fe0263_s390x as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-insights-rhel8-operator@sha256:d83cd1aad94bcb53b0859ecf0465a7cc11a9255813f925e38d0fdd41f5fe0263_s390x
Red Hatopenshift4/ose-must-gather@sha256:c8c955b5e4a9339a5496b953ae03cfdef1f03dc3a867292851470df12edc6fe8_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-must-gather@sha256:c8c955b5e4a9339a5496b953ae03cfdef1f03dc3a867292851470df12edc6fe8_amd64
Red Hatopenshift4/ose-cluster-ingress-operator@sha256:a166d399664cdbb982c2ec3bffafe3a59c87253f0e6f93b79ef55a9c89528ed1_s390x as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-cluster-ingress-operator@sha256:a166d399664cdbb982c2ec3bffafe3a59c87253f0e6f93b79ef55a9c89528ed1_s390x
Red Hatopenshift4/ose-libvirt-machine-controllers@sha256:bda57733603f0e2936057e321ed625044f4fbd62e8ac504e66942d857d0bc0f9_s390x as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-libvirt-machine-controllers@sha256:bda57733603f0e2936057e321ed625044f4fbd62e8ac504e66942d857d0bc0f9_s390x
Red Hatopenshift4/ose-console-operator@sha256:5bbbc3216ef7095c2f360abd146157f55dd9b9bd6af3025c669adaecd4cb0d1f_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-console-operator@sha256:5bbbc3216ef7095c2f360abd146157f55dd9b9bd6af3025c669adaecd4cb0d1f_amd64
Red Hatopenshift4/ose-installer@sha256:d4c71594b82ffda3edd8fdd4153e46add4dfaadb53207ffef0a62e50c4603488_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-installer@sha256:d4c71594b82ffda3edd8fdd4153e46add4dfaadb53207ffef0a62e50c4603488_amd64
Red Hatopenshift4/ose-csi-driver-shared-resource-rhel8@sha256:56725b0bd7b454fef61e209047d733fe1b600526ec165b162780764584006fc7_arm64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-csi-driver-shared-resource-rhel8@sha256:56725b0bd7b454fef61e209047d733fe1b600526ec165b162780764584006fc7_arm64
Red Hatopenshift4/ovirt-csi-driver-rhel7@sha256:d8bbe1207c484b8cd643c57f5848804004cd21b6a57a9f9ab28f30b5345f817d_arm64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ovirt-csi-driver-rhel7@sha256:d8bbe1207c484b8cd643c57f5848804004cd21b6a57a9f9ab28f30b5345f817d_arm64
Red Hatopenshift4/ovirt-csi-driver-rhel8@sha256:d8bbe1207c484b8cd643c57f5848804004cd21b6a57a9f9ab28f30b5345f817d_arm64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ovirt-csi-driver-rhel8@sha256:d8bbe1207c484b8cd643c57f5848804004cd21b6a57a9f9ab28f30b5345f817d_arm64
Red Hatopenshift4/ose-docker-registry@sha256:6ae467bc7c1941cde9e4a0ae4aa9e6d69d0d8692b06bfdf4f1001a18d7d1b979_s390x as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-docker-registry@sha256:6ae467bc7c1941cde9e4a0ae4aa9e6d69d0d8692b06bfdf4f1001a18d7d1b979_s390x
Red Hatopenshift4/ose-cluster-kube-apiserver-operator@sha256:8ae67500d62854bdc11667babe7e30a05c9be786cdb899b9e71e804336c2ddc1_s390x as a component of Red Hat OpenShift Container Platform 4.11*
Red Hatopenshift4/ose-machine-config-operator@sha256:8cb877e9356de503f62b1658128721764c2480efa84580b213562b8f38ba7a3f_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-machine-config-operator@sha256:8cb877e9356de503f62b1658128721764c2480efa84580b213562b8f38ba7a3f_amd64
Red Hatopenshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:0b8ad50af6a45028f398e13efad7323969058d46683382df5ed9782ba2ff0d46_arm64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:0b8ad50af6a45028f398e13efad7323969058d46683382df5ed9782ba2ff0d46_arm64
Red Hatopenshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:dca17b3e28a662c6e6227456b6e925ea60d11ad0466801daeebbd809e26b06f9_s390x as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:dca17b3e28a662c6e6227456b6e925ea60d11ad0466801daeebbd809e26b06f9_s390x
Red Hatopenshift4/ose-csi-external-snapshotter@sha256:1c745cee97bab44f78dd1e0b13a656c8034c163cf329eab44d801f837b8b97fc_ppc64le as a component of Red Hat OpenShift Container Platform 4.11*
Red Hatopenshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:e256c64f81c4bcdf2ce4091ef46e2379688f55c2812592378859e179dad490c7_ppc64le as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:e256c64f81c4bcdf2ce4091ef46e2379688f55c2812592378859e179dad490c7_ppc64le
Red Hatopenshift4/ose-aws-pod-identity-webhook-rhel8@sha256:e7124dc70dd299f6b4e0c4f970533691a21771ff911083d49ca54369aa09038a_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:e7124dc70dd299f6b4e0c4f970533691a21771ff911083d49ca54369aa09038a_amd64
Red Hatopenshift4/ose-cluster-node-tuning-operator@sha256:76b3ba0ece003cdd08690c3ba405490abbe5df959c30b749f145689300b90999_ppc64le as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-cluster-node-tuning-operator@sha256:76b3ba0ece003cdd08690c3ba405490abbe5df959c30b749f145689300b90999_ppc64le
Red Hatopenshift4/ose-csi-driver-manila-rhel8@sha256:e8f55ebd974f99b7056e1fa308d9abacfa285758e9ee055f8ed8438f410f1325_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-csi-driver-manila-rhel8@sha256:e8f55ebd974f99b7056e1fa308d9abacfa285758e9ee055f8ed8438f410f1325_amd64

…and 592 more

Timeline

  • Sep 20, 2022 CVE Published
  • Mar 26, 2026 CVE Updated
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›