VDB
RHSA-2022%3A8634
RHSA-2022%3A8634
PUBLISHED
CVSS 7.5 HIGH
A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64 as a component of 8Base-OADP-1.1 | oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64 |
| Red Hat | oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x as a component of 8Base-OADP-1.1 | oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x |
| Red Hat | oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64 as a component of 8Base-OADP-1.1 | * |
| Red Hat | oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x as a component of 8Base-OADP-1.1 | * |
| Red Hat | oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x as a component of 8Base-OADP-1.1 | * |
| Red Hat | oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le as a component of 8Base-OADP-1.1 | oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le |
| Red Hat | oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64 as a component of 8Base-OADP-1.1 | oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64 |
| Red Hat | oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64 as a component of 8Base-OADP-1.1 | oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64 |
| Red Hat | oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x as a component of 8Base-OADP-1.1 | oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x |
| Red Hat | oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x as a component of 8Base-OADP-1.1 | oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x |
| Red Hat | oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le as a component of 8Base-OADP-1.1 | * |
| Red Hat | oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x as a component of 8Base-OADP-1.1 | oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x |
| Red Hat | oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x as a component of 8Base-OADP-1.1 | * |
| Red Hat | oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x as a component of 8Base-OADP-1.1 | oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x |
| Red Hat | oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64 as a component of 8Base-OADP-1.1 | oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64 |
| Red Hat | oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x as a component of 8Base-OADP-1.1 | * |
| Red Hat | oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64 as a component of 8Base-OADP-1.1 | oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64 |
| Red Hat | oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64 as a component of 8Base-OADP-1.1 | oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64 |
| Red Hat | oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64 as a component of 8Base-OADP-1.1 | oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64 |
| Red Hat | oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64 as a component of 8Base-OADP-1.1 | * |
…and 52 more
Timeline
- Nov 28, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:8634 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2064702 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107386 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107388 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2124668 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2124669 issue
- https://issues.redhat.com/browse/OADP-1002 advisory
- https://issues.redhat.com/browse/OADP-1016 advisory
- https://issues.redhat.com/browse/OADP-1020 advisory
- https://issues.redhat.com/browse/OADP-1027 advisory
- https://issues.redhat.com/browse/OADP-608 advisory
- https://issues.redhat.com/browse/OADP-609 advisory
- https://issues.redhat.com/browse/OADP-611 advisory
- https://issues.redhat.com/browse/OADP-612 advisory
- https://issues.redhat.com/browse/OADP-642 advisory
- https://issues.redhat.com/browse/OADP-645 advisory
- https://issues.redhat.com/browse/OADP-662 advisory
- https://issues.redhat.com/browse/OADP-724 advisory
- https://issues.redhat.com/browse/OADP-725 advisory
…and 30 more