VDB
RHSA-2023%3A0245
RHSA-2023%3A0245
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-installer@sha256:ceaafb7ecb063bf05e5ff9f49698f8005061c47fa73b079b693db2f32d376ec7_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-installer@sha256:ceaafb7ecb063bf05e5ff9f49698f8005061c47fa73b079b693db2f32d376ec7_amd64 |
| Red Hat | openshift4/ose-cluster-kube-apiserver-operator@sha256:40a4215452a30e5d10467548bd0dffe936c586df1b886dd6b7a89d126512e734_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-kube-apiserver-operator@sha256:40a4215452a30e5d10467548bd0dffe936c586df1b886dd6b7a89d126512e734_s390x |
| Red Hat | openshift4/ose-cluster-kube-apiserver-operator@sha256:7dfac01ec0e59405bf6e0758ab0d155a8383f4b6057f477e526fe9bdfa26d6c9_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-kube-apiserver-operator@sha256:7dfac01ec0e59405bf6e0758ab0d155a8383f4b6057f477e526fe9bdfa26d6c9_ppc64le |
| Red Hat | openshift4/ose-cluster-network-operator@sha256:d61cb17ea28e535298e2cda446fc0648bc0c9b618fb37b5b0d927f1544999dae_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-network-operator@sha256:d61cb17ea28e535298e2cda446fc0648bc0c9b618fb37b5b0d927f1544999dae_ppc64le |
| Red Hat | openshift4/ose-cluster-node-tuning-operator@sha256:a06fef9451d28de266c339c2acf36d929b2e9a8f632dc3ba64fe0bb06f1fa5a7_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-agent-installer-api-server-rhel8@sha256:26b313d5fc339ab5db74d68e8cac3ef7b84161cb825a428533692017113c8f64_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-agent-installer-api-server-rhel8@sha256:26b313d5fc339ab5db74d68e8cac3ef7b84161cb825a428533692017113c8f64_s390x |
| Red Hat | openshift4/ose-cluster-policy-controller-rhel8@sha256:6008298583ae10a8c2c5ab0b09268c171d3cb467a797660fe93ecfc3fb0c960b_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-policy-controller-rhel8@sha256:6008298583ae10a8c2c5ab0b09268c171d3cb467a797660fe93ecfc3fb0c960b_ppc64le |
| Red Hat | openshift4/ose-operator-registry@sha256:ff63a241f9bcff997ed663b8bbe9940031586c14e5842bb7cbe67e0b3626e3cc_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-hypershift-rhel8@sha256:fdafcc0f1f5deab0c573b197799536ee1670fb0555a9aeb75adf8716f1c1bf1b_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-hypershift-rhel8@sha256:fdafcc0f1f5deab0c573b197799536ee1670fb0555a9aeb75adf8716f1c1bf1b_s390x |
| Red Hat | openshift4/ose-agent-installer-api-server-rhel8@sha256:d8d5fc4a9325795373425427b0f904e262baa02e0615e1d47c57743eb9d3b763_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-agent-installer-api-server-rhel8@sha256:d8d5fc4a9325795373425427b0f904e262baa02e0615e1d47c57743eb9d3b763_amd64 |
| Red Hat | openshift4/ose-agent-installer-api-server-rhel8@sha256:d8d5fc4a9325795373425427b0f904e262baa02e0615e1d47c57743eb9d3b763_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-agent-installer-api-server-rhel8@sha256:d8d5fc4a9325795373425427b0f904e262baa02e0615e1d47c57743eb9d3b763_amd64 |
| Red Hat | openshift4/ose-sdn-rhel8@sha256:fc82ceb289eddf807966e52c4cd08110c8a4573a2094c5d8c3361624954860de_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-sdn-rhel8@sha256:fc82ceb289eddf807966e52c4cd08110c8a4573a2094c5d8c3361624954860de_amd64 |
| Red Hat | openshift4/ose-cluster-kube-controller-manager-operator@sha256:755b1faec329bb7f7b6c7754997bef86ec4ff41971f19679dbce221d2a53eee0_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-kube-controller-manager-operator@sha256:755b1faec329bb7f7b6c7754997bef86ec4ff41971f19679dbce221d2a53eee0_ppc64le |
| Red Hat | openshift4/ose-baremetal-installer-rhel8@sha256:fc469ef21f3a28c9e8b4d0ea59b43c3f5fc7b2f7ee9d606122e31fa87055edba_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-baremetal-installer-rhel8@sha256:fc469ef21f3a28c9e8b4d0ea59b43c3f5fc7b2f7ee9d606122e31fa87055edba_s390x |
| Red Hat | openshift4/ose-agent-installer-api-server-rhel8@sha256:dadfa7419d1456c3b69b1723fa87ebb5e1201b5f83cfd050e85979cec8f50e3b_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-console@sha256:91c2b90afe9645a4d7d2b4c3e515e49140c47e58699d33d8c5d6a532bdb38e60_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-console@sha256:91c2b90afe9645a4d7d2b4c3e515e49140c47e58699d33d8c5d6a532bdb38e60_arm64 |
| Red Hat | openshift4/ose-console@sha256:0602229dfe40cd3ab60a1f96fbe92780f2735e62edaa7bcddd19570f238f507c_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-console@sha256:0602229dfe40cd3ab60a1f96fbe92780f2735e62edaa7bcddd19570f238f507c_amd64 |
| Red Hat | openshift4/ose-hypershift-rhel8@sha256:642b923f3fb49d8ca09b65b633b20bc5fc89b644bf1d574871b734d16c396dc6_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-hypershift-rhel8@sha256:642b923f3fb49d8ca09b65b633b20bc5fc89b644bf1d574871b734d16c396dc6_ppc64le |
| Red Hat | openshift4/ose-cluster-baremetal-operator-rhel8@sha256:9c9ece0d29eb90c7b90e683f1750eca3be0e918f17c68d11c6745018a008387b_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-baremetal-operator-rhel8@sha256:9c9ece0d29eb90c7b90e683f1750eca3be0e918f17c68d11c6745018a008387b_amd64 |
| Red Hat | openshift4/ose-cluster-kube-apiserver-operator@sha256:40a4215452a30e5d10467548bd0dffe936c586df1b886dd6b7a89d126512e734_s390x as a component of Red Hat OpenShift Container Platform 4.11 | * |
…and 144 more
Timeline
- Jan 23, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:0245 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2100495 issue
- https://issues.redhat.com/browse/OCPBUGS-1727 advisory
- https://issues.redhat.com/browse/OCPBUGS-2105 advisory
- https://issues.redhat.com/browse/OCPBUGS-3971 advisory
- https://issues.redhat.com/browse/OCPBUGS-4301 advisory
- https://issues.redhat.com/browse/OCPBUGS-4304 advisory
- https://issues.redhat.com/browse/OCPBUGS-4446 advisory
- https://issues.redhat.com/browse/OCPBUGS-4551 advisory
- https://issues.redhat.com/browse/OCPBUGS-4685 advisory
- https://issues.redhat.com/browse/OCPBUGS-4945 advisory
- https://issues.redhat.com/browse/OCPBUGS-5472 advisory
- https://issues.redhat.com/browse/OCPBUGS-5787 advisory
- https://issues.redhat.com/browse/OCPBUGS-5790 advisory
- https://issues.redhat.com/browse/OCPBUGS-998 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0245.json advisory
- https://access.redhat.com/security/cve/CVE-2021-38561 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-38561 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-38561 advisory
…and 1 more