VDB
RHSA-2023%3A0652
RHSA-2023%3A0652
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-egress-router@sha256:7512d052bcb57d1d46d8134a5ef4c7109a1a74227394f18886ea80f733433257_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-egress-router@sha256:7512d052bcb57d1d46d8134a5ef4c7109a1a74227394f18886ea80f733433257_amd64, openshift4/ose-egress-router@sha256:7512d052bcb57d1d46d8134a5ef4c7109a1a74227394f18886ea80f733433257_amd64 |
| Red Hat | openshift4/ose-grafana@sha256:013290e7d5f03ae4a49e20adf9d0719a27d6e381dc66320fdd566ef58b4257d0_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | *, openshift4/ose-grafana@sha256:013290e7d5f03ae4a49e20adf9d0719a27d6e381dc66320fdd566ef58b4257d0_arm64 |
| Red Hat | openshift4/ose-node-problem-detector-rhel8@sha256:04329936d1f4e8a77088dcedf71fe4b9f6d8926c7da8453c253db4f77a5d3fc7_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-node-problem-detector-rhel8@sha256:04329936d1f4e8a77088dcedf71fe4b9f6d8926c7da8453c253db4f77a5d3fc7_s390x, openshift4/ose-node-problem-detector-rhel8@sha256:04329936d1f4e8a77088dcedf71fe4b9f6d8926c7da8453c253db4f77a5d3fc7_s390x |
| Red Hat | openshift4/ose-local-storage-mustgather-rhel8@sha256:b6f4c95b3382ad3183d4472dc0e0ede202a492123d0ca2033b5767c8dd633117_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-local-storage-mustgather-rhel8@sha256:b6f4c95b3382ad3183d4472dc0e0ede202a492123d0ca2033b5767c8dd633117_s390x, openshift4/ose-local-storage-mustgather-rhel8@sha256:b6f4c95b3382ad3183d4472dc0e0ede202a492123d0ca2033b5767c8dd633117_s390x |
| Red Hat | openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:23f9533cd4d2779246d2c2b35a59a279da45045c6f8810fd1487327d355d1a4f_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | *, openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:23f9533cd4d2779246d2c2b35a59a279da45045c6f8810fd1487327d355d1a4f_ppc64le |
| Red Hat | openshift4/ose-local-storage-diskmaker@sha256:ecee65e1946a836f2218b1800700ab9c425aa8a572b55a9ec39c34a5d87c7585_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | *, * |
| Red Hat | openshift4/ose-egress-router@sha256:4a9932fb136631b97d831cb812387b2aed4dc241c2d5aa2179de128fc5228ddd_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-egress-router@sha256:4a9932fb136631b97d831cb812387b2aed4dc241c2d5aa2179de128fc5228ddd_s390x, openshift4/ose-egress-router@sha256:4a9932fb136631b97d831cb812387b2aed4dc241c2d5aa2179de128fc5228ddd_s390x |
| Red Hat | openshift4/ose-local-storage-operator@sha256:c89228a5241f644b18961f4565c1c0d95a4bf811e774bf1278d88dbeb195f857_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-local-storage-operator@sha256:c89228a5241f644b18961f4565c1c0d95a4bf811e774bf1278d88dbeb195f857_arm64, openshift4/ose-local-storage-operator@sha256:c89228a5241f644b18961f4565c1c0d95a4bf811e774bf1278d88dbeb195f857_arm64 |
| Red Hat | openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:68ad0e222d311bbc5a4ee5ba1b80f6b1a6fd80ee3008c82e8003a6d266376355_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | *, openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:68ad0e222d311bbc5a4ee5ba1b80f6b1a6fd80ee3008c82e8003a6d266376355_arm64 |
| Red Hat | openshift4/ose-cluster-nfd-operator@sha256:022c8e5b03b713817376246b5303ed386cf629a080996b218116ddbc699616c0_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-nfd-operator@sha256:022c8e5b03b713817376246b5303ed386cf629a080996b218116ddbc699616c0_s390x, openshift4/ose-cluster-nfd-operator@sha256:022c8e5b03b713817376246b5303ed386cf629a080996b218116ddbc699616c0_s390x |
| Red Hat | openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:c6034865c31a0aa80832659155fbca9695fa6faf5cd910ee5d75d4a9159de1ba_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:c6034865c31a0aa80832659155fbca9695fa6faf5cd910ee5d75d4a9159de1ba_amd64, openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:c6034865c31a0aa80832659155fbca9695fa6faf5cd910ee5d75d4a9159de1ba_amd64 |
| Red Hat | openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:727eb0b27a86ef159eca0acda053b21511074eafc6c524036f30d3242f064b87_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:727eb0b27a86ef159eca0acda053b21511074eafc6c524036f30d3242f064b87_s390x, * |
| Red Hat | openshift4/ose-local-storage-operator@sha256:7a7bbb9271ae26f6ce9fc9ed63719acbdc36abe82d006cbb8bef7065cbbb4ad7_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-local-storage-operator@sha256:7a7bbb9271ae26f6ce9fc9ed63719acbdc36abe82d006cbb8bef7065cbbb4ad7_ppc64le, openshift4/ose-local-storage-operator@sha256:7a7bbb9271ae26f6ce9fc9ed63719acbdc36abe82d006cbb8bef7065cbbb4ad7_ppc64le |
| Red Hat | openshift4/ose-sriov-network-device-plugin@sha256:ce6b7d4faf1b1b0677d17b71e3357772b83a09d4a4e109f35ef42a63ff8453a7_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-sriov-network-device-plugin@sha256:ce6b7d4faf1b1b0677d17b71e3357772b83a09d4a4e109f35ef42a63ff8453a7_arm64, * |
| Red Hat | openshift4/ptp-must-gather-rhel8@sha256:8d14ae1cff76f33d6c3c2e0302d4fb473787da56010e8d2189b65bcce92c22e6_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ptp-must-gather-rhel8@sha256:8d14ae1cff76f33d6c3c2e0302d4fb473787da56010e8d2189b65bcce92c22e6_amd64, * |
| Red Hat | openshift4/ptp-must-gather-rhel8@sha256:8d14ae1cff76f33d6c3c2e0302d4fb473787da56010e8d2189b65bcce92c22e6_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ptp-must-gather-rhel8@sha256:8d14ae1cff76f33d6c3c2e0302d4fb473787da56010e8d2189b65bcce92c22e6_amd64, openshift4/ptp-must-gather-rhel8@sha256:8d14ae1cff76f33d6c3c2e0302d4fb473787da56010e8d2189b65bcce92c22e6_amd64 |
| Red Hat | openshift4/ose-local-storage-mustgather-rhel8@sha256:2aa4974e48562570ecc437c86bd7330ec3b4a7b0d296dcfabf367c0567226e32_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | *, * |
| Red Hat | openshift4/ose-node-problem-detector-rhel8@sha256:916c0a9c1ea958d2330b77695e6a5de258e7099035e5cae9063b4f4b9fcb688a_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-node-problem-detector-rhel8@sha256:916c0a9c1ea958d2330b77695e6a5de258e7099035e5cae9063b4f4b9fcb688a_amd64, * |
| Red Hat | openshift4/ose-cluster-nfd-operator@sha256:f5b39eec43d6bc0b69c7b0ef1faf1629e27b948480d1417791d2c76cf8ff450a_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-nfd-operator@sha256:f5b39eec43d6bc0b69c7b0ef1faf1629e27b948480d1417791d2c76cf8ff450a_ppc64le, * |
| Red Hat | openshift4/ose-descheduler@sha256:05f38b9446e8dbc61e400ffaa641c612849699e7def97fb173d90be4259e7c13_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-descheduler@sha256:05f38b9446e8dbc61e400ffaa641c612849699e7def97fb173d90be4259e7c13_arm64, openshift4/ose-descheduler@sha256:05f38b9446e8dbc61e400ffaa641c612849699e7def97fb173d90be4259e7c13_arm64 |
…and 326 more
Timeline
- Feb 15, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 14, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:0652 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2045880 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2100495 issue
- https://issues.redhat.com/browse/OCPBUGS-4754 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0652.json advisory
- https://access.redhat.com/security/cve/CVE-2021-38561 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-38561 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-38561 advisory
- https://pkg.go.dev/vuln/GO-2021-0113 advisory
- https://access.redhat.com/security/cve/CVE-2022-21698 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-21698 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-21698 advisory
- https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p advisory