VDB
RHSA-2023%3A0895
RHSA-2023%3A0895
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-ovn-kubernetes@sha256:5db63f109ee2c0d11962fc61a98a8ec1dfe0c6360146bb1f60ce8bcd8f91efe4_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-ovn-kubernetes@sha256:5db63f109ee2c0d11962fc61a98a8ec1dfe0c6360146bb1f60ce8bcd8f91efe4_arm64 |
| Red Hat | openshift4/ose-ovn-kubernetes@sha256:1cdb80339ed20af31e2a1d3e11347d247477db95c122a0b3511dcdcb8dec8320_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-ovn-kubernetes@sha256:1cdb80339ed20af31e2a1d3e11347d247477db95c122a0b3511dcdcb8dec8320_amd64 |
| Red Hat | openshift4/ose-tests@sha256:b6314bdd4fe01155693839368b61b47f8e9bed21232ea26dbf1e015d9a62102d_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-tests@sha256:b6314bdd4fe01155693839368b61b47f8e9bed21232ea26dbf1e015d9a62102d_arm64 |
| Red Hat | openshift4/ose-agent-installer-api-server-rhel8@sha256:c6d89b7475dd2467e8f167f05bfee26af2af44659f26605ab94895080f21512b_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-agent-installer-api-server-rhel8@sha256:61130ec751d6a41a8995ad2deb0632ff0bbe62139a2c7725ab57692f882a2954_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-agent-installer-api-server-rhel8@sha256:61130ec751d6a41a8995ad2deb0632ff0bbe62139a2c7725ab57692f882a2954_ppc64le |
| Red Hat | openshift4/ose-tools-rhel8@sha256:372592bc9c31fb28e6bc97e9f70beb7cef0cf99b85abd0d43787394d33dd3609_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-tools-rhel8@sha256:372592bc9c31fb28e6bc97e9f70beb7cef0cf99b85abd0d43787394d33dd3609_arm64 |
| Red Hat | openshift4/ose-tools-rhel8@sha256:372592bc9c31fb28e6bc97e9f70beb7cef0cf99b85abd0d43787394d33dd3609_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-tools-rhel8@sha256:372592bc9c31fb28e6bc97e9f70beb7cef0cf99b85abd0d43787394d33dd3609_arm64 |
| Red Hat | openshift4/ose-machine-config-operator@sha256:d51a31008963110379b351ab0f27c10e4f502dfb1075770687438c68d88f15d6_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-machine-config-operator@sha256:d51a31008963110379b351ab0f27c10e4f502dfb1075770687438c68d88f15d6_ppc64le |
| Red Hat | openshift4/ose-network-metrics-daemon-rhel8@sha256:3eb7d36eb90a1b30ca5a219bd89efc62951bb2fb1bac2f586aa1fc4966101faf_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-network-metrics-daemon-rhel8@sha256:3eb7d36eb90a1b30ca5a219bd89efc62951bb2fb1bac2f586aa1fc4966101faf_arm64 |
| Red Hat | openshift4/ose-machine-config-operator@sha256:3b1e96a12b2a9e260ec4309d2293148a53df87b2a2f78d1f38a69bf94e86e00b_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-machine-config-operator@sha256:3b1e96a12b2a9e260ec4309d2293148a53df87b2a2f78d1f38a69bf94e86e00b_arm64 |
| Red Hat | openshift4/driver-toolkit-rhel8@sha256:2f12bfd2147fc5e12b7b1e227bf8fa5c163e452c61c37d21589192d18b339b37_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/driver-toolkit-rhel8@sha256:2f12bfd2147fc5e12b7b1e227bf8fa5c163e452c61c37d21589192d18b339b37_s390x |
| Red Hat | openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:eb604c6a1fdec41c66a33ae61e97c8dc5f85c1498df8220c21928d182003baf2_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:eb604c6a1fdec41c66a33ae61e97c8dc5f85c1498df8220c21928d182003baf2_arm64 |
| Red Hat | openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:d994edadc90d4ebe1ba53f160e27d55b6fe5947d3a6a4fbe616eec65d77f5c8d_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:d994edadc90d4ebe1ba53f160e27d55b6fe5947d3a6a4fbe616eec65d77f5c8d_amd64 |
| Red Hat | openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:7088de57365618347999bf7cbc15589feb38a2c45ff072bfd80d18dc21dbd74a_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:7088de57365618347999bf7cbc15589feb38a2c45ff072bfd80d18dc21dbd74a_s390x |
| Red Hat | openshift4/ose-agent-installer-api-server-rhel8@sha256:c3a3086323cdb469f6b7cc4ceec2d0637134bcd2973fbcb7c1a52b4c98945fc9_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-agent-installer-api-server-rhel8@sha256:c3a3086323cdb469f6b7cc4ceec2d0637134bcd2973fbcb7c1a52b4c98945fc9_s390x |
| Red Hat | openshift4/ose-docker-builder@sha256:0e7936be00b487aac810f6c519a0cec1341b3f8065a23b969730f96c1a5c5dd0_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-docker-builder@sha256:0e7936be00b487aac810f6c519a0cec1341b3f8065a23b969730f96c1a5c5dd0_amd64 |
| Red Hat | openshift4/network-tools-rhel8@sha256:62a32e7b7b7b69b48936d1b8a698f201b786a43534a6206972afddad62c5d334_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/network-tools-rhel8@sha256:62a32e7b7b7b69b48936d1b8a698f201b786a43534a6206972afddad62c5d334_s390x |
| Red Hat | openshift4/ose-haproxy-router@sha256:901bb3dd2a62bb2c6e2c52e36dcb91c5513bb53bfde0327c69aba8facc4ef4b4_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-haproxy-router@sha256:901bb3dd2a62bb2c6e2c52e36dcb91c5513bb53bfde0327c69aba8facc4ef4b4_ppc64le |
| Red Hat | openshift4/ose-docker-builder@sha256:0e7936be00b487aac810f6c519a0cec1341b3f8065a23b969730f96c1a5c5dd0_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-docker-builder@sha256:0e7936be00b487aac810f6c519a0cec1341b3f8065a23b969730f96c1a5c5dd0_amd64 |
| Red Hat | openshift4/ose-image-customization-controller-rhel8@sha256:66df9c991cbdbfa73be343be07476d6b662065042e11bd3b029fbebb9eddc1df_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-image-customization-controller-rhel8@sha256:66df9c991cbdbfa73be343be07476d6b662065042e11bd3b029fbebb9eddc1df_arm64 |
…and 146 more
Timeline
- Feb 28, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:0895 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2100495 issue
- https://issues.redhat.com/browse/OCPBUGS-6002 advisory
- https://issues.redhat.com/browse/OCPBUGS-6783 advisory
- https://issues.redhat.com/browse/OCPBUGS-6879 advisory
- https://issues.redhat.com/browse/OCPBUGS-7043 advisory
- https://issues.redhat.com/browse/OCPBUGS-7069 advisory
- https://issues.redhat.com/browse/OCPBUGS-7127 advisory
- https://issues.redhat.com/browse/OCPBUGS-7510 advisory
- https://issues.redhat.com/browse/OCPBUGS-7539 advisory
- https://issues.redhat.com/browse/OCPBUGS-7590 advisory
- https://issues.redhat.com/browse/OCPBUGS-7720 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0895.json advisory
- https://access.redhat.com/security/cve/CVE-2021-38561 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-38561 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-38561 advisory
- https://pkg.go.dev/vuln/GO-2021-0113 advisory