VDB
RHSA-2023%3A1646
RHSA-2023%3A1646
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in Helm, a tool for managing Charts, a pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption. Input to functions in the _strvals_ package could cause a stack overflow that is unrecoverable by Go. Applications that use functions from the _strvals_ package in Helm SDK may result in a denial of service.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-sriov-infiniband-cni@sha256:24f5dfd7e42713b3e6d89ccc1bc86d7741efec276cd5e69f46cc419b864688d9_ppc64le as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-sriov-infiniband-cni@sha256:24f5dfd7e42713b3e6d89ccc1bc86d7741efec276cd5e69f46cc419b864688d9_ppc64le, openshift4/ose-sriov-infiniband-cni@sha256:24f5dfd7e42713b3e6d89ccc1bc86d7741efec276cd5e69f46cc419b864688d9_ppc64le |
| Red Hat | openshift4/ose-operator-sdk-rhel8@sha256:906c7ad289132564b1d6ca1568cef787e222dd7343ff427216d7648ef63df358_ppc64le as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-operator-sdk-rhel8@sha256:906c7ad289132564b1d6ca1568cef787e222dd7343ff427216d7648ef63df358_ppc64le |
| Red Hat | openshift4/kubernetes-nmstate-rhel8-operator@sha256:d2e4112b19550688c39ab618f4e9982c747f9398a8e3d20bb7869c64a3b6aa25_s390x as a component of Red Hat OpenShift Container Platform 4.12 | *, openshift4/kubernetes-nmstate-rhel8-operator@sha256:d2e4112b19550688c39ab618f4e9982c747f9398a8e3d20bb7869c64a3b6aa25_s390x |
| Red Hat | openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1fe81f151cbf962594d46759426f063d7f2bfb8281de45658d0ecc9ee8aec25_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1fe81f151cbf962594d46759426f063d7f2bfb8281de45658d0ecc9ee8aec25_amd64 |
| Red Hat | openshift4/ingress-node-firewall@sha256:2a1ee88272b2055ebf89ba07c7ff5119f5fc8709919d212b453071f6f1f7e0ce_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | * |
| Red Hat | openshift4/ose-descheduler@sha256:220e0201b92ac70abd8a9dfa527ddf8dbe685d9d14694a1221d169b84ef10450_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | * |
| Red Hat | openshift4/ose-contour-rhel8@sha256:7cb2aed62097677e36b71cfd4bc69e29484ae7d81e1e5d095dcddf2f5b611ffe_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | *, openshift4/ose-contour-rhel8@sha256:7cb2aed62097677e36b71cfd4bc69e29484ae7d81e1e5d095dcddf2f5b611ffe_arm64 |
| Red Hat | openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:49b54276d945e5c2248936648a4966458ab6063b28f5a84b0f3adfb32c1e22a3_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:49b54276d945e5c2248936648a4966458ab6063b28f5a84b0f3adfb32c1e22a3_arm64, openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:49b54276d945e5c2248936648a4966458ab6063b28f5a84b0f3adfb32c1e22a3_arm64 |
| Red Hat | openshift4/metallb-rhel8-operator@sha256:0ee39e2f6f3c0dc2bc65b385a3e0d66d53d6ea7c76764b5993d31e26e3cf9544_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/metallb-rhel8-operator@sha256:0ee39e2f6f3c0dc2bc65b385a3e0d66d53d6ea7c76764b5993d31e26e3cf9544_amd64, openshift4/metallb-rhel8-operator@sha256:0ee39e2f6f3c0dc2bc65b385a3e0d66d53d6ea7c76764b5993d31e26e3cf9544_amd64 |
| Red Hat | openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1fe81f151cbf962594d46759426f063d7f2bfb8281de45658d0ecc9ee8aec25_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1fe81f151cbf962594d46759426f063d7f2bfb8281de45658d0ecc9ee8aec25_amd64 |
| Red Hat | openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:420f4be14420093a43ec4bf2f972c9287fda054ba13503e6e087a42b4079a426_ppc64le as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:420f4be14420093a43ec4bf2f972c9287fda054ba13503e6e087a42b4079a426_ppc64le, openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:420f4be14420093a43ec4bf2f972c9287fda054ba13503e6e087a42b4079a426_ppc64le |
| Red Hat | openshift4/ose-local-storage-operator@sha256:a90eb5fa7786e68804f9811080ae04ee00df43e1c28e22f9ac9c5c6d4a60a89b_s390x as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-local-storage-operator@sha256:a90eb5fa7786e68804f9811080ae04ee00df43e1c28e22f9ac9c5c6d4a60a89b_s390x, openshift4/ose-local-storage-operator@sha256:a90eb5fa7786e68804f9811080ae04ee00df43e1c28e22f9ac9c5c6d4a60a89b_s390x |
| Red Hat | openshift4/ose-sriov-network-operator@sha256:776b05ef53fb4eba33539808cfce0f9a38ff7a279751e9495b1f5763e4b7c4c6_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | *, openshift4/ose-sriov-network-operator@sha256:776b05ef53fb4eba33539808cfce0f9a38ff7a279751e9495b1f5763e4b7c4c6_arm64 |
| Red Hat | openshift4/ose-service-idler-rhel8@sha256:0f1665b2ce19a23d1348f8fac589c9f4f0f73005987d99a9c3febf87a372d265_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-service-idler-rhel8@sha256:0f1665b2ce19a23d1348f8fac589c9f4f0f73005987d99a9c3febf87a372d265_arm64 |
| Red Hat | openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6831cccfe22f79dbbf0faf78571a74b5e9cfbc30756c020da983a2f511f17fd9_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6831cccfe22f79dbbf0faf78571a74b5e9cfbc30756c020da983a2f511f17fd9_amd64 |
| Red Hat | openshift4/ose-egress-http-proxy@sha256:4c4e4f630c0441004fcde6f53d0190542dfbec3ff6bea6ddb0381be9530d350b_ppc64le as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-egress-http-proxy@sha256:4c4e4f630c0441004fcde6f53d0190542dfbec3ff6bea6ddb0381be9530d350b_ppc64le, openshift4/ose-egress-http-proxy@sha256:4c4e4f630c0441004fcde6f53d0190542dfbec3ff6bea6ddb0381be9530d350b_ppc64le |
| Red Hat | openshift4/ose-local-storage-mustgather-rhel8@sha256:ea655624dbeaa3a53a85cafebd886e822e4d04b0c0a5a26a7ae856ec2f4eb589_s390x as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-local-storage-mustgather-rhel8@sha256:ea655624dbeaa3a53a85cafebd886e822e4d04b0c0a5a26a7ae856ec2f4eb589_s390x |
| Red Hat | openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:63643dc69a88b9f2a410403583e1468bc34c9606674d066d382c9f8f48b03b3a_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:63643dc69a88b9f2a410403583e1468bc34c9606674d066d382c9f8f48b03b3a_amd64, openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:63643dc69a88b9f2a410403583e1468bc34c9606674d066d382c9f8f48b03b3a_amd64 |
| Red Hat | openshift4/ose-sriov-network-webhook@sha256:2470cc4c171a14e1f2a38e331e7c55fd591931b4dff6bd32d7d06bdf8b11857e_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-sriov-network-webhook@sha256:2470cc4c171a14e1f2a38e331e7c55fd591931b4dff6bd32d7d06bdf8b11857e_arm64 |
| Red Hat | openshift4/ose-service-idler-rhel8@sha256:746b444cc0ae4cfe6af6ece01b86ef09cead7a2db0fbdaba3613102605db9f54_ppc64le as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-service-idler-rhel8@sha256:746b444cc0ae4cfe6af6ece01b86ef09cead7a2db0fbdaba3613102605db9f54_ppc64le, openshift4/ose-service-idler-rhel8@sha256:746b444cc0ae4cfe6af6ece01b86ef09cead7a2db0fbdaba3613102605db9f54_ppc64le |
…and 328 more
Timeline
- Apr 11, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 7, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:1646 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2154196 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2154200 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2154202 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1646.json advisory
- https://access.redhat.com/security/cve/CVE-2022-23524 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-23524 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-23524 advisory
- https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r advisory
- https://access.redhat.com/security/cve/CVE-2022-23525 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-23525 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-23525 advisory
- https://github.com/helm/helm/commit/638ebffbc2e445156f3978f02fd83d9af1e56f5b advisory
- https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q advisory
- https://access.redhat.com/security/cve/CVE-2022-23526 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-23526 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-23526 advisory
- https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d advisory
…and 1 more