VDB

RHSA-2023%3A3943

RHSA-2023%3A3943 PUBLISHED CVSS 7.5 HIGH

A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatadvanced-cluster-security/rhacs-rhel8-operator@sha256:b366864281deb4b324c282380db13cfe0f0933361ebc706988a2cbaa403fe37a_amd64 as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-rhel8-operator@sha256:b366864281deb4b324c282380db13cfe0f0933361ebc706988a2cbaa403fe37a_amd64, advanced-cluster-security/rhacs-rhel8-operator@sha256:b366864281deb4b324c282380db13cfe0f0933361ebc706988a2cbaa403fe37a_amd64, *
Red Hatadvanced-cluster-security/rhacs-central-db-rhel8@sha256:4616744855907343d0be7fa1787e35b281ef3b66e5a23fab101b5e128f52ad3b_s390x as a component of RHACS 4.1 for RHEL 8*, advanced-cluster-security/rhacs-central-db-rhel8@sha256:4616744855907343d0be7fa1787e35b281ef3b66e5a23fab101b5e128f52ad3b_s390x, advanced-cluster-security/rhacs-central-db-rhel8@sha256:4616744855907343d0be7fa1787e35b281ef3b66e5a23fab101b5e128f52ad3b_s390x
Red Hatadvanced-cluster-security/rhacs-main-rhel8@sha256:378d9937f14520c62e0badb320cc755806d2a517873b12d2f9f08fb857562433_amd64 as a component of RHACS 4.1 for RHEL 8*, *, *
Red Hatadvanced-cluster-security/rhacs-operator-bundle@sha256:977f07546dc7d0d8f5501e5fa64d311d8071d491b7ea4eb5f9577f88be890dac_ppc64le as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-operator-bundle@sha256:977f07546dc7d0d8f5501e5fa64d311d8071d491b7ea4eb5f9577f88be890dac_ppc64le, *, advanced-cluster-security/rhacs-operator-bundle@sha256:977f07546dc7d0d8f5501e5fa64d311d8071d491b7ea4eb5f9577f88be890dac_ppc64le
Red Hatadvanced-cluster-security/rhacs-central-db-rhel8@sha256:2238b2405110f100d7e499fbb6313df6a41a543e07032f04c86b073f5472f73e_amd64 as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-central-db-rhel8@sha256:2238b2405110f100d7e499fbb6313df6a41a543e07032f04c86b073f5472f73e_amd64, advanced-cluster-security/rhacs-central-db-rhel8@sha256:2238b2405110f100d7e499fbb6313df6a41a543e07032f04c86b073f5472f73e_amd64, *
Red Hatadvanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c1fadaff2477a1b5911c66488450112d2bec18fb3c98982ae191812745d6c841_s390x as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c1fadaff2477a1b5911c66488450112d2bec18fb3c98982ae191812745d6c841_s390x, *, advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c1fadaff2477a1b5911c66488450112d2bec18fb3c98982ae191812745d6c841_s390x
Red Hatadvanced-cluster-security/rhacs-operator-bundle@sha256:977f07546dc7d0d8f5501e5fa64d311d8071d491b7ea4eb5f9577f88be890dac_ppc64le as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-operator-bundle@sha256:977f07546dc7d0d8f5501e5fa64d311d8071d491b7ea4eb5f9577f88be890dac_ppc64le, *, *
Red Hatadvanced-cluster-security/rhacs-scanner-rhel8@sha256:29ae0c58a01fc6439da2dd3b8ed3651ec23211dd4ce3be8a6f169b2fe2dcfecb_s390x as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-scanner-rhel8@sha256:29ae0c58a01fc6439da2dd3b8ed3651ec23211dd4ce3be8a6f169b2fe2dcfecb_s390x, *, *
Red Hatadvanced-cluster-security/rhacs-central-db-rhel8@sha256:20fc9c1f2c050968b0f2d6b3011c5ced868fb7b05e6601a6a835bf681be30f09_ppc64le as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-central-db-rhel8@sha256:20fc9c1f2c050968b0f2d6b3011c5ced868fb7b05e6601a6a835bf681be30f09_ppc64le, advanced-cluster-security/rhacs-central-db-rhel8@sha256:20fc9c1f2c050968b0f2d6b3011c5ced868fb7b05e6601a6a835bf681be30f09_ppc64le, advanced-cluster-security/rhacs-central-db-rhel8@sha256:20fc9c1f2c050968b0f2d6b3011c5ced868fb7b05e6601a6a835bf681be30f09_ppc64le
Red Hatadvanced-cluster-security/rhacs-scanner-rhel8@sha256:45b357d9025f81d212c9121b31441b60940cf997b1a53bcfa6ae8ccc381b84ed_ppc64le as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-scanner-rhel8@sha256:45b357d9025f81d212c9121b31441b60940cf997b1a53bcfa6ae8ccc381b84ed_ppc64le, *, *
Red Hatadvanced-cluster-security/rhacs-roxctl-rhel8@sha256:e65f2cc299a72c836fcad4725fad101e9cbce840cdfbb5e998f79ae5a16ca4df_amd64 as a component of RHACS 4.1 for RHEL 8*, advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e65f2cc299a72c836fcad4725fad101e9cbce840cdfbb5e998f79ae5a16ca4df_amd64, *
Red Hatadvanced-cluster-security/rhacs-main-rhel8@sha256:7e86701d783471db34743c44d527f55b02bb922b3bc270ce4c9f749885991730_ppc64le as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-main-rhel8@sha256:7e86701d783471db34743c44d527f55b02bb922b3bc270ce4c9f749885991730_ppc64le, advanced-cluster-security/rhacs-main-rhel8@sha256:7e86701d783471db34743c44d527f55b02bb922b3bc270ce4c9f749885991730_ppc64le, advanced-cluster-security/rhacs-main-rhel8@sha256:7e86701d783471db34743c44d527f55b02bb922b3bc270ce4c9f749885991730_ppc64le
Red Hatadvanced-cluster-security/rhacs-scanner-rhel8@sha256:29ae0c58a01fc6439da2dd3b8ed3651ec23211dd4ce3be8a6f169b2fe2dcfecb_s390x as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-scanner-rhel8@sha256:29ae0c58a01fc6439da2dd3b8ed3651ec23211dd4ce3be8a6f169b2fe2dcfecb_s390x, advanced-cluster-security/rhacs-scanner-rhel8@sha256:29ae0c58a01fc6439da2dd3b8ed3651ec23211dd4ce3be8a6f169b2fe2dcfecb_s390x, advanced-cluster-security/rhacs-scanner-rhel8@sha256:29ae0c58a01fc6439da2dd3b8ed3651ec23211dd4ce3be8a6f169b2fe2dcfecb_s390x
Red Hatadvanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0fc086b3aed2f0511d3b994a07a2ba3fcfdfa2a12b29d151e3b2ccbeb639a891_ppc64le as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0fc086b3aed2f0511d3b994a07a2ba3fcfdfa2a12b29d151e3b2ccbeb639a891_ppc64le, advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0fc086b3aed2f0511d3b994a07a2ba3fcfdfa2a12b29d151e3b2ccbeb639a891_ppc64le, advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0fc086b3aed2f0511d3b994a07a2ba3fcfdfa2a12b29d151e3b2ccbeb639a891_ppc64le
Red Hatadvanced-cluster-security/rhacs-roxctl-rhel8@sha256:ed0d8c9651090b6ddc7885a4a1542e636d35d7bc7644db1a95a16e10fa2a85ea_s390x as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ed0d8c9651090b6ddc7885a4a1542e636d35d7bc7644db1a95a16e10fa2a85ea_s390x, advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ed0d8c9651090b6ddc7885a4a1542e636d35d7bc7644db1a95a16e10fa2a85ea_s390x, *
Red Hatadvanced-cluster-security/rhacs-main-rhel8@sha256:222b3ba1cf2a40cb31198091b667f351a78a65db1ed7537323c2e477c9878124_s390x as a component of RHACS 4.1 for RHEL 8*, *, advanced-cluster-security/rhacs-main-rhel8@sha256:222b3ba1cf2a40cb31198091b667f351a78a65db1ed7537323c2e477c9878124_s390x
Red Hatadvanced-cluster-security/rhacs-roxctl-rhel8@sha256:e65f2cc299a72c836fcad4725fad101e9cbce840cdfbb5e998f79ae5a16ca4df_amd64 as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e65f2cc299a72c836fcad4725fad101e9cbce840cdfbb5e998f79ae5a16ca4df_amd64, advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e65f2cc299a72c836fcad4725fad101e9cbce840cdfbb5e998f79ae5a16ca4df_amd64, advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e65f2cc299a72c836fcad4725fad101e9cbce840cdfbb5e998f79ae5a16ca4df_amd64
Red Hatadvanced-cluster-security/rhacs-central-db-rhel8@sha256:2238b2405110f100d7e499fbb6313df6a41a543e07032f04c86b073f5472f73e_amd64 as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-central-db-rhel8@sha256:2238b2405110f100d7e499fbb6313df6a41a543e07032f04c86b073f5472f73e_amd64, *, *
Red Hatadvanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0fc086b3aed2f0511d3b994a07a2ba3fcfdfa2a12b29d151e3b2ccbeb639a891_ppc64le as a component of RHACS 4.1 for RHEL 8advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0fc086b3aed2f0511d3b994a07a2ba3fcfdfa2a12b29d151e3b2ccbeb639a891_ppc64le, *, *

…and 48 more

Timeline

  • Jun 29, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 20, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›