VDB
RHSA-2023%3A4310
RHSA-2023%3A4310
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-cluster-policy-controller-rhel8@sha256:fa02c23d30f85a63e7132b020c650e53a6e51eae85e9357a9773f15c89d9bbb8_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-policy-controller-rhel8@sha256:fa02c23d30f85a63e7132b020c650e53a6e51eae85e9357a9773f15c89d9bbb8_amd64 |
| Red Hat | openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:500b13afbdf96bcca357e7bfe55438dfb2fdc07a639fcc95014f4366e151b07d_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:500b13afbdf96bcca357e7bfe55438dfb2fdc07a639fcc95014f4366e151b07d_amd64 |
| Red Hat | openshift4/ose-csi-driver-manila-rhel8@sha256:29483751650427dce5ffd7822847f64b5fb176bb5e3c1ce1d3fb87d995286440_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-csi-driver-manila-rhel8@sha256:29483751650427dce5ffd7822847f64b5fb176bb5e3c1ce1d3fb87d995286440_amd64 |
| Red Hat | openshift4/ose-cluster-openshift-apiserver-operator@sha256:a16bf8398fe11aa4002ab13f8555eccf1f145d2ea02721f54a861958ce8724a9_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-openshift-apiserver-operator@sha256:a16bf8398fe11aa4002ab13f8555eccf1f145d2ea02721f54a861958ce8724a9_arm64 |
| Red Hat | openshift4/ose-cli-artifacts@sha256:177ecbbf75a9ad93a236c3e6dc12a109abc65be0dd533840f94f6d5fdd73eba2_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:18ca8336cb961cc9ce0229183aecddeb963d39af38046f5f315629b6b99d101e_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:18ca8336cb961cc9ce0229183aecddeb963d39af38046f5f315629b6b99d101e_arm64 |
| Red Hat | openshift4/ose-operator-lifecycle-manager@sha256:569c976d45f76d48ff57d2a7caca2914aaad009050aa1a00d6132cc2d7ec942d_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-operator-lifecycle-manager@sha256:569c976d45f76d48ff57d2a7caca2914aaad009050aa1a00d6132cc2d7ec942d_amd64 |
| Red Hat | openshift4/ose-kube-state-metrics@sha256:f9611d34cae3bf3caf10ca14576e7cb7a41e34658e69aa9625c3ccb9c9072ce2_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-kube-state-metrics@sha256:f9611d34cae3bf3caf10ca14576e7cb7a41e34658e69aa9625c3ccb9c9072ce2_ppc64le |
| Red Hat | openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:b3d13bafa4d85cd1d639b3794b94cf6238a21a52ffdfa931ea9605375e6b8afd_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:a3dac577d369f02316edb615a954f820568989589accec0d8891732e60f9f7c4_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-azure-disk-csi-driver-rhel8@sha256:039756ea3ff8e91d015c0cc872a93e4e1eca9d2e37f9332d0b1c018dc46224b0_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-azure-disk-csi-driver-rhel8@sha256:039756ea3ff8e91d015c0cc872a93e4e1eca9d2e37f9332d0b1c018dc46224b0_arm64 |
| Red Hat | openshift4/ose-csi-snapshot-controller@sha256:a6b98dc140fe646c29cfdac0f3b7feb831d3650ea7efc1b6514b84cf425959f0_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-csi-snapshot-controller@sha256:a6b98dc140fe646c29cfdac0f3b7feb831d3650ea7efc1b6514b84cf425959f0_ppc64le |
| Red Hat | openshift4/ose-cluster-machine-approver@sha256:7539e713fb6a6d59795e6f1ddffe5040464c1439a989b39635a464fbb2164297_arm64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-machine-approver@sha256:7539e713fb6a6d59795e6f1ddffe5040464c1439a989b39635a464fbb2164297_arm64 |
| Red Hat | openshift4/ose-cluster-openshift-controller-manager-operator@sha256:367f86df18aab007afb3a06a90841958480315cb2c1cc8a81cdca3b5a71fb4c5_s390x as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-cluster-version-operator@sha256:786f8183e4d80503078180e28bcb034ce52967aef8a931cbca9ee8b32d76d8bc_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-version-operator@sha256:786f8183e4d80503078180e28bcb034ce52967aef8a931cbca9ee8b32d76d8bc_ppc64le |
| Red Hat | openshift4/ose-openshift-controller-manager-rhel8@sha256:acb2276cbbe9160dcef6dfbe43636479fae768b3de482792853a76cd98c15828_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-telemeter@sha256:4dcc105f34ba6146441353cf150c8ff4a8d4d5381125891bc0296b583fe0b9f9_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-telemeter@sha256:4dcc105f34ba6146441353cf150c8ff4a8d4d5381125891bc0296b583fe0b9f9_amd64 |
| Red Hat | openshift4/ose-kube-storage-version-migrator-rhel8@sha256:b7f82a2b1e5078bc2405fcbf3a3627d5f81c8ee3250a71fd4ccd204f88154b5f_amd64 as a component of Red Hat OpenShift Container Platform 4.11 | * |
| Red Hat | openshift4/ose-csi-external-attacher@sha256:5a819dccc0cab00045d878a81939b2f9b05a3dbcfa24394c5814b339bf733eb5_s390x as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-csi-external-attacher@sha256:5a819dccc0cab00045d878a81939b2f9b05a3dbcfa24394c5814b339bf733eb5_s390x |
| Red Hat | openshift4/ose-cluster-node-tuning-operator@sha256:ba6e4fd627fbe01279599c2c3ea72f843494b6296101ba9fd18d75453beae7de_ppc64le as a component of Red Hat OpenShift Container Platform 4.11 | openshift4/ose-cluster-node-tuning-operator@sha256:ba6e4fd627fbe01279599c2c3ea72f843494b6296101ba9fd18d75453beae7de_ppc64le |
…and 1116 more
Timeline
- Aug 2, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:4310 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2100495 issue
- https://issues.redhat.com/browse/OCPBUGS-15506 advisory
- https://issues.redhat.com/browse/OCPBUGS-15539 advisory
- https://issues.redhat.com/browse/OCPBUGS-15876 advisory
- https://issues.redhat.com/browse/OCPBUGS-16037 advisory
- https://issues.redhat.com/browse/OCPBUGS-16126 advisory
- https://issues.redhat.com/browse/OCPBUGS-16152 advisory
- https://issues.redhat.com/browse/OCPBUGS-5708 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4310.json advisory
- https://access.redhat.com/security/cve/CVE-2021-38561 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-38561 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-38561 advisory
- https://pkg.go.dev/vuln/GO-2021-0113 advisory