VDB

RHSA-2026%3A1004

RHSA-2026%3A1004 PUBLISHED CVSS 7.5 HIGH

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer() processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying writer pipe to close. In affected versions, this leaves the Writer interface unusable and can disrupt logging functionality, potentially degrading application availability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatregistry.redhat.io/openshift4/ose-aws-efs-csi-driver-rhel8-operator@sha256:71b303e2f59319a77c6aaa8259576085d84eda855693bbddc10391c217ad80e0_arm64 as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-aws-efs-csi-driver-rhel8-operator@sha256:71b303e2f59319a77c6aaa8259576085d84eda855693bbddc10391c217ad80e0_arm64
Red Hatregistry.redhat.io/openshift4/ose-sriov-dp-admission-controller@sha256:ad30c480c58432fa0149b81bfd90f9352a7b01da3f7b6278689ceae3365f1f14_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, registry.redhat.io/openshift4/ose-sriov-dp-admission-controller@sha256:ad30c480c58432fa0149b81bfd90f9352a7b01da3f7b6278689ceae3365f1f14_amd64
Red Hatregistry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:55fb0fa279ffeafdd6f098a6b967e533bd45a1fd3a3947f36c405e9eebe3aed7_s390x as a component of Red Hat OpenShift Container Platform 4.14*, registry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:55fb0fa279ffeafdd6f098a6b967e533bd45a1fd3a3947f36c405e9eebe3aed7_s390x
Red Hatregistry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:f41821a8106fe0b470c9ee935628b9457893adaaa2fdd26b905c7d2bcae16ec8_ppc64le as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:f41821a8106fe0b470c9ee935628b9457893adaaa2fdd26b905c7d2bcae16ec8_ppc64le
Red Hatregistry.redhat.io/openshift4/ose-sriov-dp-admission-controller@sha256:0c4d2d801365cb7d930b30f8fd8dc2f0014b986e52e9b9e01535440a74ae1ad9_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, *
Red Hatregistry.redhat.io/openshift4/nmstate-console-plugin-rhel8@sha256:12865dd331ae92b5ab97bf251057dc9172b473364445aeb2ee7e3ee69cf9bc96_s390x as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/nmstate-console-plugin-rhel8@sha256:12865dd331ae92b5ab97bf251057dc9172b473364445aeb2ee7e3ee69cf9bc96_s390x, *
Red Hatregistry.redhat.io/openshift4/cloud-event-proxy-rhel8@sha256:1f292cb1128d143b935ca01784676e00dceb9a2b5201469c4918ffab98a1af2b_arm64 as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/cloud-event-proxy-rhel8@sha256:1f292cb1128d143b935ca01784676e00dceb9a2b5201469c4918ffab98a1af2b_arm64, *
Red Hatregistry.redhat.io/openshift4/ose-egress-router@sha256:e518f945388bc422643945920ca07639f20cd76e11fd7af07102a0200141111a_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, registry.redhat.io/openshift4/ose-egress-router@sha256:e518f945388bc422643945920ca07639f20cd76e11fd7af07102a0200141111a_amd64
Red Hatregistry.redhat.io/openshift4/ose-operator-sdk-rhel8@sha256:e9412c088ecda6dd399c93473ecceb93afc507654c85ada3ef6717ec00abd83d_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*
Red Hatregistry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8@sha256:00e672b60409ace3511b563a1dc50aa74355a46385d62f2b5715414ecabe044a_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8@sha256:00e672b60409ace3511b563a1dc50aa74355a46385d62f2b5715414ecabe044a_amd64
Red Hatregistry.redhat.io/openshift4/ose-sriov-dp-admission-controller@sha256:0c4d2d801365cb7d930b30f8fd8dc2f0014b986e52e9b9e01535440a74ae1ad9_ppc64le as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-sriov-dp-admission-controller@sha256:0c4d2d801365cb7d930b30f8fd8dc2f0014b986e52e9b9e01535440a74ae1ad9_ppc64le
Red Hatregistry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:71c3d0cc3e101bd9004861e10a2cfdbb585ce16917e991142bd3035257658c7f_arm64 as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:71c3d0cc3e101bd9004861e10a2cfdbb585ce16917e991142bd3035257658c7f_arm64
Red Hatregistry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4f5d15f2ced5eea7ad2294149b6b5f0df37f34f5d1984a55edbdebab8b2eb42d_ppc64le as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4f5d15f2ced5eea7ad2294149b6b5f0df37f34f5d1984a55edbdebab8b2eb42d_ppc64le
Red Hatregistry.redhat.io/openshift4/ose-secrets-store-csi-driver-rhel8-operator@sha256:fb348fee33ae66f171ba1fbba8c2a279d99f0133c47139c0553082eb79e4e6b0_ppc64le as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-secrets-store-csi-driver-rhel8-operator@sha256:fb348fee33ae66f171ba1fbba8c2a279d99f0133c47139c0553082eb79e4e6b0_ppc64le
Red Hatregistry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel9@sha256:6854d5b0c7b8d21d155d626b8c26b5ec61c7deef083dad25dd2eb7e520f3ba9f_arm64 as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel9@sha256:6854d5b0c7b8d21d155d626b8c26b5ec61c7deef083dad25dd2eb7e520f3ba9f_arm64, *
Red Hatregistry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:39d0af858c79257512d43a43af1ce34249c1b755d27bafd5c6ef678c3f5ce623_s390x as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:39d0af858c79257512d43a43af1ce34249c1b755d27bafd5c6ef678c3f5ce623_s390x
Red Hatregistry.redhat.io/openshift4/ose-ptp-rhel9@sha256:7b676c4ef70b99f206d01a0e8356476c3cdfb24001a1c4fde9b16b27ecec2268_arm64 as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-ptp-rhel9@sha256:7b676c4ef70b99f206d01a0e8356476c3cdfb24001a1c4fde9b16b27ecec2268_arm64
Red Hatregistry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:97020a81f7abcbc6458a69328b9f687924c6e5fec3337436d392c00bc17bb885_amd64 as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:97020a81f7abcbc6458a69328b9f687924c6e5fec3337436d392c00bc17bb885_amd64, *
Red Hatregistry.redhat.io/openshift4/ose-operator-sdk-rhel8@sha256:e9412c088ecda6dd399c93473ecceb93afc507654c85ada3ef6717ec00abd83d_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, registry.redhat.io/openshift4/ose-operator-sdk-rhel8@sha256:e9412c088ecda6dd399c93473ecceb93afc507654c85ada3ef6717ec00abd83d_ppc64le
Red Hatregistry.redhat.io/openshift4/ose-sriov-network-device-plugin@sha256:ede4c1fb392afea2550e3d7b149d249ca4e2163cff9f2e04ab9c110589a74d0e_amd64 as a component of Red Hat OpenShift Container Platform 4.14registry.redhat.io/openshift4/ose-sriov-network-device-plugin@sha256:ede4c1fb392afea2550e3d7b149d249ca4e2163cff9f2e04ab9c110589a74d0e_amd64

…and 296 more

Timeline

  • Jan 30, 2026 CVE Published
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
  • May 13, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›