VDB
RHSA-2026%3A3871
RHSA-2026%3A3871
PUBLISHED
CVSS 7.5 HIGH
A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer() processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying writer pipe to close. In affected versions, this leaves the Writer interface unusable and can disrupt logging functionality, potentially degrading application availability.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | registry.redhat.io/openshift4/ose-sriov-cni@sha256:7dc6970b00d26b851a372b7bf45f08226aecdb38ca5f969f51a68c2de32839a7_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ose-sriov-cni@sha256:7dc6970b00d26b851a372b7bf45f08226aecdb38ca5f969f51a68c2de32839a7_amd64 |
| Red Hat | registry.redhat.io/openshift4/ose-cluster-capacity@sha256:6eb32f20c6dc17aef3b0e7f8b01eb8046a3e34a3713b9ea47daeba82db0d898b_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, *, * |
| Red Hat | registry.redhat.io/openshift4/cloud-event-proxy-rhel8@sha256:edbfad083c5ab36e6947d3c6f5618e571bf1f165107b23aa46624b3baad6913f_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, *, * |
| Red Hat | registry.redhat.io/openshift4/ptp-must-gather-rhel8@sha256:e096631279009813daf52770d53168f12e374b82e8f103e2cb302cb2cc71d70b_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ptp-must-gather-rhel8@sha256:e096631279009813daf52770d53168f12e374b82e8f103e2cb302cb2cc71d70b_amd64 |
| Red Hat | registry.redhat.io/openshift4/ose-egress-router@sha256:0fc99eb0e92d6162dd82ff1cd085653065efa782334e9613b73bcb66138ef5cc_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ose-egress-router@sha256:0fc99eb0e92d6162dd82ff1cd085653065efa782334e9613b73bcb66138ef5cc_amd64 |
| Red Hat | registry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:9c380ce862e020ebaa3c10c53a4a7cf3e5ee9c931f5f90940e6cde2bdbaaa4f9_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | * |
| Red Hat | registry.redhat.io/openshift4/ose-ansible-operator@sha256:3d888bf8235e0d1164760f1d8df2d0dac10a6dfbe123a8688f75e10bc66cbae5_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ose-ansible-operator@sha256:3d888bf8235e0d1164760f1d8df2d0dac10a6dfbe123a8688f75e10bc66cbae5_amd64 |
| Red Hat | registry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:9c380ce862e020ebaa3c10c53a4a7cf3e5ee9c931f5f90940e6cde2bdbaaa4f9_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, registry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:9c380ce862e020ebaa3c10c53a4a7cf3e5ee9c931f5f90940e6cde2bdbaaa4f9_amd64, * |
| Red Hat | registry.redhat.io/openshift4/ose-gcp-filestore-csi-driver-rhel8-operator@sha256:233329f6163cb4b05092d9319a0a8ac2e639ba3df4cab4f95a49c1a10ada3d01_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | * |
| Red Hat | registry.redhat.io/openshift4/ose-sriov-dp-admission-controller@sha256:d394db9f63df7b3c91176d879ad5c7fd55a5a640c6b6ec1ee61c825a25bd082e_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, *, * |
| Red Hat | registry.redhat.io/openshift4/ose-sriov-network-webhook@sha256:41c878c2ad886a975ed5a28abd7691bb9502953100025c3114390722e5504acd_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ose-sriov-network-webhook@sha256:41c878c2ad886a975ed5a28abd7691bb9502953100025c3114390722e5504acd_amd64 |
| Red Hat | registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:27fc589bd479560d45e12d74f433f032b5602095f6e9c4f3e4e1ed27aef1cea5_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:27fc589bd479560d45e12d74f433f032b5602095f6e9c4f3e4e1ed27aef1cea5_amd64 |
| Red Hat | registry.redhat.io/openshift4/ose-sriov-network-operator@sha256:8d8902fdf9efd5f28008eecda0c3cb29748adb4d553f6f46dc8a410044089b44_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ose-sriov-network-operator@sha256:8d8902fdf9efd5f28008eecda0c3cb29748adb4d553f6f46dc8a410044089b44_amd64 |
| Red Hat | registry.redhat.io/openshift4/ose-ptp-operator@sha256:9838a3c5d3cc0ca8784e520a7c0612330f43daab875b6f08064044650fa3d72d_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, registry.redhat.io/openshift4/ose-ptp-operator@sha256:9838a3c5d3cc0ca8784e520a7c0612330f43daab875b6f08064044650fa3d72d_amd64, * |
| Red Hat | registry.redhat.io/openshift4/ose-gcp-filestore-csi-driver-rhel8-operator@sha256:233329f6163cb4b05092d9319a0a8ac2e639ba3df4cab4f95a49c1a10ada3d01_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | *, *, * |
| Red Hat | registry.redhat.io/openshift4/ose-sriov-network-config-daemon@sha256:e879548724840a0c6b57274fba7fe366ccd7f7ddf8bad4b929b4a8ec52ee917c_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ose-sriov-network-config-daemon@sha256:e879548724840a0c6b57274fba7fe366ccd7f7ddf8bad4b929b4a8ec52ee917c_amd64, *, * |
| Red Hat | registry.redhat.io/openshift4/ose-sriov-dp-admission-controller@sha256:d394db9f63df7b3c91176d879ad5c7fd55a5a640c6b6ec1ee61c825a25bd082e_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | * |
| Red Hat | registry.redhat.io/openshift4/ose-sriov-network-device-plugin@sha256:b41b21bc102d1b71cdbc7b34189c6bbceb4d065b9a8816c88672422b9041c188_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | * |
| Red Hat | registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:d3d23f03c8d6b6b790bd15a9361cee0fdd20cd8cff25e287d3c33d51f6a8f62c_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:d3d23f03c8d6b6b790bd15a9361cee0fdd20cd8cff25e287d3c33d51f6a8f62c_amd64 |
| Red Hat | registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b43913c58b31de305bc67382c48e38219ec83bee7eee05f3632ddff010a2b67c_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b43913c58b31de305bc67382c48e38219ec83bee7eee05f3632ddff010a2b67c_amd64 |
…and 56 more
Timeline
- Mar 12, 2026 CVE Published
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- May 28, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2026:3871 advisory
- https://access.redhat.com/security/cve/CVE-2025-65637 advisory
- https://access.redhat.com/security/updates/classification/ advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3871.json advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2418900 issue
- https://www.cve.org/CVERecord?id=CVE-2025-65637 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-65637 advisory
- https://github.com/mjuanxd/logrus-dos-poc exploit
- https://github.com/mjuanxd/logrus-dos-poc/blob/main/README.md exploit
- https://github.com/sirupsen/logrus/issues/1370 advisory
- https://github.com/sirupsen/logrus/pull/1376 advisory
- https://github.com/sirupsen/logrus/releases/tag/v1.8.3 advisory
- https://github.com/sirupsen/logrus/releases/tag/v1.9.1 advisory
- https://github.com/sirupsen/logrus/releases/tag/v1.9.3 advisory
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSIRUPSENLOGRUS-5564391 advisory