VDB

RHSA-2026%3A3871

RHSA-2026%3A3871 PUBLISHED CVSS 7.5 HIGH

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer() processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying writer pipe to close. In affected versions, this leaves the Writer interface unusable and can disrupt logging functionality, potentially degrading application availability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatregistry.redhat.io/openshift4/ose-sriov-cni@sha256:7dc6970b00d26b851a372b7bf45f08226aecdb38ca5f969f51a68c2de32839a7_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ose-sriov-cni@sha256:7dc6970b00d26b851a372b7bf45f08226aecdb38ca5f969f51a68c2de32839a7_amd64
Red Hatregistry.redhat.io/openshift4/ose-cluster-capacity@sha256:6eb32f20c6dc17aef3b0e7f8b01eb8046a3e34a3713b9ea47daeba82db0d898b_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, *, *
Red Hatregistry.redhat.io/openshift4/cloud-event-proxy-rhel8@sha256:edbfad083c5ab36e6947d3c6f5618e571bf1f165107b23aa46624b3baad6913f_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, *, *
Red Hatregistry.redhat.io/openshift4/ptp-must-gather-rhel8@sha256:e096631279009813daf52770d53168f12e374b82e8f103e2cb302cb2cc71d70b_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ptp-must-gather-rhel8@sha256:e096631279009813daf52770d53168f12e374b82e8f103e2cb302cb2cc71d70b_amd64
Red Hatregistry.redhat.io/openshift4/ose-egress-router@sha256:0fc99eb0e92d6162dd82ff1cd085653065efa782334e9613b73bcb66138ef5cc_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ose-egress-router@sha256:0fc99eb0e92d6162dd82ff1cd085653065efa782334e9613b73bcb66138ef5cc_amd64
Red Hatregistry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:9c380ce862e020ebaa3c10c53a4a7cf3e5ee9c931f5f90940e6cde2bdbaaa4f9_amd64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatregistry.redhat.io/openshift4/ose-ansible-operator@sha256:3d888bf8235e0d1164760f1d8df2d0dac10a6dfbe123a8688f75e10bc66cbae5_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ose-ansible-operator@sha256:3d888bf8235e0d1164760f1d8df2d0dac10a6dfbe123a8688f75e10bc66cbae5_amd64
Red Hatregistry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:9c380ce862e020ebaa3c10c53a4a7cf3e5ee9c931f5f90940e6cde2bdbaaa4f9_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, registry.redhat.io/openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:9c380ce862e020ebaa3c10c53a4a7cf3e5ee9c931f5f90940e6cde2bdbaaa4f9_amd64, *
Red Hatregistry.redhat.io/openshift4/ose-gcp-filestore-csi-driver-rhel8-operator@sha256:233329f6163cb4b05092d9319a0a8ac2e639ba3df4cab4f95a49c1a10ada3d01_amd64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatregistry.redhat.io/openshift4/ose-sriov-dp-admission-controller@sha256:d394db9f63df7b3c91176d879ad5c7fd55a5a640c6b6ec1ee61c825a25bd082e_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, *, *
Red Hatregistry.redhat.io/openshift4/ose-sriov-network-webhook@sha256:41c878c2ad886a975ed5a28abd7691bb9502953100025c3114390722e5504acd_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ose-sriov-network-webhook@sha256:41c878c2ad886a975ed5a28abd7691bb9502953100025c3114390722e5504acd_amd64
Red Hatregistry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:27fc589bd479560d45e12d74f433f032b5602095f6e9c4f3e4e1ed27aef1cea5_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:27fc589bd479560d45e12d74f433f032b5602095f6e9c4f3e4e1ed27aef1cea5_amd64
Red Hatregistry.redhat.io/openshift4/ose-sriov-network-operator@sha256:8d8902fdf9efd5f28008eecda0c3cb29748adb4d553f6f46dc8a410044089b44_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ose-sriov-network-operator@sha256:8d8902fdf9efd5f28008eecda0c3cb29748adb4d553f6f46dc8a410044089b44_amd64
Red Hatregistry.redhat.io/openshift4/ose-ptp-operator@sha256:9838a3c5d3cc0ca8784e520a7c0612330f43daab875b6f08064044650fa3d72d_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, registry.redhat.io/openshift4/ose-ptp-operator@sha256:9838a3c5d3cc0ca8784e520a7c0612330f43daab875b6f08064044650fa3d72d_amd64, *
Red Hatregistry.redhat.io/openshift4/ose-gcp-filestore-csi-driver-rhel8-operator@sha256:233329f6163cb4b05092d9319a0a8ac2e639ba3df4cab4f95a49c1a10ada3d01_amd64 as a component of Red Hat OpenShift Container Platform 4.12*, *, *
Red Hatregistry.redhat.io/openshift4/ose-sriov-network-config-daemon@sha256:e879548724840a0c6b57274fba7fe366ccd7f7ddf8bad4b929b4a8ec52ee917c_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ose-sriov-network-config-daemon@sha256:e879548724840a0c6b57274fba7fe366ccd7f7ddf8bad4b929b4a8ec52ee917c_amd64, *, *
Red Hatregistry.redhat.io/openshift4/ose-sriov-dp-admission-controller@sha256:d394db9f63df7b3c91176d879ad5c7fd55a5a640c6b6ec1ee61c825a25bd082e_amd64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatregistry.redhat.io/openshift4/ose-sriov-network-device-plugin@sha256:b41b21bc102d1b71cdbc7b34189c6bbceb4d065b9a8816c88672422b9041c188_amd64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatregistry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:d3d23f03c8d6b6b790bd15a9361cee0fdd20cd8cff25e287d3c33d51f6a8f62c_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:d3d23f03c8d6b6b790bd15a9361cee0fdd20cd8cff25e287d3c33d51f6a8f62c_amd64
Red Hatregistry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b43913c58b31de305bc67382c48e38219ec83bee7eee05f3632ddff010a2b67c_amd64 as a component of Red Hat OpenShift Container Platform 4.12registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b43913c58b31de305bc67382c48e38219ec83bee7eee05f3632ddff010a2b67c_amd64

…and 56 more

Timeline

  • Mar 12, 2026 CVE Published
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
  • May 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›