Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-44717 (GCVE-0-2021-44717)
Vulnerability from cvelistv5 – Published: 2022-01-01 00:00 – Updated: 2024-08-04 04:32
VLAI
EPSS
Summary
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.
Severity
4.8 (Medium)
CWE
- n/a
Assigner
References
6 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:12.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-19T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-44717",
"datePublished": "2022-01-01T00:00:00.000Z",
"dateReserved": "2021-12-07T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:32:12.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-44717",
"date": "2026-06-14",
"epss": "0.0022",
"percentile": "0.44858"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.16.12\", \"matchCriteriaId\": \"4CF46C0F-E074-4676-A9B3-E6A22861879C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.17.0\", \"versionEndExcluding\": \"1.17.5\", \"matchCriteriaId\": \"406E61FE-D8E5-457E-93C5-8495F43DF42C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A90CB3A-9BE7-475C-9E75-6ECAD2106302\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.\"}, {\"lang\": \"es\", \"value\": \"Go versiones anteriores a 1.16.12 y versiones 1.17.x anteriores a 1.17.5 en UNIX, permite operaciones de escritura en un archivo no deseado o en una conexi\\u00f3n de red no deseada como consecuencia de un cierre err\\u00f3neo del descriptor de archivo 0 tras el agotamiento del descriptor de archivo.\\n\"}]",
"id": "CVE-2021-44717",
"lastModified": "2024-11-21T06:31:27.117",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 2.5}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:N\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2022-01-01T05:15:08.367",
"references": "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/hcmEScgc00k\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.gentoo.org/glsa/202208-02\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/hcmEScgc00k\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/202208-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-404\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-44717\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-01-01T05:15:08.367\",\"lastModified\":\"2024-11-21T06:31:27.117\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.\"},{\"lang\":\"es\",\"value\":\"Go versiones anteriores a 1.16.12 y versiones 1.17.x anteriores a 1.17.5 en UNIX, permite operaciones de escritura en un archivo no deseado o en una conexi\u00f3n de red no deseada como consecuencia de un cierre err\u00f3neo del descriptor de archivo 0 tras el agotamiento del descriptor de archivo.\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-404\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.16.12\",\"matchCriteriaId\":\"4CF46C0F-E074-4676-A9B3-E6A22861879C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.17.0\",\"versionEndExcluding\":\"1.17.5\",\"matchCriteriaId\":\"406E61FE-D8E5-457E-93C5-8495F43DF42C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A90CB3A-9BE7-475C-9E75-6ECAD2106302\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/hcmEScgc00k\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202208-02\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/hcmEScgc00k\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202208-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
OPENSUSE-SU-2021:4169-1
Vulnerability from csaf_opensuse - Published: 2021-12-23 08:52 - Updated: 2021-12-23 08:52Summary
Security update for go1.16
Severity
Moderate
Notes
Title of the patch: Security update for go1.16
Description of the patch: This update for go1.16 fixes the following issues:
Updated to upstream version 1.16.12 to include security fixes to the compiler,
syscall, runtime, the net/http, net/http/httptest, and time packages (bsc#1182345)
- CVE-2021-44717: syscall: don't close fd 0 on ForkExec error (bsc#1193598).
- CVE-2021-44716: net/http: limit growth of header canonicalization cache (bsc#1193597).
Patchnames: openSUSE-SLE-15.3-2021-4169
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.8 (Medium)
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.16",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.16 fixes the following issues:\n\nUpdated to upstream version 1.16.12 to include security fixes to the compiler,\nsyscall, runtime, the net/http, net/http/httptest, and time packages (bsc#1182345)\n\n- CVE-2021-44717: syscall: don\u0027t close fd 0 on ForkExec error (bsc#1193598).\n- CVE-2021-44716: net/http: limit growth of header canonicalization cache (bsc#1193597).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2021-4169",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_4169-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:4169-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AOMQPXAJ4U3LE4RVZJYCTCHSVMZXVS6Z/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:4169-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AOMQPXAJ4U3LE4RVZJYCTCHSVMZXVS6Z/"
},
{
"category": "self",
"summary": "SUSE Bug 1182345",
"url": "https://bugzilla.suse.com/1182345"
},
{
"category": "self",
"summary": "SUSE Bug 1193597",
"url": "https://bugzilla.suse.com/1193597"
},
{
"category": "self",
"summary": "SUSE Bug 1193598",
"url": "https://bugzilla.suse.com/1193598"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44716 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44717 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44717/"
}
],
"title": "Security update for go1.16",
"tracking": {
"current_release_date": "2021-12-23T08:52:54Z",
"generator": {
"date": "2021-12-23T08:52:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:4169-1",
"initial_release_date": "2021-12-23T08:52:54Z",
"revision_history": [
{
"date": "2021-12-23T08:52:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.12-1.37.2.aarch64",
"product": {
"name": "go1.16-1.16.12-1.37.2.aarch64",
"product_id": "go1.16-1.16.12-1.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.12-1.37.2.aarch64",
"product": {
"name": "go1.16-doc-1.16.12-1.37.2.aarch64",
"product_id": "go1.16-doc-1.16.12-1.37.2.aarch64"
}
},
{
"category": "product_version",
"name": "go1.16-race-1.16.12-1.37.2.aarch64",
"product": {
"name": "go1.16-race-1.16.12-1.37.2.aarch64",
"product_id": "go1.16-race-1.16.12-1.37.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.12-1.37.2.ppc64le",
"product": {
"name": "go1.16-1.16.12-1.37.2.ppc64le",
"product_id": "go1.16-1.16.12-1.37.2.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.12-1.37.2.ppc64le",
"product": {
"name": "go1.16-doc-1.16.12-1.37.2.ppc64le",
"product_id": "go1.16-doc-1.16.12-1.37.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.12-1.37.2.s390x",
"product": {
"name": "go1.16-1.16.12-1.37.2.s390x",
"product_id": "go1.16-1.16.12-1.37.2.s390x"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.12-1.37.2.s390x",
"product": {
"name": "go1.16-doc-1.16.12-1.37.2.s390x",
"product_id": "go1.16-doc-1.16.12-1.37.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.12-1.37.2.x86_64",
"product": {
"name": "go1.16-1.16.12-1.37.2.x86_64",
"product_id": "go1.16-1.16.12-1.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.12-1.37.2.x86_64",
"product": {
"name": "go1.16-doc-1.16.12-1.37.2.x86_64",
"product_id": "go1.16-doc-1.16.12-1.37.2.x86_64"
}
},
{
"category": "product_version",
"name": "go1.16-race-1.16.12-1.37.2.x86_64",
"product": {
"name": "go1.16-race-1.16.12-1.37.2.x86_64",
"product_id": "go1.16-race-1.16.12-1.37.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.12-1.37.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.aarch64"
},
"product_reference": "go1.16-1.16.12-1.37.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.12-1.37.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.ppc64le"
},
"product_reference": "go1.16-1.16.12-1.37.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.12-1.37.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.s390x"
},
"product_reference": "go1.16-1.16.12-1.37.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.12-1.37.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.x86_64"
},
"product_reference": "go1.16-1.16.12-1.37.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.12-1.37.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.aarch64"
},
"product_reference": "go1.16-doc-1.16.12-1.37.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.12-1.37.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.ppc64le"
},
"product_reference": "go1.16-doc-1.16.12-1.37.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.12-1.37.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.s390x"
},
"product_reference": "go1.16-doc-1.16.12-1.37.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.12-1.37.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.x86_64"
},
"product_reference": "go1.16-doc-1.16.12-1.37.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.12-1.37.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.aarch64"
},
"product_reference": "go1.16-race-1.16.12-1.37.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.12-1.37.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.x86_64"
},
"product_reference": "go1.16-race-1.16.12-1.37.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44716"
}
],
"notes": [
{
"category": "general",
"text": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44716",
"url": "https://www.suse.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "SUSE Bug 1193597 for CVE-2021-44716",
"url": "https://bugzilla.suse.com/1193597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-23T08:52:54Z",
"details": "important"
}
],
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44717"
}
],
"notes": [
{
"category": "general",
"text": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44717",
"url": "https://www.suse.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "SUSE Bug 1193598 for CVE-2021-44717",
"url": "https://bugzilla.suse.com/1193598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.ppc64le",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.s390x",
"openSUSE Leap 15.3:go1.16-doc-1.16.12-1.37.2.x86_64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.aarch64",
"openSUSE Leap 15.3:go1.16-race-1.16.12-1.37.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-23T08:52:54Z",
"details": "moderate"
}
],
"title": "CVE-2021-44717"
}
]
}
OPENSUSE-SU-2021:4186-1
Vulnerability from csaf_opensuse - Published: 2021-12-23 11:35 - Updated: 2021-12-23 11:35Summary
Security update for go1.17
Severity
Moderate
Notes
Title of the patch: Security update for go1.17
Description of the patch: This update for go1.17 fixes the following issues:
Updated to upstream version 1.17.5 to include fixes to the compiler, linker,
syscall, runtime, the net/http, go/types, and time packages (bsc#1190649)
- CVE-2021-44717: syscall: don't close fd 0 on ForkExec error (bsc#1193598).
- CVE-2021-44716: net/http: limit growth of header canonicalization cache (bsc#1193597).
Patchnames: openSUSE-SLE-15.3-2021-4186
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.8 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.17",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.17 fixes the following issues:\n\nUpdated to upstream version 1.17.5 to include fixes to the compiler, linker,\nsyscall, runtime, the net/http, go/types, and time packages (bsc#1190649)\n\n- CVE-2021-44717: syscall: don\u0027t close fd 0 on ForkExec error (bsc#1193598).\n- CVE-2021-44716: net/http: limit growth of header canonicalization cache (bsc#1193597).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2021-4186",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_4186-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:4186-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LSVRDOAVYBVEWAKYWYYNOIQSYE4FHHAJ/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:4186-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LSVRDOAVYBVEWAKYWYYNOIQSYE4FHHAJ/"
},
{
"category": "self",
"summary": "SUSE Bug 1190649",
"url": "https://bugzilla.suse.com/1190649"
},
{
"category": "self",
"summary": "SUSE Bug 1193597",
"url": "https://bugzilla.suse.com/1193597"
},
{
"category": "self",
"summary": "SUSE Bug 1193598",
"url": "https://bugzilla.suse.com/1193598"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44716 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44717 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44717/"
}
],
"title": "Security update for go1.17",
"tracking": {
"current_release_date": "2021-12-23T11:35:57Z",
"generator": {
"date": "2021-12-23T11:35:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:4186-1",
"initial_release_date": "2021-12-23T11:35:57Z",
"revision_history": [
{
"date": "2021-12-23T11:35:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.5-1.14.2.aarch64",
"product": {
"name": "go1.17-1.17.5-1.14.2.aarch64",
"product_id": "go1.17-1.17.5-1.14.2.aarch64"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.5-1.14.2.aarch64",
"product": {
"name": "go1.17-doc-1.17.5-1.14.2.aarch64",
"product_id": "go1.17-doc-1.17.5-1.14.2.aarch64"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.5-1.14.2.aarch64",
"product": {
"name": "go1.17-race-1.17.5-1.14.2.aarch64",
"product_id": "go1.17-race-1.17.5-1.14.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.5-1.14.2.i586",
"product": {
"name": "go1.17-1.17.5-1.14.2.i586",
"product_id": "go1.17-1.17.5-1.14.2.i586"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.5-1.14.2.i586",
"product": {
"name": "go1.17-doc-1.17.5-1.14.2.i586",
"product_id": "go1.17-doc-1.17.5-1.14.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.5-1.14.2.ppc64le",
"product": {
"name": "go1.17-1.17.5-1.14.2.ppc64le",
"product_id": "go1.17-1.17.5-1.14.2.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.5-1.14.2.ppc64le",
"product": {
"name": "go1.17-doc-1.17.5-1.14.2.ppc64le",
"product_id": "go1.17-doc-1.17.5-1.14.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.5-1.14.2.s390x",
"product": {
"name": "go1.17-1.17.5-1.14.2.s390x",
"product_id": "go1.17-1.17.5-1.14.2.s390x"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.5-1.14.2.s390x",
"product": {
"name": "go1.17-doc-1.17.5-1.14.2.s390x",
"product_id": "go1.17-doc-1.17.5-1.14.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.5-1.14.2.x86_64",
"product": {
"name": "go1.17-1.17.5-1.14.2.x86_64",
"product_id": "go1.17-1.17.5-1.14.2.x86_64"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.5-1.14.2.x86_64",
"product": {
"name": "go1.17-doc-1.17.5-1.14.2.x86_64",
"product_id": "go1.17-doc-1.17.5-1.14.2.x86_64"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.5-1.14.2.x86_64",
"product": {
"name": "go1.17-race-1.17.5-1.14.2.x86_64",
"product_id": "go1.17-race-1.17.5-1.14.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.5-1.14.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.aarch64"
},
"product_reference": "go1.17-1.17.5-1.14.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.5-1.14.2.i586 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.i586"
},
"product_reference": "go1.17-1.17.5-1.14.2.i586",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.5-1.14.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.ppc64le"
},
"product_reference": "go1.17-1.17.5-1.14.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.5-1.14.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.s390x"
},
"product_reference": "go1.17-1.17.5-1.14.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.5-1.14.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.x86_64"
},
"product_reference": "go1.17-1.17.5-1.14.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.5-1.14.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.aarch64"
},
"product_reference": "go1.17-doc-1.17.5-1.14.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.5-1.14.2.i586 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.i586"
},
"product_reference": "go1.17-doc-1.17.5-1.14.2.i586",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.5-1.14.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.ppc64le"
},
"product_reference": "go1.17-doc-1.17.5-1.14.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.5-1.14.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.s390x"
},
"product_reference": "go1.17-doc-1.17.5-1.14.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.5-1.14.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.x86_64"
},
"product_reference": "go1.17-doc-1.17.5-1.14.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.5-1.14.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.aarch64"
},
"product_reference": "go1.17-race-1.17.5-1.14.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.5-1.14.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.x86_64"
},
"product_reference": "go1.17-race-1.17.5-1.14.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44716"
}
],
"notes": [
{
"category": "general",
"text": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44716",
"url": "https://www.suse.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "SUSE Bug 1193597 for CVE-2021-44716",
"url": "https://bugzilla.suse.com/1193597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-23T11:35:57Z",
"details": "important"
}
],
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44717"
}
],
"notes": [
{
"category": "general",
"text": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44717",
"url": "https://www.suse.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "SUSE Bug 1193598 for CVE-2021-44717",
"url": "https://bugzilla.suse.com/1193598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.5-1.14.2.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.5-1.14.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-23T11:35:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-44717"
}
]
}
OPENSUSE-SU-2023:0018-1
Vulnerability from csaf_opensuse - Published: 2023-01-15 17:01 - Updated: 2023-01-15 17:01Summary
Security update for apptainer
Severity
Moderate
Notes
Title of the patch: Security update for apptainer
Description of the patch: This update for apptainer fixes the following issues:
Updated to 1.1.2 which fixed CVE-2022-39237
* CVE-2022-39237: The sif dependency included in Apptainer before this
release does not verify that the hash algorithm(s) used are
cryptographically secure when verifying digital signatures. This release
updates to sif v2.8.1 which corrects this issue. See the linked advisory
for references and a workaround.
Updated to version 1.1.0
* added squashfuse-0.1.105.tar.gz and 70.patch for the build of squashfuse_ll
which will be removed as soon as the multithread patch is incoperated
* Change squash mounts to prefer to use squashfuse_ll instead of squashfuse,
if available, for improved performance. squashfuse_ll is not available
in factory.
* Also, for even better parallel performance, include a patched
multithreaded version of squashfuse_ll in
* Imply adding ${prefix}/libexec/apptainer/bin to the binary path in
apptainer.conf, which is used for searching for helper executables. It is
implied as the first directory of $PATH if present (which is at the
beginning of binary path by default) or just as the first directory if
$PATH is not included in binary path.
${prefix}/libexec/apptainer/bin.
* Add --unsquash action flag to temporarily convert a SIF file to a sandbox
before running. In previous versions this was the default when running a
SIF file without setuid or with fakeroot, but now the default is to instead
mount with squashfuse.
* Add --sparse flag to overlay create command to allow generation of a sparse
ext3 overlay image.
* Support for a custom hashbang in the %test section of an Apptainer recipe
(akin to the runscript and start sections).
* When using fakeroot in setuid mode, have the image drivers first enter the
the container's user namespace to avoid write errors with overlays.
* Skip trying to use kernel overlayfs when using writable overlay and the
lower layer is FUSE, because of a kernel bug introduced in kernel 5.15.
* Add additional hidden options to the action command for testing different
fakeroot modes with --fakeroot: --ignore-subuid, --ignore-fakeroot-command,
and --ignore-userns.
- Updated to version 1.1.0-rc2 with following changes:
* Fixed longstanding bug in the underlay logic when there are nested bind
points separated by more than one path level, for example /var and
/var/lib/yum, and the path didn't exist in the container image. The bug
only caused an error when there was a directory in the container image that
didn't exist on the host.
* Improved wildcard matching in the %files directive of build definition
files by replacing usage of sh with the mvdan.cc library.
* Replaced checks for compatible filesystem types when using fuse-overlayfs
with an INFO message when an incompatible filesystem type causes it to be
unwritable by a fakeroot user.
* The --nvccli option now works without --fakeroot. In that case the option
can be used with --writable-tmpfs instead of --writable, and
--writable-tmpfs is implied if neither option is given. Note that also
/usr/bin has to be writable by the user, so without --fakeroot that
probably requires a sandbox image that was built with --fix-perms.
* The --nvccli option implies --nv.
* Configure squashfuse to always show files to be owned by the current user.
That's especially important for fakeroot to prevent most of the files from
looking like they are owned by user 65534.
* The fakeroot command can now be used even if $PATH is empty in the
environment of the apptainer command.
* Allow the newuidmap command to be missing if the current user is not listed
in /etc/subuid.
* Require the uidmap package in Debian packaging.
* Improved error handling of unsupported pass protected PEM files with
encrypted containers.
* Ensure bootstrap_history directory is populated with previous definition
files, present in source containers used in a build.
* Add additional options to the build command for testing different fakeroot
modes: --userns like the action flag and hidden options --ignore-subuid,
--ignore-fakeroot-command, and --ignore-userns.
* Require root user early when building an encrypted container.
- removed upstream incorated patch fix-32bit-compilation.patch
- Updated to version 1.1.0-rc1 which enables apptainer to run without
suid and additional groups. Although this is a prerelease this is
a major advantage justifying its use.
* Added a squashfuse image driver that enables mounting SIF files without
using setuid-root. Requires the squashfuse command and unprivileged user
namespaces.
* Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF
overlay partitions without using setuid-root. Requires the fuse2fs command
and unprivileged user namespaces.
* Added the ability to use persistent overlay (--overlay) and
--writable-tmpfs without using setuid-root. This requires unprivileged user
namespaces and either a new enough kernel (>= 5.11) or the fuse-overlayfs
command. Persistent overlay works when the overlay path points to a regular
filesystem (known as 'sandbox' mode, which is not allowed when in setuid
mode), or when it points to an EXT3 image. Does not work with a SIF
partition because that requires privileges to mount as an ext3 image.
* Extended the --fakeroot option to be useful when /etc/subuid and
/etc/subgid mappings have not been set up. If they have not been set up, a
root-mapped unprivileged user namespace (the equivalent of unshare -r)
and/or the fakeroot command from the host will be tried. Together they
emulate the mappings pretty well but they are simpler to administer. This
feature is especially useful with the --overlay and --writable-tmpfs
options and for building containers unprivileged, because they allow
installing packages that assume they're running as root. A limitation on
using it with --overlay and --writable-tmpfs however is that when only the
fakeroot command can be used (because there are no user namespaces
available, in suid mode) then the base image has to be a sandbox. This
feature works nested inside of an apptainer container, where another
apptainer command will also be in the fakeroot environment without
requesting the --fakeroot option again, or it can be used inside an
apptainer container that was not started with --fakeroot. However, the
fakeroot command uses LD_PRELOAD and so needs to be bound into the
container which requires a compatible libc. For that reason it doesn't work
when the host and container operating systems are of very different
vintages. If that's a problem and you want to use only an unprivileged
root-mapped namespace even when the fakeroot command is installed, just run
apptainer with unshare -r.
* Made the --fakeroot option be implied when an unprivileged user builds a
container from a definition file. When /etc/subuid and /etc/subgid mappings
are not available, all scriptlets are run in a root-mapped unprivileged
namespace (when possible) and the %post scriptlet is additionally run with
the fakeroot command. When unprivileged user namespaces are not available,
such that only the fakeroot command can be used, the --fix-perms option is
implied to allow writing into directories.
* Added a --fakeroot option to the apptainer overlay create command to make
an overlay EXT3 image file that works with the fakeroot that comes from
unprivileged root-mapped namespaces. This is not needed with the fakeroot
that comes with /etc/sub[ug]id mappings nor with the fakeroot that comes
with only the fakeroot command in suid flow.
* $HOME is now used to find the user's configuration and cache by default. If
that is not set it will fall back to the previous behavior of looking up
the home directory in the password file. The value of $HOME inside the
container still defaults to the home directory in the password file and can
still be overridden by the --home option.
* When starting a container, if the user has specified the cwd by using the
--pwd flag, if there is a problem an error is returned instead of
defaulting to a different directory.
* Nesting of bind mounts now works even when a --bind option specified a
different source and destination with a colon between them. Now the
APPTAINER_BIND environment variable makes sure the bind source is from the
bind destination so it will be succesfully re-bound into a nested apptainer
container.
* The warning about more than 50 bind mounts required for an underlay bind
has been changed to an info message.
* oci mount sets Process.Terminal: true when creating an OCI config.json, so
that oci run provides expected interactive behavior by default.
The default hostname for oci mount containers is now apptainer instead of mrsdalloway.
* systemd is now supported and used as the default cgroups manager. Set
systemd cgroups = no in apptainer.conf to manage cgroups directly via the
cgroupfs.
* Added a new action flag --no-eval which:
+ Prevents shell evaluation of APPTAINERENV_ / --env / --env-file
environment variables as they are injected in the container, to match
OCI behavior. Applies to all containers.
+ Prevents shell evaluation of the values of CMD / ENTRYPOINT and command
line arguments for containers run or built directly from an OCI/Docker
source. Applies to newly built containers only, use apptainer inspect
to check version that container was built with.
* Added --no-eval to the list of flags set by the OCI/Docker --compat mode.
* sinit process has been renamed to appinit.
* Added --keysdir to key command to provide an alternative way of setting
local keyring path. The existing reading of the keyring path from
environment variable 'APPTAINER_KEYSDIR' is untouched.
* apptainer key push will output the key server's response if included in
order to help guide users through any identity verification the server may
require.
* ECL no longer requires verification for all signatures, but only when
signature verification would alter the expected behavior of the list:
+ At least one matching signature included in a whitelist must be
validated, but other unvalidated signatures do not cause ECL to fail.
+ All matching signatures included in a whitestrict must be validated,
but unvalidated signatures not in the whitestrict do not cause ECL to
fail.
+ Signature verification is not checked for a blacklist; unvalidated
signatures can still block execution via ECL, and unvalidated
signatures not in the blacklist do not cause ECL to fail.
- New features / functionalities
* Non-root users can now use --apply-cgroups with run/shell/exec to limit
container resource usage on a system using cgroups v2 and the systemd
cgroups manager.
* Native cgroups v2 resource limits can be specified using the [unified] key
in a cgroups toml file applied via --apply-cgroups.
* Added --cpu*, --blkio*, --memory*, --pids-limit flags to apply cgroups
resource limits to a container directly.
Added instance stats command.
* The --no-mount flag & APPTAINER_NO_MOUNT env var can now be used to disable
a bind path entry from apptainer.conf by specifying the absolute path to
the destination of the bind.
* Apptainer now supports the riscv64 architecture.
* remote add --insecure may now be used to configure endpoints that are only
accessible via http. Alternatively the environment variable
APPTAINER_ADD_INSECURE can be set to true to allow http remotes to be added
wihtout the --insecure flag. Specifying https in the remote URI overrules
both --insecure and APPTAINER_ADD_INSECURE.
* Gpu flags --nv and --rocm can now be used from an apptainer nested inside
another apptainer container.
* Added --public, --secret, and --both flags to the key remove command to
support removing secret keys from the apptainer keyring.
* Debug output can now be enabled by setting the APPTAINER_DEBUG env var.
* Debug output is now shown for nested apptainer calls, in wrapped unsquashfs
image extraction, and build stages.
- Bug fixes
* Remove warning message about SINGULARITY and APPTAINER variables having
different values when the SINGULARITY variable is not set.
* Add specific error for unreadable image / overlay file.
* Pass through a literal \n in host environment variables to the container.
* Fix loop device creation with loop-control when running inside docker containers.
* Fix the issue that the oras protocol would ignore the --no-https/--nohttps flag.
- File changes
* Removed useful_error_message.patch as not needed any more
* Added fix-32bit-compilation.patch from upstream
- Update to version 1.0.3:
* Process redirects that can come from sregistry with a library:// URL.
* Fix inspect --deffile and inspect --all to correctly show definition files
in sandbox container images instead of empty output. This has a side effect
of also fixing the storing of definition files in the metadata of sif files
built by Apptainer, because that metadata is constructed by doing inspect
--all.
- Update to version 1.0.2:
+ Fixed `FATAL` error thrown by user configuration migration code
that caused users with inaccessible home directories to be
unable to use `apptainer` commands.
+ Do not truncate environment variables with commas.
+ Use HEAD request when checking digest of remote OCI image
sources, with GET as a fall-back. Greatly reduces Apptainer's
impact on Docker Hub API limits.
- Updated to v1.0.1 with following bug fixes
* Don't prompt for y/n to overwrite an existing file when build is called
from a non-interactive environment. Fail with an error.
* Preload NSS libraries prior to mountspace name creation to avoid
circumstances that can cause loading those libraries from the container
image instead of the host, for example in the startup environment.
* Fix race condition where newly created loop devices can sometimes not be opened.
* Support nvidia-container-cli v1.8.0 and above, via fix to capability set.
- Updated to v1.0.0-rc1 changes to singularity 3.9.5 are
* The primary executable has been changed from singularity to apptainer.
However, a singularity command symlink alias has been created pointing to
the apptainer command. The contents of containers are unchanged and
continue to use the singularity name for startup scripts, etc.
* The per-user configuration directory has changed from ~/.singularity to
~/.apptainer. The first time the apptainer command accesses the user
configuration directory, relevant configuration is automatically imported
from the old directory to the new one.
* Environment variables have all been changed to have an APPTAINER prefix
instead of a SINGULARITY prefix. However, SINGULARITY prefix variables are
still recognized. If only a SINGULARITY prefix variable exists, a warning
will be printed about deprecated usage and then the value will be used. If
both prefixes exist and the value is the same, no warning is printed; this
is the recommended method to set environment variables for those who need
to support both apptainer and singularity. If both prefixes exist for the
same variable and the value is different then a warning is also printed.
* The default SylabsCloud remote endpoint has been removed and replaced by
one called DefaultRemote which has no defined server for the library://
URI. System administrators may restore the old default if they wish by
adding it to /etc/apptainer/remote.yaml with a URI of cloud.sylabs.io and
setting it there as the Active remote, or users can add it to their own
configuration with the commands apptainer remote add SylabsCloud
cloud.sylabs.io and apptainer remote use SylabsCloud.
* The DefaultRemote's key server is https://keys.openpgp.org instead of the
Sylabs key server
* The apptainer build --remote option has been removed because there is no
standard protocol or non-commercial service that supports it.
- New Features:
* Honor image binds and user binds in the order they're given instead of
always doing image binds first.
* Experimental support for checkpointing of instances using DMTCP has been
added. Additional flags --dmtcp-launch and --dmtcp-restart has been added
to the apptainer instance start command, and a checkpoint command group has
been added to manage the checkpoint state. A new
/etc/apptainer/dmtcp-conf.yaml configuration file is also added.
Limitations are that it can only work with dynamically linked applications
and the container has to be based on glibc.
* --writable-tmpfs can be used with apptainer build to run the %test section
of the build with a ephemeral tmpfs overlay, permitting tests that write to
the container filesystem.
* The --compat flag for actions is a new short-hand to enable a number of
options that increase OCI/Docker compatibility. Infers --containall,
--no-init, --no-umask, --writable-tmpfs. Does not use user, uts, or network
namespaces as these may not be supported on many installations.
* The experimental --nvccli flag will use nvidia-container-cli to setup the
container for Nvidia GPU operation. Apptainer will not bind GPU libraries
itself. Environment variables that are used with Nvidia's docker-nvidia
runtime to configure GPU visibility / driver capabilities & requirements
are parsed by the --nvccli flag from the environment of the calling user.
By default, the compute and utility GPU capabilities are configured. The
use nvidia-container-cli option in apptainer.conf can be set to yes to
always use nvidia-container-cli when supported. --nvccli is not supported
in the setuid workflow, and it requires being used in combination with
--writable in user namespace mode. Please see documentation for more
details.
* The --apply-cgroups flag can be used to apply cgroups resource and device
restrictions on a system using the v2 unified cgroups hierarchy. The
resource restrictions must still be specified in the v1 / OCI format, which
will be translated into v2 cgroups resource restrictions, and eBPF device
restrictions.
* A new --mount flag and APPTAINER_MOUNT environment variable can be used to
specify bind mounts in
type=bind,source=<src>,destination=<dst>[,options...] format. This improves
CLI compatibility with other runtimes, and allows binding paths containing
: and , characters (using CSV style escaping).
* Perform concurrent multi-part downloads for library:// URIs. Uses 3
concurrent downloads by default, and is configurable in apptainer.conf or
via environment variables.
- Explicit dependcy on go1.16.12 or go1.17.5 which fix
(CVE-2021-44717) and (CVE-2021-44716) that may affect singualrity
- inital commit of apptainer which is a singularity fork
Patchnames: openSUSE-2023-18
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apptainer",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apptainer fixes the following issues:\n\nUpdated to 1.1.2 which fixed CVE-2022-39237\n\n * CVE-2022-39237: The sif dependency included in Apptainer before this\n release does not verify that the hash algorithm(s) used are\n cryptographically secure when verifying digital signatures. This release\n updates to sif v2.8.1 which corrects this issue. See the linked advisory\n for references and a workaround.\n\nUpdated to version 1.1.0\n\n * added squashfuse-0.1.105.tar.gz and 70.patch for the build of squashfuse_ll\n which will be removed as soon as the multithread patch is incoperated\n * Change squash mounts to prefer to use squashfuse_ll instead of squashfuse,\n if available, for improved performance. squashfuse_ll is not available\n in factory.\n * Also, for even better parallel performance, include a patched\n multithreaded version of squashfuse_ll in\n * Imply adding ${prefix}/libexec/apptainer/bin to the binary path in\n apptainer.conf, which is used for searching for helper executables. It is\n implied as the first directory of $PATH if present (which is at the\n beginning of binary path by default) or just as the first directory if\n $PATH is not included in binary path.\n ${prefix}/libexec/apptainer/bin.\n * Add --unsquash action flag to temporarily convert a SIF file to a sandbox\n before running. In previous versions this was the default when running a\n SIF file without setuid or with fakeroot, but now the default is to instead\n mount with squashfuse.\n * Add --sparse flag to overlay create command to allow generation of a sparse\n ext3 overlay image.\n * Support for a custom hashbang in the %test section of an Apptainer recipe\n (akin to the runscript and start sections).\n * When using fakeroot in setuid mode, have the image drivers first enter the\n the container\u0027s user namespace to avoid write errors with overlays.\n * Skip trying to use kernel overlayfs when using writable overlay and the\n lower layer is FUSE, because of a kernel bug introduced in kernel 5.15.\n * Add additional hidden options to the action command for testing different\n fakeroot modes with --fakeroot: --ignore-subuid, --ignore-fakeroot-command,\n and --ignore-userns.\n\n- Updated to version 1.1.0-rc2 with following changes:\n\n * Fixed longstanding bug in the underlay logic when there are nested bind\n points separated by more than one path level, for example /var and\n /var/lib/yum, and the path didn\u0027t exist in the container image. The bug\n only caused an error when there was a directory in the container image that\n didn\u0027t exist on the host.\n * Improved wildcard matching in the %files directive of build definition\n files by replacing usage of sh with the mvdan.cc library.\n * Replaced checks for compatible filesystem types when using fuse-overlayfs\n with an INFO message when an incompatible filesystem type causes it to be\n unwritable by a fakeroot user.\n * The --nvccli option now works without --fakeroot. In that case the option\n can be used with --writable-tmpfs instead of --writable, and\n --writable-tmpfs is implied if neither option is given. Note that also\n /usr/bin has to be writable by the user, so without --fakeroot that\n probably requires a sandbox image that was built with --fix-perms.\n * The --nvccli option implies --nv.\n * Configure squashfuse to always show files to be owned by the current user.\n That\u0027s especially important for fakeroot to prevent most of the files from\n looking like they are owned by user 65534.\n * The fakeroot command can now be used even if $PATH is empty in the\n environment of the apptainer command.\n * Allow the newuidmap command to be missing if the current user is not listed\n in /etc/subuid.\n * Require the uidmap package in Debian packaging.\n * Improved error handling of unsupported pass protected PEM files with\n encrypted containers.\n * Ensure bootstrap_history directory is populated with previous definition\n files, present in source containers used in a build.\n * Add additional options to the build command for testing different fakeroot\n modes: --userns like the action flag and hidden options --ignore-subuid,\n --ignore-fakeroot-command, and --ignore-userns.\n * Require root user early when building an encrypted container.\n- removed upstream incorated patch fix-32bit-compilation.patch\n\n- Updated to version 1.1.0-rc1 which enables apptainer to run without\n suid and additional groups. Although this is a prerelease this is \n a major advantage justifying its use.\n * Added a squashfuse image driver that enables mounting SIF files without\n using setuid-root. Requires the squashfuse command and unprivileged user\n namespaces.\n * Added a fuse2fs image driver that enables mounting EXT3 files and EXT3 SIF\n overlay partitions without using setuid-root. Requires the fuse2fs command\n and unprivileged user namespaces.\n * Added the ability to use persistent overlay (--overlay) and\n --writable-tmpfs without using setuid-root. This requires unprivileged user\n namespaces and either a new enough kernel (\u003e= 5.11) or the fuse-overlayfs\n command. Persistent overlay works when the overlay path points to a regular\n filesystem (known as \u0027sandbox\u0027 mode, which is not allowed when in setuid\n mode), or when it points to an EXT3 image. Does not work with a SIF\n partition because that requires privileges to mount as an ext3 image.\n * Extended the --fakeroot option to be useful when /etc/subuid and\n /etc/subgid mappings have not been set up. If they have not been set up, a\n root-mapped unprivileged user namespace (the equivalent of unshare -r)\n and/or the fakeroot command from the host will be tried. Together they\n emulate the mappings pretty well but they are simpler to administer. This\n feature is especially useful with the --overlay and --writable-tmpfs\n options and for building containers unprivileged, because they allow\n installing packages that assume they\u0027re running as root. A limitation on\n using it with --overlay and --writable-tmpfs however is that when only the\n fakeroot command can be used (because there are no user namespaces\n available, in suid mode) then the base image has to be a sandbox. This\n feature works nested inside of an apptainer container, where another\n apptainer command will also be in the fakeroot environment without\n requesting the --fakeroot option again, or it can be used inside an\n apptainer container that was not started with --fakeroot. However, the\n fakeroot command uses LD_PRELOAD and so needs to be bound into the\n container which requires a compatible libc. For that reason it doesn\u0027t work\n when the host and container operating systems are of very different\n vintages. If that\u0027s a problem and you want to use only an unprivileged\n root-mapped namespace even when the fakeroot command is installed, just run\n apptainer with unshare -r.\n * Made the --fakeroot option be implied when an unprivileged user builds a\n container from a definition file. When /etc/subuid and /etc/subgid mappings\n are not available, all scriptlets are run in a root-mapped unprivileged\n namespace (when possible) and the %post scriptlet is additionally run with\n the fakeroot command. When unprivileged user namespaces are not available,\n such that only the fakeroot command can be used, the --fix-perms option is\n implied to allow writing into directories.\n * Added a --fakeroot option to the apptainer overlay create command to make\n an overlay EXT3 image file that works with the fakeroot that comes from\n unprivileged root-mapped namespaces. This is not needed with the fakeroot\n that comes with /etc/sub[ug]id mappings nor with the fakeroot that comes\n with only the fakeroot command in suid flow.\n * $HOME is now used to find the user\u0027s configuration and cache by default. If\n that is not set it will fall back to the previous behavior of looking up\n the home directory in the password file. The value of $HOME inside the\n container still defaults to the home directory in the password file and can\n still be overridden by the --home option.\n * When starting a container, if the user has specified the cwd by using the\n --pwd flag, if there is a problem an error is returned instead of\n defaulting to a different directory.\n * Nesting of bind mounts now works even when a --bind option specified a\n different source and destination with a colon between them. Now the\n APPTAINER_BIND environment variable makes sure the bind source is from the\n bind destination so it will be succesfully re-bound into a nested apptainer\n container.\n * The warning about more than 50 bind mounts required for an underlay bind\n has been changed to an info message.\n * oci mount sets Process.Terminal: true when creating an OCI config.json, so\n that oci run provides expected interactive behavior by default.\n The default hostname for oci mount containers is now apptainer instead of mrsdalloway.\n * systemd is now supported and used as the default cgroups manager. Set\n systemd cgroups = no in apptainer.conf to manage cgroups directly via the\n cgroupfs.\n * Added a new action flag --no-eval which:\n + Prevents shell evaluation of APPTAINERENV_ / --env / --env-file\n environment variables as they are injected in the container, to match\n OCI behavior. Applies to all containers. \n + Prevents shell evaluation of the values of CMD / ENTRYPOINT and command\n line arguments for containers run or built directly from an OCI/Docker\n source. Applies to newly built containers only, use apptainer inspect\n to check version that container was built with.\n * Added --no-eval to the list of flags set by the OCI/Docker --compat mode.\n * sinit process has been renamed to appinit.\n * Added --keysdir to key command to provide an alternative way of setting\n local keyring path. The existing reading of the keyring path from\n environment variable \u0027APPTAINER_KEYSDIR\u0027 is untouched.\n * apptainer key push will output the key server\u0027s response if included in\n order to help guide users through any identity verification the server may\n require.\n * ECL no longer requires verification for all signatures, but only when\n signature verification would alter the expected behavior of the list:\n + At least one matching signature included in a whitelist must be\n validated, but other unvalidated signatures do not cause ECL to fail.\n + All matching signatures included in a whitestrict must be validated,\n but unvalidated signatures not in the whitestrict do not cause ECL to\n fail.\n + Signature verification is not checked for a blacklist; unvalidated\n signatures can still block execution via ECL, and unvalidated\n signatures not in the blacklist do not cause ECL to fail.\n- New features / functionalities\n * Non-root users can now use --apply-cgroups with run/shell/exec to limit\n container resource usage on a system using cgroups v2 and the systemd\n cgroups manager.\n * Native cgroups v2 resource limits can be specified using the [unified] key\n in a cgroups toml file applied via --apply-cgroups.\n * Added --cpu*, --blkio*, --memory*, --pids-limit flags to apply cgroups\n resource limits to a container directly.\n Added instance stats command.\n * The --no-mount flag \u0026 APPTAINER_NO_MOUNT env var can now be used to disable\n a bind path entry from apptainer.conf by specifying the absolute path to\n the destination of the bind.\n * Apptainer now supports the riscv64 architecture.\n * remote add --insecure may now be used to configure endpoints that are only\n accessible via http. Alternatively the environment variable\n APPTAINER_ADD_INSECURE can be set to true to allow http remotes to be added\n wihtout the --insecure flag. Specifying https in the remote URI overrules\n both --insecure and APPTAINER_ADD_INSECURE.\n * Gpu flags --nv and --rocm can now be used from an apptainer nested inside\n another apptainer container.\n * Added --public, --secret, and --both flags to the key remove command to\n support removing secret keys from the apptainer keyring.\n * Debug output can now be enabled by setting the APPTAINER_DEBUG env var.\n * Debug output is now shown for nested apptainer calls, in wrapped unsquashfs\n image extraction, and build stages.\n- Bug fixes\n * Remove warning message about SINGULARITY and APPTAINER variables having\n different values when the SINGULARITY variable is not set.\n * Add specific error for unreadable image / overlay file.\n * Pass through a literal \\n in host environment variables to the container.\n * Fix loop device creation with loop-control when running inside docker containers.\n * Fix the issue that the oras protocol would ignore the --no-https/--nohttps flag.\n- File changes\n * Removed useful_error_message.patch as not needed any more\n * Added fix-32bit-compilation.patch from upstream\n\n- Update to version 1.0.3:\n * Process redirects that can come from sregistry with a library:// URL.\n * Fix inspect --deffile and inspect --all to correctly show definition files\n in sandbox container images instead of empty output. This has a side effect\n of also fixing the storing of definition files in the metadata of sif files\n built by Apptainer, because that metadata is constructed by doing inspect\n --all.\n\n- Update to version 1.0.2:\n + Fixed `FATAL` error thrown by user configuration migration code\n that caused users with inaccessible home directories to be\n unable to use `apptainer` commands.\n + Do not truncate environment variables with commas.\n + Use HEAD request when checking digest of remote OCI image\n sources, with GET as a fall-back. Greatly reduces Apptainer\u0027s\n impact on Docker Hub API limits.\n\n- Updated to v1.0.1 with following bug fixes\n * Don\u0027t prompt for y/n to overwrite an existing file when build is called\n from a non-interactive environment. Fail with an error.\n * Preload NSS libraries prior to mountspace name creation to avoid\n circumstances that can cause loading those libraries from the container\n image instead of the host, for example in the startup environment.\n * Fix race condition where newly created loop devices can sometimes not be opened.\n * Support nvidia-container-cli v1.8.0 and above, via fix to capability set.\n\n- Updated to v1.0.0-rc1 changes to singularity 3.9.5 are\n * The primary executable has been changed from singularity to apptainer.\n However, a singularity command symlink alias has been created pointing to\n the apptainer command. The contents of containers are unchanged and\n continue to use the singularity name for startup scripts, etc. \n * The per-user configuration directory has changed from ~/.singularity to\n ~/.apptainer. The first time the apptainer command accesses the user\n configuration directory, relevant configuration is automatically imported\n from the old directory to the new one.\n * Environment variables have all been changed to have an APPTAINER prefix\n instead of a SINGULARITY prefix. However, SINGULARITY prefix variables are\n still recognized. If only a SINGULARITY prefix variable exists, a warning\n will be printed about deprecated usage and then the value will be used. If\n both prefixes exist and the value is the same, no warning is printed; this\n is the recommended method to set environment variables for those who need\n to support both apptainer and singularity. If both prefixes exist for the\n same variable and the value is different then a warning is also printed.\n * The default SylabsCloud remote endpoint has been removed and replaced by\n one called DefaultRemote which has no defined server for the library://\n URI. System administrators may restore the old default if they wish by\n adding it to /etc/apptainer/remote.yaml with a URI of cloud.sylabs.io and\n setting it there as the Active remote, or users can add it to their own\n configuration with the commands apptainer remote add SylabsCloud\n cloud.sylabs.io and apptainer remote use SylabsCloud.\n * The DefaultRemote\u0027s key server is https://keys.openpgp.org instead of the\n Sylabs key server\n * The apptainer build --remote option has been removed because there is no\n standard protocol or non-commercial service that supports it.\n- New Features:\n * Honor image binds and user binds in the order they\u0027re given instead of\n always doing image binds first.\n * Experimental support for checkpointing of instances using DMTCP has been\n added. Additional flags --dmtcp-launch and --dmtcp-restart has been added\n to the apptainer instance start command, and a checkpoint command group has\n been added to manage the checkpoint state. A new\n /etc/apptainer/dmtcp-conf.yaml configuration file is also added.\n Limitations are that it can only work with dynamically linked applications\n and the container has to be based on glibc.\n * --writable-tmpfs can be used with apptainer build to run the %test section\n of the build with a ephemeral tmpfs overlay, permitting tests that write to\n the container filesystem.\n * The --compat flag for actions is a new short-hand to enable a number of\n options that increase OCI/Docker compatibility. Infers --containall,\n --no-init, --no-umask, --writable-tmpfs. Does not use user, uts, or network\n namespaces as these may not be supported on many installations.\n * The experimental --nvccli flag will use nvidia-container-cli to setup the\n container for Nvidia GPU operation. Apptainer will not bind GPU libraries\n itself. Environment variables that are used with Nvidia\u0027s docker-nvidia\n runtime to configure GPU visibility / driver capabilities \u0026 requirements\n are parsed by the --nvccli flag from the environment of the calling user.\n By default, the compute and utility GPU capabilities are configured. The\n use nvidia-container-cli option in apptainer.conf can be set to yes to\n always use nvidia-container-cli when supported. --nvccli is not supported\n in the setuid workflow, and it requires being used in combination with\n --writable in user namespace mode. Please see documentation for more\n details.\n * The --apply-cgroups flag can be used to apply cgroups resource and device\n restrictions on a system using the v2 unified cgroups hierarchy. The\n resource restrictions must still be specified in the v1 / OCI format, which\n will be translated into v2 cgroups resource restrictions, and eBPF device\n restrictions. \n * A new --mount flag and APPTAINER_MOUNT environment variable can be used to\n specify bind mounts in\n type=bind,source=\u003csrc\u003e,destination=\u003cdst\u003e[,options...] format. This improves\n CLI compatibility with other runtimes, and allows binding paths containing\n : and , characters (using CSV style escaping).\n * Perform concurrent multi-part downloads for library:// URIs. Uses 3\n concurrent downloads by default, and is configurable in apptainer.conf or\n via environment variables.\n\n- Explicit dependcy on go1.16.12 or go1.17.5 which fix \n (CVE-2021-44717) and (CVE-2021-44716) that may affect singualrity\n\n- inital commit of apptainer which is a singularity fork ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2023-18",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0018-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2023:0018-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6WS5CSKKNIOV4MCZX36E2OGOEC5EKPNG/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2023:0018-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6WS5CSKKNIOV4MCZX36E2OGOEC5EKPNG/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44716 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44717 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39237 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39237/"
}
],
"title": "Security update for apptainer",
"tracking": {
"current_release_date": "2023-01-15T17:01:16Z",
"generator": {
"date": "2023-01-15T17:01:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2023:0018-1",
"initial_release_date": "2023-01-15T17:01:16Z",
"revision_history": [
{
"date": "2023-01-15T17:01:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.1.2-lp154.2.1.aarch64",
"product": {
"name": "apptainer-1.1.2-lp154.2.1.aarch64",
"product_id": "apptainer-1.1.2-lp154.2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.1.2-lp154.2.1.i586",
"product": {
"name": "apptainer-1.1.2-lp154.2.1.i586",
"product_id": "apptainer-1.1.2-lp154.2.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.1.2-lp154.2.1.s390x",
"product": {
"name": "apptainer-1.1.2-lp154.2.1.s390x",
"product_id": "apptainer-1.1.2-lp154.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.1.2-lp154.2.1.x86_64",
"product": {
"name": "apptainer-1.1.2-lp154.2.1.x86_64",
"product_id": "apptainer-1.1.2-lp154.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.1.2-lp154.2.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64"
},
"product_reference": "apptainer-1.1.2-lp154.2.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.1.2-lp154.2.1.i586 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586"
},
"product_reference": "apptainer-1.1.2-lp154.2.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.1.2-lp154.2.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x"
},
"product_reference": "apptainer-1.1.2-lp154.2.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.1.2-lp154.2.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
},
"product_reference": "apptainer-1.1.2-lp154.2.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44716"
}
],
"notes": [
{
"category": "general",
"text": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44716",
"url": "https://www.suse.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "SUSE Bug 1193597 for CVE-2021-44716",
"url": "https://bugzilla.suse.com/1193597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-15T17:01:16Z",
"details": "important"
}
],
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44717"
}
],
"notes": [
{
"category": "general",
"text": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44717",
"url": "https://www.suse.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "SUSE Bug 1193598 for CVE-2021-44717",
"url": "https://bugzilla.suse.com/1193598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-15T17:01:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-44717"
},
{
"cve": "CVE-2022-39237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39237"
}
],
"notes": [
{
"category": "general",
"text": "syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions prior to 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. A patch is available in version \u003e= v2.8.1 of the module. Users are encouraged to upgrade. Users unable to upgrade may independently validate that the hash algorithm(s) used for metadata digest(s) and signature hash are cryptographically secure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39237",
"url": "https://www.suse.com/security/cve/CVE-2022-39237"
},
{
"category": "external",
"summary": "SUSE Bug 1209493 for CVE-2022-39237",
"url": "https://bugzilla.suse.com/1209493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.aarch64",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.i586",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.s390x",
"openSUSE Leap 15.4:apptainer-1.1.2-lp154.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-15T17:01:16Z",
"details": "important"
}
],
"title": "CVE-2022-39237"
}
]
}
OPENSUSE-SU-2024:11671-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
go1.16-1.16.12-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: go1.16-1.16.12-1.1 on GA media
Description of the patch: These are all security issues fixed in the go1.16-1.16.12-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-11671
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.16-1.16.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-1.16.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-1.16.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-1.16.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.8 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.16-1.16.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-1.16.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-1.16.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-1.16.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.16-1.16.12-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.16-1.16.12-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11671",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11671-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44716 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44717 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44717/"
}
],
"title": "go1.16-1.16.12-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11671-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.12-1.1.aarch64",
"product": {
"name": "go1.16-1.16.12-1.1.aarch64",
"product_id": "go1.16-1.16.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.12-1.1.aarch64",
"product": {
"name": "go1.16-doc-1.16.12-1.1.aarch64",
"product_id": "go1.16-doc-1.16.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.16-race-1.16.12-1.1.aarch64",
"product": {
"name": "go1.16-race-1.16.12-1.1.aarch64",
"product_id": "go1.16-race-1.16.12-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.12-1.1.ppc64le",
"product": {
"name": "go1.16-1.16.12-1.1.ppc64le",
"product_id": "go1.16-1.16.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.12-1.1.ppc64le",
"product": {
"name": "go1.16-doc-1.16.12-1.1.ppc64le",
"product_id": "go1.16-doc-1.16.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.16-race-1.16.12-1.1.ppc64le",
"product": {
"name": "go1.16-race-1.16.12-1.1.ppc64le",
"product_id": "go1.16-race-1.16.12-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.12-1.1.s390x",
"product": {
"name": "go1.16-1.16.12-1.1.s390x",
"product_id": "go1.16-1.16.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.12-1.1.s390x",
"product": {
"name": "go1.16-doc-1.16.12-1.1.s390x",
"product_id": "go1.16-doc-1.16.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.16-race-1.16.12-1.1.s390x",
"product": {
"name": "go1.16-race-1.16.12-1.1.s390x",
"product_id": "go1.16-race-1.16.12-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.12-1.1.x86_64",
"product": {
"name": "go1.16-1.16.12-1.1.x86_64",
"product_id": "go1.16-1.16.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.12-1.1.x86_64",
"product": {
"name": "go1.16-doc-1.16.12-1.1.x86_64",
"product_id": "go1.16-doc-1.16.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.16-race-1.16.12-1.1.x86_64",
"product": {
"name": "go1.16-race-1.16.12-1.1.x86_64",
"product_id": "go1.16-race-1.16.12-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-1.16.12-1.1.aarch64"
},
"product_reference": "go1.16-1.16.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-1.16.12-1.1.ppc64le"
},
"product_reference": "go1.16-1.16.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-1.16.12-1.1.s390x"
},
"product_reference": "go1.16-1.16.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-1.16.12-1.1.x86_64"
},
"product_reference": "go1.16-1.16.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.aarch64"
},
"product_reference": "go1.16-doc-1.16.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.ppc64le"
},
"product_reference": "go1.16-doc-1.16.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.s390x"
},
"product_reference": "go1.16-doc-1.16.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.x86_64"
},
"product_reference": "go1.16-doc-1.16.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.aarch64"
},
"product_reference": "go1.16-race-1.16.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.ppc64le"
},
"product_reference": "go1.16-race-1.16.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.s390x"
},
"product_reference": "go1.16-race-1.16.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.x86_64"
},
"product_reference": "go1.16-race-1.16.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44716"
}
],
"notes": [
{
"category": "general",
"text": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44716",
"url": "https://www.suse.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "SUSE Bug 1193597 for CVE-2021-44716",
"url": "https://bugzilla.suse.com/1193597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44717"
}
],
"notes": [
{
"category": "general",
"text": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44717",
"url": "https://www.suse.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "SUSE Bug 1193598 for CVE-2021-44717",
"url": "https://bugzilla.suse.com/1193598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-doc-1.16.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.s390x",
"openSUSE Tumbleweed:go1.16-race-1.16.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-44717"
}
]
}
OPENSUSE-SU-2024:11672-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
go1.17-1.17.5-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: go1.17-1.17.5-1.1 on GA media
Description of the patch: These are all security issues fixed in the go1.17-1.17.5-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-11672
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.17-1.17.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-1.17.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-1.17.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-1.17.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.8 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.17-1.17.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-1.17.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-1.17.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-1.17.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.17-1.17.5-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.17-1.17.5-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11672",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11672-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44716 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44717 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44717/"
}
],
"title": "go1.17-1.17.5-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11672-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.5-1.1.aarch64",
"product": {
"name": "go1.17-1.17.5-1.1.aarch64",
"product_id": "go1.17-1.17.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.5-1.1.aarch64",
"product": {
"name": "go1.17-doc-1.17.5-1.1.aarch64",
"product_id": "go1.17-doc-1.17.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.5-1.1.aarch64",
"product": {
"name": "go1.17-race-1.17.5-1.1.aarch64",
"product_id": "go1.17-race-1.17.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.5-1.1.ppc64le",
"product": {
"name": "go1.17-1.17.5-1.1.ppc64le",
"product_id": "go1.17-1.17.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.5-1.1.ppc64le",
"product": {
"name": "go1.17-doc-1.17.5-1.1.ppc64le",
"product_id": "go1.17-doc-1.17.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.5-1.1.ppc64le",
"product": {
"name": "go1.17-race-1.17.5-1.1.ppc64le",
"product_id": "go1.17-race-1.17.5-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.5-1.1.s390x",
"product": {
"name": "go1.17-1.17.5-1.1.s390x",
"product_id": "go1.17-1.17.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.5-1.1.s390x",
"product": {
"name": "go1.17-doc-1.17.5-1.1.s390x",
"product_id": "go1.17-doc-1.17.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.5-1.1.s390x",
"product": {
"name": "go1.17-race-1.17.5-1.1.s390x",
"product_id": "go1.17-race-1.17.5-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.5-1.1.x86_64",
"product": {
"name": "go1.17-1.17.5-1.1.x86_64",
"product_id": "go1.17-1.17.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.5-1.1.x86_64",
"product": {
"name": "go1.17-doc-1.17.5-1.1.x86_64",
"product_id": "go1.17-doc-1.17.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.5-1.1.x86_64",
"product": {
"name": "go1.17-race-1.17.5-1.1.x86_64",
"product_id": "go1.17-race-1.17.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-1.17.5-1.1.aarch64"
},
"product_reference": "go1.17-1.17.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-1.17.5-1.1.ppc64le"
},
"product_reference": "go1.17-1.17.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-1.17.5-1.1.s390x"
},
"product_reference": "go1.17-1.17.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-1.17.5-1.1.x86_64"
},
"product_reference": "go1.17-1.17.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.aarch64"
},
"product_reference": "go1.17-doc-1.17.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.ppc64le"
},
"product_reference": "go1.17-doc-1.17.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.s390x"
},
"product_reference": "go1.17-doc-1.17.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.x86_64"
},
"product_reference": "go1.17-doc-1.17.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.aarch64"
},
"product_reference": "go1.17-race-1.17.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.ppc64le"
},
"product_reference": "go1.17-race-1.17.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.s390x"
},
"product_reference": "go1.17-race-1.17.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.x86_64"
},
"product_reference": "go1.17-race-1.17.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44716"
}
],
"notes": [
{
"category": "general",
"text": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44716",
"url": "https://www.suse.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "SUSE Bug 1193597 for CVE-2021-44716",
"url": "https://bugzilla.suse.com/1193597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44717"
}
],
"notes": [
{
"category": "general",
"text": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44717",
"url": "https://www.suse.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "SUSE Bug 1193598 for CVE-2021-44717",
"url": "https://bugzilla.suse.com/1193598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-doc-1.17.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.s390x",
"openSUSE Tumbleweed:go1.17-race-1.17.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-44717"
}
]
}
OPENSUSE-SU-2024:11947-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
apptainer-1.0.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: apptainer-1.0.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the apptainer-1.0.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-11947
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "apptainer-1.0.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the apptainer-1.0.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11947",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11947-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44717 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44717/"
}
],
"title": "apptainer-1.0.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11947-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.0.1-1.1.aarch64",
"product": {
"name": "apptainer-1.0.1-1.1.aarch64",
"product_id": "apptainer-1.0.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.0.1-1.1.ppc64le",
"product": {
"name": "apptainer-1.0.1-1.1.ppc64le",
"product_id": "apptainer-1.0.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.0.1-1.1.s390x",
"product": {
"name": "apptainer-1.0.1-1.1.s390x",
"product_id": "apptainer-1.0.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.0.1-1.1.x86_64",
"product": {
"name": "apptainer-1.0.1-1.1.x86_64",
"product_id": "apptainer-1.0.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.0.1-1.1.aarch64"
},
"product_reference": "apptainer-1.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.0.1-1.1.ppc64le"
},
"product_reference": "apptainer-1.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.0.1-1.1.s390x"
},
"product_reference": "apptainer-1.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.0.1-1.1.x86_64"
},
"product_reference": "apptainer-1.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44717"
}
],
"notes": [
{
"category": "general",
"text": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.s390x",
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44717",
"url": "https://www.suse.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "SUSE Bug 1193598 for CVE-2021-44717",
"url": "https://bugzilla.suse.com/1193598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.s390x",
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.s390x",
"openSUSE Tumbleweed:apptainer-1.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-44717"
}
]
}
RHEA-2022:1596
Vulnerability from csaf_redhat - Published: 2022-04-26 16:51 - Updated: 2026-04-29 07:55Summary
Red Hat Enhancement Advisory: OpenShift Virtualization 4.9.4 Images
Severity
Moderate
Notes
Topic: Red Hat OpenShift Virtualization release 4.9.4 is now available with updates to packages and images that fix several bugs and add enhancements.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 4.9.4 images:
RHEL-8-CNV-4.9
==============
hyperconverged-cluster-webhook-container-v4.9.4-5
hyperconverged-cluster-operator-container-v4.9.4-5
kubevirt-template-validator-container-v4.9.4-5
virtio-win-container-v4.9.4-5
vm-import-operator-container-v4.9.4-5
virt-cdi-operator-container-v4.9.4-7
node-maintenance-operator-container-v4.9.4-5
hostpath-provisioner-container-v4.9.4-5
vm-import-controller-container-v4.9.4-5
cnv-containernetworking-plugins-container-v4.9.4-5
ovs-cni-marker-container-v4.9.4-5
kubevirt-vmware-container-v4.9.4-6
kubernetes-nmstate-handler-container-v4.9.4-7
kubevirt-ssp-operator-container-v4.9.4-5
ovs-cni-plugin-container-v4.9.4-5
vm-import-virtv2v-container-v4.9.4-5
kubevirt-v2v-conversion-container-v4.9.4-5
virt-cdi-cloner-container-v4.9.4-7
bridge-marker-container-v4.9.4-5
hostpath-provisioner-operator-container-v4.9.4-5
kubemacpool-container-v4.9.4-5
virt-cdi-uploadproxy-container-v4.9.4-7
virt-cdi-controller-container-v4.9.4-7
virt-cdi-uploadserver-container-v4.9.4-7
virt-cdi-apiserver-container-v4.9.4-7
cluster-network-addons-operator-container-v4.9.4-7
virt-cdi-importer-container-v4.9.4-7
virt-controller-container-v4.9.4-7
virt-handler-container-v4.9.4-7
virt-api-container-v4.9.4-7
virt-artifacts-server-container-v4.9.4-7
virt-operator-container-v4.9.4-7
virt-launcher-container-v4.9.4-7
libguestfs-tools-container-v4.9.4-7
cnv-must-gather-container-v4.9.4-11
hco-bundle-registry-container-v4.9.4-58
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.
5.9 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64 | — |
Workaround
|
Threats
Impact
Moderate
There's an uncontrolled resource consumption flaw in golang's net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http's http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.
7.5 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64 | — |
Workaround
|
Threats
Impact
Moderate
There's a flaw in golang's syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().
4.8 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64 | — |
Workaround
|
Threats
Impact
Moderate
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.9.4 is now available with updates to packages and images that fix several bugs and add enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.9.4 images:\n\nRHEL-8-CNV-4.9\n==============\nhyperconverged-cluster-webhook-container-v4.9.4-5\nhyperconverged-cluster-operator-container-v4.9.4-5\nkubevirt-template-validator-container-v4.9.4-5\nvirtio-win-container-v4.9.4-5\nvm-import-operator-container-v4.9.4-5\nvirt-cdi-operator-container-v4.9.4-7\nnode-maintenance-operator-container-v4.9.4-5\nhostpath-provisioner-container-v4.9.4-5\nvm-import-controller-container-v4.9.4-5\ncnv-containernetworking-plugins-container-v4.9.4-5\novs-cni-marker-container-v4.9.4-5\nkubevirt-vmware-container-v4.9.4-6\nkubernetes-nmstate-handler-container-v4.9.4-7\nkubevirt-ssp-operator-container-v4.9.4-5\novs-cni-plugin-container-v4.9.4-5\nvm-import-virtv2v-container-v4.9.4-5\nkubevirt-v2v-conversion-container-v4.9.4-5\nvirt-cdi-cloner-container-v4.9.4-7\nbridge-marker-container-v4.9.4-5\nhostpath-provisioner-operator-container-v4.9.4-5\nkubemacpool-container-v4.9.4-5\nvirt-cdi-uploadproxy-container-v4.9.4-7\nvirt-cdi-controller-container-v4.9.4-7\nvirt-cdi-uploadserver-container-v4.9.4-7\nvirt-cdi-apiserver-container-v4.9.4-7\ncluster-network-addons-operator-container-v4.9.4-7\nvirt-cdi-importer-container-v4.9.4-7\nvirt-controller-container-v4.9.4-7\nvirt-handler-container-v4.9.4-7\nvirt-api-container-v4.9.4-7\nvirt-artifacts-server-container-v4.9.4-7\nvirt-operator-container-v4.9.4-7\nvirt-launcher-container-v4.9.4-7\nlibguestfs-tools-container-v4.9.4-7\ncnv-must-gather-container-v4.9.4-11\nhco-bundle-registry-container-v4.9.4-58",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHEA-2022:1596",
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "external",
"summary": "2049800",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049800"
},
{
"category": "external",
"summary": "2055546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055546"
},
{
"category": "external",
"summary": "2055786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055786"
},
{
"category": "external",
"summary": "2059111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059111"
},
{
"category": "external",
"summary": "2068147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2068147"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhea-2022_1596.json"
}
],
"title": "Red Hat Enhancement Advisory: OpenShift Virtualization 4.9.4 Images",
"tracking": {
"current_release_date": "2026-04-29T07:55:53+00:00",
"generator": {
"date": "2026-04-29T07:55:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.6"
}
},
"id": "RHEA-2022:1596",
"initial_release_date": "2022-04-26T16:51:34+00:00",
"revision_history": [
{
"date": "2022-04-26T16:51:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-26T16:51:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-29T07:55:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.9 for RHEL 8",
"product": {
"name": "CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"product": {
"name": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"product_id": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"product": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"product": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"product": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.9.4-11"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"product": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"product_id": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.9.4-58"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"product": {
"name": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"product_id": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"product": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"product_id": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"product_id": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-v2v-conversion\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"product_id": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-vmware\u0026tag=v4.9.4-6"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"product": {
"name": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"product_id": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"product": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"product_id": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"product_id": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"product_id": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"product": {
"name": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"product_id": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"product": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"product_id": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"product_id": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"product_id": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"product_id": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"product_id": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"product": {
"name": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"product_id": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"product": {
"name": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"product_id": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"product": {
"name": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"product_id": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"product": {
"name": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"product_id": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"product": {
"name": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"product_id": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"product": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"product_id": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-operator-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"product": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"product_id": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-virtv2v-rhel8\u0026tag=v4.9.4-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64"
},
"product_reference": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64"
},
"product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64"
},
"product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64"
},
"product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64"
},
"product_reference": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64"
},
"product_reference": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64"
},
"product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64"
},
"product_reference": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64"
},
"product_reference": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64"
},
"product_reference": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64"
},
"product_reference": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64"
},
"product_reference": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64"
},
"product_reference": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64"
},
"product_reference": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64"
},
"product_reference": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64"
},
"product_reference": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64"
},
"product_reference": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
},
"product_reference": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-26T16:51:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-26T16:51:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030806"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "RHBZ#2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-26T16:51:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "workaround",
"details": "This bug can be mitigated by raising the per-process file descriptor limit.",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
}
]
}
RHEA-2022_1596
Vulnerability from csaf_redhat - Published: 2022-04-26 16:51 - Updated: 2024-12-17 21:47Summary
Red Hat Enhancement Advisory: OpenShift Virtualization 4.9.4 Images
Severity
Moderate
Notes
Topic: Red Hat OpenShift Virtualization release 4.9.4 is now available with updates to packages and images that fix several bugs and add enhancements.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 4.9.4 images:
RHEL-8-CNV-4.9
==============
hyperconverged-cluster-webhook-container-v4.9.4-5
hyperconverged-cluster-operator-container-v4.9.4-5
kubevirt-template-validator-container-v4.9.4-5
virtio-win-container-v4.9.4-5
vm-import-operator-container-v4.9.4-5
virt-cdi-operator-container-v4.9.4-7
node-maintenance-operator-container-v4.9.4-5
hostpath-provisioner-container-v4.9.4-5
vm-import-controller-container-v4.9.4-5
cnv-containernetworking-plugins-container-v4.9.4-5
ovs-cni-marker-container-v4.9.4-5
kubevirt-vmware-container-v4.9.4-6
kubernetes-nmstate-handler-container-v4.9.4-7
kubevirt-ssp-operator-container-v4.9.4-5
ovs-cni-plugin-container-v4.9.4-5
vm-import-virtv2v-container-v4.9.4-5
kubevirt-v2v-conversion-container-v4.9.4-5
virt-cdi-cloner-container-v4.9.4-7
bridge-marker-container-v4.9.4-5
hostpath-provisioner-operator-container-v4.9.4-5
kubemacpool-container-v4.9.4-5
virt-cdi-uploadproxy-container-v4.9.4-7
virt-cdi-controller-container-v4.9.4-7
virt-cdi-uploadserver-container-v4.9.4-7
virt-cdi-apiserver-container-v4.9.4-7
cluster-network-addons-operator-container-v4.9.4-7
virt-cdi-importer-container-v4.9.4-7
virt-controller-container-v4.9.4-7
virt-handler-container-v4.9.4-7
virt-api-container-v4.9.4-7
virt-artifacts-server-container-v4.9.4-7
virt-operator-container-v4.9.4-7
virt-launcher-container-v4.9.4-7
libguestfs-tools-container-v4.9.4-7
cnv-must-gather-container-v4.9.4-11
hco-bundle-registry-container-v4.9.4-58
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.
5.9 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64 | — |
Workaround
|
Threats
Impact
Moderate
There's an uncontrolled resource consumption flaw in golang's net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http's http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.
7.5 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64 | — |
Workaround
|
Threats
Impact
Moderate
There's a flaw in golang's syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().
4.8 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64 | — |
Workaround
|
Threats
Impact
Moderate
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.9.4 is now available with updates to packages and images that fix several bugs and add enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.9.4 images:\n\nRHEL-8-CNV-4.9\n==============\nhyperconverged-cluster-webhook-container-v4.9.4-5\nhyperconverged-cluster-operator-container-v4.9.4-5\nkubevirt-template-validator-container-v4.9.4-5\nvirtio-win-container-v4.9.4-5\nvm-import-operator-container-v4.9.4-5\nvirt-cdi-operator-container-v4.9.4-7\nnode-maintenance-operator-container-v4.9.4-5\nhostpath-provisioner-container-v4.9.4-5\nvm-import-controller-container-v4.9.4-5\ncnv-containernetworking-plugins-container-v4.9.4-5\novs-cni-marker-container-v4.9.4-5\nkubevirt-vmware-container-v4.9.4-6\nkubernetes-nmstate-handler-container-v4.9.4-7\nkubevirt-ssp-operator-container-v4.9.4-5\novs-cni-plugin-container-v4.9.4-5\nvm-import-virtv2v-container-v4.9.4-5\nkubevirt-v2v-conversion-container-v4.9.4-5\nvirt-cdi-cloner-container-v4.9.4-7\nbridge-marker-container-v4.9.4-5\nhostpath-provisioner-operator-container-v4.9.4-5\nkubemacpool-container-v4.9.4-5\nvirt-cdi-uploadproxy-container-v4.9.4-7\nvirt-cdi-controller-container-v4.9.4-7\nvirt-cdi-uploadserver-container-v4.9.4-7\nvirt-cdi-apiserver-container-v4.9.4-7\ncluster-network-addons-operator-container-v4.9.4-7\nvirt-cdi-importer-container-v4.9.4-7\nvirt-controller-container-v4.9.4-7\nvirt-handler-container-v4.9.4-7\nvirt-api-container-v4.9.4-7\nvirt-artifacts-server-container-v4.9.4-7\nvirt-operator-container-v4.9.4-7\nvirt-launcher-container-v4.9.4-7\nlibguestfs-tools-container-v4.9.4-7\ncnv-must-gather-container-v4.9.4-11\nhco-bundle-registry-container-v4.9.4-58",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHEA-2022:1596",
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "external",
"summary": "2049800",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049800"
},
{
"category": "external",
"summary": "2055546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055546"
},
{
"category": "external",
"summary": "2055786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055786"
},
{
"category": "external",
"summary": "2059111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059111"
},
{
"category": "external",
"summary": "2068147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2068147"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhea-2022_1596.json"
}
],
"title": "Red Hat Enhancement Advisory: OpenShift Virtualization 4.9.4 Images",
"tracking": {
"current_release_date": "2024-12-17T21:47:28+00:00",
"generator": {
"date": "2024-12-17T21:47:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHEA-2022:1596",
"initial_release_date": "2022-04-26T16:51:34+00:00",
"revision_history": [
{
"date": "2022-04-26T16:51:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-26T16:51:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T21:47:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.9 for RHEL 8",
"product": {
"name": "CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"product": {
"name": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"product_id": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"product": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"product": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"product": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.9.4-11"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"product": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"product_id": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.9.4-58"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"product": {
"name": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"product_id": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"product": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"product_id": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"product_id": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-v2v-conversion\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"product_id": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-vmware\u0026tag=v4.9.4-6"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"product": {
"name": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"product_id": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"product": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"product_id": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"product_id": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"product_id": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"product": {
"name": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"product_id": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"product": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"product_id": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"product_id": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"product_id": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"product_id": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"product_id": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"product": {
"name": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"product_id": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"product": {
"name": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"product_id": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"product": {
"name": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"product_id": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"product": {
"name": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"product_id": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"product": {
"name": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"product_id": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.9.4-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"product": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"product_id": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-operator-rhel8\u0026tag=v4.9.4-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"product": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"product_id": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-virtv2v-rhel8\u0026tag=v4.9.4-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64"
},
"product_reference": "container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64"
},
"product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64"
},
"product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64"
},
"product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64"
},
"product_reference": "container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64"
},
"product_reference": "container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64"
},
"product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64"
},
"product_reference": "container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64"
},
"product_reference": "container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64"
},
"product_reference": "container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64"
},
"product_reference": "container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64"
},
"product_reference": "container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64"
},
"product_reference": "container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64"
},
"product_reference": "container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64"
},
"product_reference": "container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64"
},
"product_reference": "container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64"
},
"product_reference": "container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
},
"product_reference": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-26T16:51:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-26T16:51:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030806"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "RHBZ#2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-26T16:51:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2022:1596"
},
{
"category": "workaround",
"details": "This bug can be mitigated by raising the per-process file descriptor limit.",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:eb63407b81056963a060f58e7afe807f1b08be88f046b44a4459999cedbf6e99_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:f18bbaeaf277bc146b02ef03cdaf807f955eea6ef50ed0c1e665c72c4a3d42d8_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:364813b965739e72a8fe667e1f451ca2a91a7b1eeb8df66837d4ed201b51e53d_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:8fce40dfb7b1a9cf5a7e95412a04e95f40303777f7659b0d9b69563c299d6edf_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:4247e831589dc4bb2c7557968a373fa7e4beca1fdbc03c793ee21a52ca23e235_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:06a3ad22559f6a7d164f11feeb24345534569b14e9e85fa23f6e1dbfeaaa3313_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:9fbfc7da92a4cc85b46f8d3f0b8aa0f1890465ee59cc79dd9815d24705ee3fc8_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:3a0f236a496da41cacef9120b92fce824d583ed1ff3e4c9020b2f7d07fe24bfe_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:447ac82014865d414a85a5f7b5feb50225ec0edd23a89c8a0b096546a507a88d_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:8ab02a419851ce54a8670cb6cff948b73b3e29f27cdf8bd3cf3425ad1e039d75_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f6ca7f841a6906e46f3738e82f95cf6e244b38e3cb88eeca6db2f3828a236723_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:98a23699e67116f3eb2632f75bd62d61ba7c7511739ef429743147466eadd21f_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:9edb68f99fbcb4f4458219ef7993f43f06daa3d0fa31f1ce7c5e6ec42d54a568_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:e1971509511962011b978e04cb61fa9b3762053015b906f22d2a5e52684f887b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:360c214fc6979578b0b8d5ab2df51462444380337aeadbd841fa60828e3b4b9f_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:d433fb1157e3fc62ee4c5df813327cf6a2d8c2b95f2873e629076e25000de09a_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:48390b221ccb1d3a95d0da553f6f02ec32f36602bb91d2ffe08ab8c8bcd586c5_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:91b1e6a4aab30c71e8ee9823939bac64b5e4e5447d3a213c9debbd7a6d7a39cb_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:0e517140884f3359c2bb89e3cd9f21c795d05eccc01f40a18050ec8244a42b9b_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:d5c76d3d7ca8a10acde943e43b829a88344fafdb7c0af67065e0a513a7a432b8_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:03bf2793fed7c153865ccaec0e22984e9c814a58d7c69aa5e1ef0acb05719a81_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:f077c865c52d31950a1addc05d46676aff706f9dec63e0e8c572b7acf1d39577_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:8942132093aa941a25f2707d9baf05a97a1cbaa530095ada903c19db50198886_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:2f3339933eb755bc678df74b834e2016f5f291fd5612816eeff5d69436daa136_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:c57c2c4036f80b790c93303a87d72a748aad7da3a4b051f7118ab9fbaeda7def_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:11c4d75ba0dfc7a13bc921dd1bd84cc0a8fa4e0ddd7eca89924ca1792773278d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:a90837a9a8fe7b48ac693a97ec2eac04bac8d6652c84e12ee980f7ce7dfa0a4f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:28e6cdf743f7a86627a0380ecbea29c9b1942558f35acf4a56118b10ea1f3765_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:3ed022ba0e42eba7261b6d46fb492136ccf2fca4615102db8692b896fc3242b4_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:f676958ba010152c49e97326405453d03eec1ccd246ca47567000189f22483bd_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:0b01fc6b88611f08856ad7ea4ba0b81c354e42ca0eab0362c041f2a46c9d8f71_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:9a856c6d48efda1f308e3c53efbb74dc15c132141eb559d018ef5ad89d9a3d7c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:bcc9a647be6e86ac01faefbf82228aaa84f81946add086397dbdec05eb83a87a_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:2bba13caf38fa872710c5ec4f042720e1182039b11c65d211d6139eaf176b631_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:f231305d0d7e8c40cbface56d384940cbb566f4d14900c83976e794b60e49982_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8de93e2a69cf8fa2cb0c0d877459f5bc31057f76267ef93bdc7c30db9d2847ae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
}
]
}
RHSA-2021:5160
Vulnerability from csaf_redhat - Published: 2021-12-15 16:33 - Updated: 2026-03-27 08:30Summary
Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update
Severity
Important
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)
* golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Rebase Go to 1.16.12 (BZ#2031125)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
There's an uncontrolled resource consumption flaw in golang's net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http's http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
There's a flaw in golang's syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().
4.8 (Medium)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* golang: syscall: don\u0027t close fd 0 on ForkExec error (CVE-2021-44717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Rebase Go to 1.16.12 (BZ#2031125)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5160",
"url": "https://access.redhat.com/errata/RHSA-2021:5160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5160.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update",
"tracking": {
"current_release_date": "2026-03-27T08:30:26+00:00",
"generator": {
"date": "2026-03-27T08:30:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2021:5160",
"initial_release_date": "2021-12-15T16:33:39+00:00",
"revision_history": [
{
"date": "2021-12-15T16:33:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-15T16:33:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-27T08:30:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=src\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src (go-toolset:rhel8)",
"product_id": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=src\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src (go-toolset:rhel8)",
"product_id": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.6.0-1.module%2Bel8.5.0%2B10379%2Bd6b83bd0?arch=src\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=noarch\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=noarch\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=noarch\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=noarch\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=s390x\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=s390x\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=s390x\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.6.0-1.module%2Bel8.5.0%2B10379%2Bd6b83bd0?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.6.0-1.module%2Bel8.5.0%2B10379%2Bd6b83bd0?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.6.0-1.module%2Bel8.5.0%2B10379%2Bd6b83bd0?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.16.12-1.module%2Bel8.5.0%2B13637%2B960c7771?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8050020211211004557:70889296"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.5.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-15T16:33:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5160"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030806"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "RHBZ#2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-15T16:33:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5160"
},
{
"category": "workaround",
"details": "This bug can be mitigated by raising the per-process file descriptor limit.",
"product_ids": [
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debuginfo-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:delve-debugsource-0:1.6.0-1.module+el8.5.0+10379+d6b83bd0.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:go-toolset-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.src::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.aarch64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.ppc64le::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.s390x::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-bin-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-docs-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-misc-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-race-0:1.16.12-1.module+el8.5.0+13637+960c7771.x86_64::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-src-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8",
"AppStream-8.5.0.Z.MAIN:golang-tests-0:1.16.12-1.module+el8.5.0+13637+960c7771.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
}
]
}
RHSA-2021:5176
Vulnerability from csaf_redhat - Published: 2021-12-16 16:38 - Updated: 2026-06-02 17:36Summary
Red Hat Security Advisory: go-toolset-1.16 and go-toolset-1.16-golang security and bug fix update
Severity
Important
Notes
Topic: An update for go-toolset-1.16 and go-toolset-1.16-golang is now available for Red Hat Developer Tools.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)
* golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Rebase Go to 1.16.12 [devtools-2021.4.z] (BZ#2031148)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go where Reader.Open (the API implementing io/fs.FS introduced in Go 1.16) can panic when parsing a crafted ZIP archive containing completely invalid names or an empty filename argument.
7.5 (High)
Affected products
Fixed
62 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
There's an uncontrolled resource consumption flaw in golang's net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http's http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.
7.5 (High)
Affected products
Fixed
62 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
There's a flaw in golang's syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().
4.8 (Medium)
Affected products
Fixed
62 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for go-toolset-1.16 and go-toolset-1.16-golang is now available for Red Hat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* golang: syscall: don\u0027t close fd 0 on ForkExec error (CVE-2021-44717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Rebase Go to 1.16.12 [devtools-2021.4.z] (BZ#2031148)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:5176",
"url": "https://access.redhat.com/errata/RHSA-2021:5176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_developer_tools/1/html/using_go_1.16.6_toolset",
"url": "https://access.redhat.com/documentation/en-us/red_hat_developer_tools/1/html/using_go_1.16.6_toolset"
},
{
"category": "external",
"summary": "2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5176.json"
}
],
"title": "Red Hat Security Advisory: go-toolset-1.16 and go-toolset-1.16-golang security and bug fix update",
"tracking": {
"current_release_date": "2026-06-02T17:36:54+00:00",
"generator": {
"date": "2026-06-02T17:36:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2021:5176",
"initial_release_date": "2021-12-16T16:38:14+00:00",
"revision_history": [
{
"date": "2021-12-16T16:38:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-16T16:38:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:36:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devtools:2021"
}
}
},
{
"category": "product_name",
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devtools:2021"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Tools"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"product": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"product_id": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang@1.16.12-1.el7_9?arch=src"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.src",
"product": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.src",
"product_id": "go-toolset-1.16-0:1.16.12-1.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16@1.16.12-1.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang@1.16.12-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-bin@1.16.12-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-misc@1.16.12-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-race@1.16.12-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-src@1.16.12-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-tests@1.16.12-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16@1.16.12-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-build@1.16.12-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-runtime@1.16.12-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"product": {
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"product_id": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-scldevel@1.16.12-1.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"product": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"product_id": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang@1.16.12-1.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"product": {
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"product_id": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-bin@1.16.12-1.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"product": {
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"product_id": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-misc@1.16.12-1.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"product": {
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"product_id": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-src@1.16.12-1.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"product": {
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"product_id": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-tests@1.16.12-1.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"product": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"product_id": "go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16@1.16.12-1.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"product": {
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"product_id": "go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-build@1.16.12-1.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"product": {
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"product_id": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-runtime@1.16.12-1.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"product": {
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"product_id": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-scldevel@1.16.12-1.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"product_id": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang@1.16.12-1.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"product_id": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-bin@1.16.12-1.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"product_id": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-misc@1.16.12-1.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"product_id": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-src@1.16.12-1.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"product_id": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-tests@1.16.12-1.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"product_id": "go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16@1.16.12-1.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"product_id": "go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-build@1.16.12-1.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"product_id": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-runtime@1.16.12-1.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"product_id": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-scldevel@1.16.12-1.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"product": {
"name": "go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"product_id": "go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.16-golang-docs@1.16.12-1.el7_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src"
},
"product_reference": "go-toolset-1.16-0:1.16.12-1.el7_9.src",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src"
},
"product_reference": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch"
},
"product_reference": "go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src"
},
"product_reference": "go-toolset-1.16-0:1.16.12-1.el7_9.src",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src"
},
"product_reference": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch"
},
"product_reference": "go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x"
},
"product_reference": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
},
"product_reference": "go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41772",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2021-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2020736"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go where Reader.Open (the API implementing io/fs.FS introduced in Go 1.16) can panic when parsing a crafted ZIP archive containing completely invalid names or an empty filename argument.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Reader.Open panics on empty string",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s sg-core-container.\n\n* Because Red Hat Ceph Storage only uses Go\u0027s archive/zip for the Grafana CLI and thus is not directly exploitable, the vulnerability has been rated low for Red Hat Ceph Storage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41772"
},
{
"category": "external",
"summary": "RHBZ#2020736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41772"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0fM21h43arc",
"url": "https://groups.google.com/g/golang-announce/c/0fM21h43arc"
}
],
"release_date": "2021-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T16:38:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5176"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Reader.Open panics on empty string"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T16:38:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5176"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030806"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "RHBZ#2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-16T16:38:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:5176"
},
{
"category": "workaround",
"details": "This bug can be mitigated by raising the per-process file descriptor limit.",
"product_ids": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Server-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-build-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.src",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-bin-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-docs-0:1.16.12-1.el7_9.noarch",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-misc-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-race-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-src-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-golang-tests-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-runtime-0:1.16.12-1.el7_9.x86_64",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.ppc64le",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.s390x",
"7Workstation-DevTools-2021.4:go-toolset-1.16-scldevel-0:1.16.12-1.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…