vulnerability
Red Hat OpenShift: CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | 2022-10-14 | 2023-01-26 | 2025-04-11 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
2022-10-14
Added
2023-01-26
Modified
2025-04-11
Description
Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.
Solution(s)
linuxrpm-upgrade-buildahlinuxrpm-upgrade-conmonlinuxrpm-upgrade-openshift-clientslinuxrpm-upgrade-podmanlinuxrpm-upgrade-skopeo
References
- CVE-2022-2879
- https://attackerkb.com/topics/CVE-2022-2879
- REDHAT-RHSA-2022:7398
- REDHAT-RHSA-2022:7399
- REDHAT-RHSA-2022:8535
- REDHAT-RHSA-2022:8781
- REDHAT-RHSA-2023:0264
- REDHAT-RHSA-2023:0328
- REDHAT-RHSA-2023:0445
- REDHAT-RHSA-2023:0446
- REDHAT-RHSA-2023:0542
- REDHAT-RHSA-2023:0693
- REDHAT-RHSA-2023:0708
- REDHAT-RHSA-2023:0709
- REDHAT-RHSA-2023:0727
- REDHAT-RHSA-2023:1042
- REDHAT-RHSA-2023:1079
- REDHAT-RHSA-2023:1174
- REDHAT-RHSA-2023:2204
- REDHAT-RHSA-2023:2780
- REDHAT-RHSA-2023:3205
- REDHAT-RHSA-2023:3613
- REDHAT-RHSA-2023:3742
- REDHAT-RHSA-2023:4003
- REDHAT-RHSA-2024:0121
- REDHAT-RHSA-2024:2944
- REDHAT-RHSA-2024:2988
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.