vulnerability

Red Hat OpenShift: CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers

Name: Red Hat OpenShift: CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers
Creator: Red Hat
Published: 2022-10-14T00:00:00.000Z
Keywords: CVE, CWE-770, Red Hat OpenShift, 2022, 2879, golang, linuxrpm-upgrade-buildah, linuxrpm-upgrade-conmon, linuxrpm-upgrade-openshift-clients, linuxrpm-upgrade-podman, linuxrpm-upgrade-skopeo, Severity 8

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Oct 14, 2022

Added

Jan 26, 2023

Modified

Jun 12, 2026

Description

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.

Solutions

linuxrpm-upgrade-buildahlinuxrpm-upgrade-conmonlinuxrpm-upgrade-openshift-clientslinuxrpm-upgrade-podmanlinuxrpm-upgrade-skopeo

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report