{ "document" : { "aggregate_severity" : { "namespace" : "https://access.redhat.com/security/updates/classification/", "text" : "Important" }, "category" : "csaf_security_advisory", "csaf_version" : "2.0", "distribution" : { "text" : "Copyright © Red Hat, Inc. All rights reserved.", "tlp" : { "label" : "WHITE", "url" : "https://www.first.org/tlp/" } }, "lang" : "en", "notes" : [ { "category" : "summary", "text" : "Red Hat OpenShift Service Mesh 3.3.3\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title" : "Topic" }, { "category" : "general", "text" : "Red Hat OpenShift Service Mesh 3.3.3, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nSecurity Fix(es):\n\n* istio-proxyv2-rhel9: Possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* istio-pilot-rhel9: Possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* istio-cni-rhel9: Possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* istio-rhel9-operator: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* istio-proxyv2-rhel9: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* istio-pilot-rhel9: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* istio-cni-rhel9: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* istio-rhel9-operator: Denial of service in certificate chain building when using Go applications (CVE-2026-32280)\n\n* istio-pilot-rhel9: Denial of service in certificate chain building when using Go applications (CVE-2026-32280)\n\n* istio-cni-rhel9: Denial of service in certificate chain building when using Go applications (CVE-2026-32280)\n\nFixes/Improvements:\n\n* OSSM 3 Operator icon missing from OperatorHub catalog in OCP console (OSSM-13028)\n\n* Applying proxy configuration takes a long time on the FIPS cluster (OSSM-12929)\n\n* Revert changes done for OSSM-12845 (OSSM-13222)\n\n* Revert changes done for OSSM-12930 (OSSM-13223)", "title" : "Details" }, { "category" : "legal_disclaimer", "text" : "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title" : "Terms of Use" } ], "publisher" : { "category" : "vendor", "contact_details" : "https://access.redhat.com/security/team/contact/", "issuing_authority" : "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name" : "Red Hat Product Security", "namespace" : "https://www.redhat.com" }, "references" : [ { "category" : "self", "summary" : "https://access.redhat.com/errata/RHSA-2026:16537", "url" : "https://access.redhat.com/errata/RHSA-2026:16537" }, { "category" : "external", "summary" : "https://access.redhat.com/security/cve/CVE-2026-27143", "url" : "https://access.redhat.com/security/cve/CVE-2026-27143" }, { "category" : "external", "summary" : "https://access.redhat.com/security/cve/CVE-2026-27144", "url" : "https://access.redhat.com/security/cve/CVE-2026-27144" }, { "category" : "external", "summary" : "https://access.redhat.com/security/cve/CVE-2026-32280", "url" : "https://access.redhat.com/security/cve/CVE-2026-32280" }, { "category" : "external", "summary" : "https://access.redhat.com/security/cve/cve-2026-27143", "url" : "https://access.redhat.com/security/cve/cve-2026-27143" }, { "category" : "external", "summary" : "https://access.redhat.com/security/cve/cve-2026-27144", "url" : "https://access.redhat.com/security/cve/cve-2026-27144" }, { "category" : "external", "summary" : "https://access.redhat.com/security/cve/cve-2026-32280", "url" : "https://access.redhat.com/security/cve/cve-2026-32280" }, { "category" : "external", "summary" : "https://access.redhat.com/security/updates/classification", "url" : "https://access.redhat.com/security/updates/classification" }, { "category" : "external", "summary" : "https://access.redhat.com/security/updates/classification/", "url" : "https://access.redhat.com/security/updates/classification/" }, { "category" : "self", "summary" : "Canonical URL", "url" : "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_16537.json" } ], "title" : "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.3.3", "tracking" : { "current_release_date" : "2026-05-26T09:00:16+00:00", "generator" : { "date" : "2026-05-26T09:00:16+00:00", "engine" : { "name" : "Red Hat SDEngine", "version" : "4.8.1" } }, "id" : "RHSA-2026:16537", "initial_release_date" : "2026-05-12T21:15:57+00:00", "revision_history" : [ { "date" : "2026-05-12T21:15:57+00:00", "number" : "1", "summary" : "Initial version" }, { "date" : "2026-05-12T21:16:08+00:00", "number" : "2", "summary" : "Last updated version" }, { "date" : "2026-05-26T09:00:16+00:00", "number" : "3", "summary" : "Last generated version" } ], "status" : "final", "version" : "3" } }, "product_tree" : { "branches" : [ { "branches" : [ { "branches" : [ { "category" : "product_name", "name" : "Red Hat OpenShift Service Mesh 3.3", "product" : { "name" : "Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3", "product_identification_helper" : { "cpe" : "cpe:/a:redhat:service_mesh:3.3::el9" } } } ], "category" : "product_family", "name" : "Red Hat OpenShift Service Mesh" }, { "branches" : [ { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "product_identification_helper" : { "purl" : "pkg:oci/istio-sail-operator-bundle@sha256%3A23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778154600" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "product_identification_helper" : { "purl" : "pkg:oci/istio-cni-rhel9@sha256%3Af977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778007548" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "product_identification_helper" : { "purl" : "pkg:oci/istio-must-gather-rhel9@sha256%3A204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778094380" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "product_identification_helper" : { "purl" : "pkg:oci/istio-rhel9-operator@sha256%3A9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778151060" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "product_identification_helper" : { "purl" : "pkg:oci/istio-pilot-rhel9@sha256%3Adf991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778007569" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "product_identification_helper" : { "purl" : "pkg:oci/istio-proxyv2-rhel9@sha256%3A1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778012399" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "product_identification_helper" : { "purl" : "pkg:oci/istio-ztunnel-rhel9@sha256%3A3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778088671" } } } ], "category" : "architecture", "name" : "amd64" }, { "branches" : [ { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "product_identification_helper" : { "purl" : "pkg:oci/istio-cni-rhel9@sha256%3A2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778007548" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "product_identification_helper" : { "purl" : "pkg:oci/istio-must-gather-rhel9@sha256%3A2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778094380" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "product_identification_helper" : { "purl" : "pkg:oci/istio-rhel9-operator@sha256%3A40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778151060" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "product_identification_helper" : { "purl" : "pkg:oci/istio-pilot-rhel9@sha256%3A09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778007569" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "product_identification_helper" : { "purl" : "pkg:oci/istio-proxyv2-rhel9@sha256%3Aae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778012399" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64", "product_identification_helper" : { "purl" : "pkg:oci/istio-ztunnel-rhel9@sha256%3Af00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778088671" } } } ], "category" : "architecture", "name" : "arm64" }, { "branches" : [ { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "product_identification_helper" : { "purl" : "pkg:oci/istio-cni-rhel9@sha256%3Ab381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778007548" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "product_identification_helper" : { "purl" : "pkg:oci/istio-must-gather-rhel9@sha256%3A42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778094380" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "product_identification_helper" : { "purl" : "pkg:oci/istio-rhel9-operator@sha256%3Aeaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778151060" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "product_identification_helper" : { "purl" : "pkg:oci/istio-pilot-rhel9@sha256%3A4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778007569" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "product_identification_helper" : { "purl" : "pkg:oci/istio-proxyv2-rhel9@sha256%3A50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778012399" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "product_identification_helper" : { "purl" : "pkg:oci/istio-ztunnel-rhel9@sha256%3Aef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778088671" } } } ], "category" : "architecture", "name" : "ppc64le" }, { "branches" : [ { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "product_identification_helper" : { "purl" : "pkg:oci/istio-cni-rhel9@sha256%3A555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778007548" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "product_identification_helper" : { "purl" : "pkg:oci/istio-must-gather-rhel9@sha256%3Ae469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778094380" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "product_identification_helper" : { "purl" : "pkg:oci/istio-rhel9-operator@sha256%3A7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778151060" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "product_identification_helper" : { "purl" : "pkg:oci/istio-pilot-rhel9@sha256%3A861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778007569" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "product_identification_helper" : { "purl" : "pkg:oci/istio-proxyv2-rhel9@sha256%3A36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778012399" } } }, { "category" : "product_version", "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "product" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "product_id" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "product_identification_helper" : { "purl" : "pkg:oci/istio-ztunnel-rhel9@sha256%3A5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh&tag=1778088671" } } } ], "category" : "architecture", "name" : "s390x" } ], "category" : "vendor", "name" : "Red Hat" } ], "relationships" : [ { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" }, { "category" : "default_component_of", "full_product_name" : { "name" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64 as a component of Red Hat OpenShift Service Mesh 3.3", "product_id" : "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" }, "product_reference" : "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64", "relates_to_product_reference" : "Red Hat OpenShift Service Mesh 3.3" } ] }, "vulnerabilities" : [ { "cve" : "CVE-2026-27143", "cwe" : { "id" : "CWE-733", "name" : "Compiler Optimization Removal or Modification of Security-critical Code" }, "discovery_date" : "2026-04-08T02:01:29.491546+00:00", "flags" : [ { "label" : "vulnerable_code_not_present", "product_ids" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] } ], "ids" : [ { "system_name" : "Red Hat Bugzilla ID", "text" : "2456342" } ], "notes" : [ { "category" : "description", "text" : "A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.", "title" : "Vulnerability description" }, { "category" : "summary", "text" : "golang: cmd/compile: possible memory corruption after bound check elimination", "title" : "Vulnerability summary" }, { "category" : "other", "text" : "This vulnerability is only exploitable in applications that contain a loop structure that relies on an induction variable. An induction variable is a variable that gets modified, usually incremented or decremented, by a predictable amount on each iteration. Inside the loop, the induction variable must be directly used as the index to access or modify elements within an array or a slice. Additionally, an attacker must be able to cause an integer overflow or underflow in the induction variable to trigger this issue. Due to these reasons, this flaw has been rated with a moderate severity.", "title" : "Statement" }, { "category" : "general", "text" : "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title" : "CVSS score applicability" } ], "product_status" : { "fixed" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64" ], "known_not_affected" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] }, "references" : [ { "category" : "self", "summary" : "Canonical URL", "url" : "https://access.redhat.com/security/cve/CVE-2026-27143" }, { "category" : "external", "summary" : "RHBZ#2456342", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2456342" }, { "category" : "external", "summary" : "https://www.cve.org/CVERecord?id=CVE-2026-27143", "url" : "https://www.cve.org/CVERecord?id=CVE-2026-27143" }, { "category" : "external", "summary" : "https://nvd.nist.gov/vuln/detail/CVE-2026-27143", "url" : "https://nvd.nist.gov/vuln/detail/CVE-2026-27143" }, { "category" : "external", "summary" : "https://go.dev/cl/763765", "url" : "https://go.dev/cl/763765" }, { "category" : "external", "summary" : "https://go.dev/issue/78333", "url" : "https://go.dev/issue/78333" }, { "category" : "external", "summary" : "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU", "url" : "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU" }, { "category" : "external", "summary" : "https://pkg.go.dev/vuln/GO-2026-4868", "url" : "https://pkg.go.dev/vuln/GO-2026-4868" } ], "release_date" : "2026-04-08T01:06:57.168000+00:00", "remediations" : [ { "category" : "vendor_fix", "date" : "2026-05-12T21:15:57+00:00", "details" : "See Red Hat OpenShift Service Mesh 3.3.3 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3", "product_ids" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64" ], "restart_required" : { "category" : "none" }, "url" : "https://access.redhat.com/errata/RHSA-2026:16537" }, { "category" : "workaround", "details" : "To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.", "product_ids" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] } ], "scores" : [ { "cvss_v3" : { "attackComplexity" : "HIGH", "attackVector" : "NETWORK", "availabilityImpact" : "HIGH", "baseScore" : 8.1, "baseSeverity" : "HIGH", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "privilegesRequired" : "NONE", "scope" : "UNCHANGED", "userInteraction" : "NONE", "vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version" : "3.1" }, "products" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] } ], "threats" : [ { "category" : "impact", "details" : "Moderate" } ], "title" : "golang: cmd/compile: possible memory corruption after bound check elimination" }, { "cve" : "CVE-2026-27144", "cwe" : { "id" : "CWE-440", "name" : "Expected Behavior Violation" }, "discovery_date" : "2026-04-08T02:01:22.896153+00:00", "flags" : [ { "label" : "vulnerable_code_not_present", "product_ids" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] } ], "ids" : [ { "system_name" : "Red Hat Bugzilla ID", "text" : "2456340" } ], "notes" : [ { "category" : "description", "text" : "A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.", "title" : "Vulnerability description" }, { "category" : "summary", "text" : "golang: cmd/compile: no-op interface conversion bypasses overlap checking", "title" : "Vulnerability summary" }, { "category" : "other", "text" : "This issue is only exploitable in applications that contain a memory move or copy operation that is subject to a no-op (no-operation) interface conversion. Furthermore, the source and destination memory addresses involved in the move or copy must overlap and an attacker must be able to supply an input that triggers this specific operation. Due to these reasons, this flaw has been rated with a moderate severity.", "title" : "Statement" }, { "category" : "general", "text" : "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title" : "CVSS score applicability" } ], "product_status" : { "fixed" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le" ], "known_not_affected" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] }, "references" : [ { "category" : "self", "summary" : "Canonical URL", "url" : "https://access.redhat.com/security/cve/CVE-2026-27144" }, { "category" : "external", "summary" : "RHBZ#2456340", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2456340" }, { "category" : "external", "summary" : "https://www.cve.org/CVERecord?id=CVE-2026-27144", "url" : "https://www.cve.org/CVERecord?id=CVE-2026-27144" }, { "category" : "external", "summary" : "https://nvd.nist.gov/vuln/detail/CVE-2026-27144", "url" : "https://nvd.nist.gov/vuln/detail/CVE-2026-27144" }, { "category" : "external", "summary" : "https://go.dev/cl/763764", "url" : "https://go.dev/cl/763764" }, { "category" : "external", "summary" : "https://go.dev/issue/78371", "url" : "https://go.dev/issue/78371" }, { "category" : "external", "summary" : "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU", "url" : "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU" }, { "category" : "external", "summary" : "https://pkg.go.dev/vuln/GO-2026-4867", "url" : "https://pkg.go.dev/vuln/GO-2026-4867" } ], "release_date" : "2026-04-08T01:06:56.908000+00:00", "remediations" : [ { "category" : "vendor_fix", "date" : "2026-05-12T21:15:57+00:00", "details" : "See Red Hat OpenShift Service Mesh 3.3.3 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3", "product_ids" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le" ], "restart_required" : { "category" : "none" }, "url" : "https://access.redhat.com/errata/RHSA-2026:16537" }, { "category" : "workaround", "details" : "To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as 'any' or 'interface{}') just before a move operation, refactor the code to use concrete types or explicit pointers instead.", "product_ids" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] } ], "scores" : [ { "cvss_v3" : { "attackComplexity" : "HIGH", "attackVector" : "NETWORK", "availabilityImpact" : "HIGH", "baseScore" : 8.1, "baseSeverity" : "HIGH", "confidentialityImpact" : "HIGH", "integrityImpact" : "HIGH", "privilegesRequired" : "NONE", "scope" : "UNCHANGED", "userInteraction" : "NONE", "vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version" : "3.1" }, "products" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] } ], "threats" : [ { "category" : "impact", "details" : "Moderate" } ], "title" : "golang: cmd/compile: no-op interface conversion bypasses overlap checking" }, { "cve" : "CVE-2026-32280", "cwe" : { "id" : "CWE-770", "name" : "Allocation of Resources Without Limits or Throttling" }, "discovery_date" : "2026-04-08T02:01:19.572351+00:00", "flags" : [ { "label" : "vulnerable_code_not_present", "product_ids" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] } ], "ids" : [ { "system_name" : "Red Hat Bugzilla ID", "text" : "2456339" } ], "notes" : [ { "category" : "description", "text" : "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.", "title" : "Vulnerability description" }, { "category" : "summary", "text" : "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building", "title" : "Vulnerability summary" }, { "category" : "general", "text" : "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title" : "CVSS score applicability" } ], "product_status" : { "fixed" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le" ], "known_not_affected" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] }, "references" : [ { "category" : "self", "summary" : "Canonical URL", "url" : "https://access.redhat.com/security/cve/CVE-2026-32280" }, { "category" : "external", "summary" : "RHBZ#2456339", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2456339" }, { "category" : "external", "summary" : "https://www.cve.org/CVERecord?id=CVE-2026-32280", "url" : "https://www.cve.org/CVERecord?id=CVE-2026-32280" }, { "category" : "external", "summary" : "https://nvd.nist.gov/vuln/detail/CVE-2026-32280", "url" : "https://nvd.nist.gov/vuln/detail/CVE-2026-32280" }, { "category" : "external", "summary" : "https://go.dev/cl/758320", "url" : "https://go.dev/cl/758320" }, { "category" : "external", "summary" : "https://go.dev/issue/78282", "url" : "https://go.dev/issue/78282" }, { "category" : "external", "summary" : "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU", "url" : "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU" }, { "category" : "external", "summary" : "https://pkg.go.dev/vuln/GO-2026-4947", "url" : "https://pkg.go.dev/vuln/GO-2026-4947" } ], "release_date" : "2026-04-08T01:06:58.595000+00:00", "remediations" : [ { "category" : "vendor_fix", "date" : "2026-05-12T21:15:57+00:00", "details" : "See Red Hat OpenShift Service Mesh 3.3.3 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3", "product_ids" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le" ], "restart_required" : { "category" : "none" }, "url" : "https://access.redhat.com/errata/RHSA-2026:16537" } ], "scores" : [ { "cvss_v3" : { "attackComplexity" : "LOW", "attackVector" : "NETWORK", "availabilityImpact" : "HIGH", "baseScore" : 7.5, "baseSeverity" : "HIGH", "confidentialityImpact" : "NONE", "integrityImpact" : "NONE", "privilegesRequired" : "NONE", "scope" : "UNCHANGED", "userInteraction" : "NONE", "vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version" : "3.1" }, "products" : [ "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2385f2106783290403877b812edea67f861f3ebcc3b6990b070b62e94fc6dbdf_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:555317d71a6322173962d8fc912421edd6d79cd39c55d8cc9a36d1b635f9e099_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b381c0445928f2bdbdc4ca276b78c16ae1a6e19fca4d66a4d972c323c70570bb_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f977fd5abad71842f5e0e8b805ad4a1003b8dd466a39c314b2a5b9b125e567e1_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:204d15ed8b8bd170daba79fbd99861c61776df5069d2288c64781993daaca2f0_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2ca3bffba0b8f40fafcdeef1ce73da401175b3ce3893ac176f7f0ce7e9c95ac1_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:42422f5a7654c8897d554844ee2923c58ac3ebf3b23d9c11a582537e67541c99_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e469542b539575c40b1dd916f0ff1d811c5219fc42cc986f2b67a4b58661b4a7_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:09219031e9c23053aea4a582d12f8feba24acceac0d4525e3a407239492a8810_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:4db6e30d909f0c9605e51f4057284264bcad79a959428ad219b142af21e267e2_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:861d0a488fbced512a91df6e75ae6fd14fbefdeab4b7096b7e43f6f10c35de5c_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:df991997aaf4a8ca43f4938becd43520acd11de06ab101083c0a33486886f3aa_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:1b0467f4bdad9faed783036e6229b56a50111973063bcf4aaf3a602c8eeabe62_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:36d45c48ce39777c0b6229949c14df18b4200b59a581ff642b30f16dfbdab09a_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:50e5ed85ca682a6fefba0fa0138ef2aedf845fd2457c5beaf25a100f814b56c7_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ae3beff03ea771b020631e5bc7e778c84e8a0cdeffb10af5d3f8f6409b85206d_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:40f40b8b068f72525ffd293d13d24acd5172c000691cbedd7e398202872bef1c_arm64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:7015daf9e74ca4bfece7ddbc1766a18d401fd0f90cd4a9b93d6c397cabd9c35f_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9a33d18d2482eeb76a7ebd10404e54d5556cdf98d0f4fdbf54facda4ce3a8fbf_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:eaaccb1bf78df88abc6f2b16d440b24773240701aa6fef039e776e82481bc159_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:23257a094ce3fd6ec95bae0d8185ad7e17a5bf838bfc81a50375207e9a309c2d_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3ca7c5243b014d9924fd98aa03756e52839c4ba80843b1a08563509bf98d06d8_amd64", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:5684e84fb340fed6333e2f41a2a4aaa4612aaf77bb2403bf17f117d5177ad389_s390x", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:ef9ab6a6c108014df3a755c4b8b72eb9dce20a13e287ecb139100188b4d8678a_ppc64le", "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f00ee1b029961c307f294d3265699cacb16a9e055e65acabcd996b8ab479ee49_arm64" ] } ], "threats" : [ { "category" : "impact", "details" : "Important" } ], "title" : "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building" } ] }