RHSA-2026:16505
Vulnerability from csaf_redhat - Published: 2026-05-12 19:48 - Updated: 2026-05-29 09:00Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.8
Severity
Important
Notes
Topic: Red Hat OpenShift Service Mesh 3.1.8
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Service Mesh 3.1.8, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.
Fixes/Improvements:
* OSSM 3 Operator icon missing from OperatorHub catalog in OCP console (OSSM-13028)
Security Fix(es):
* istio-rhel9-operator: possible memory corruption after bound check elimination (CVE-2026-27143)
* istio-proxyv2-rhel9: possible memory corruption after bound check elimination (CVE-2026-27143)
* istio-pilot-rhel9: possible memory corruption after bound check elimination (CVE-2026-27143)
* istio-cni-rhel9: possible memory corruption after bound check elimination (CVE-2026-27143)
* istio-rhel9-operator: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* istio-proxyv2-rhel9: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* istio-pilot-rhel9: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* istio-cni-rhel9: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* istio-rhel9-operator: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* istio-pilot-rhel9: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* istio-cni-rhel9: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.
8.1 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.
8.1 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64 | — |
Threats
Impact
Important
References
32 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.1.8\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.1.8, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nFixes/Improvements:\n\n* OSSM 3 Operator icon missing from OperatorHub catalog in OCP console (OSSM-13028)\n\nSecurity Fix(es):\n\n* istio-rhel9-operator: possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* istio-proxyv2-rhel9: possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* istio-pilot-rhel9: possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* istio-cni-rhel9: possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* istio-rhel9-operator: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* istio-proxyv2-rhel9: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* istio-pilot-rhel9: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* istio-cni-rhel9: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* istio-rhel9-operator: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* istio-pilot-rhel9: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* istio-cni-rhel9: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:16505",
"url": "https://access.redhat.com/errata/RHSA-2026:16505"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27143",
"url": "https://access.redhat.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27144",
"url": "https://access.redhat.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-27143",
"url": "https://access.redhat.com/security/cve/cve-2026-27143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-27144",
"url": "https://access.redhat.com/security/cve/cve-2026-27144"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-32280",
"url": "https://access.redhat.com/security/cve/cve-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_16505.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.8",
"tracking": {
"current_release_date": "2026-05-29T09:00:20+00:00",
"generator": {
"date": "2026-05-29T09:00:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:16505",
"initial_release_date": "2026-05-12T19:48:56+00:00",
"revision_history": [
{
"date": "2026-05-12T19:48:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-12T19:48:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T09:00:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.1",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3A9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778154273"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777884045"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778094470"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Ac96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778149657"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777884022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ad8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778125216"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview\u0026tag=1777964285"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777884045"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Aa2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778094470"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778149657"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777884022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ae12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778125216"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Ab83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview\u0026tag=1777964285"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777884045"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778094470"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Af0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778149657"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777884022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ad7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778125216"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview\u0026tag=1777964285"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777884045"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778094470"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778149657"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777884022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Aa67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1778125216"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview\u0026tag=1777964285"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27143",
"cwe": {
"id": "CWE-733",
"name": "Compiler Optimization Removal or Modification of Security-critical Code"
},
"discovery_date": "2026-04-08T02:01:29.491546+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: possible memory corruption after bound check elimination",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is only exploitable in applications that contain a loop structure that relies on an induction variable. An induction variable is a variable that gets modified, usually incremented or decremented, by a predictable amount on each iteration. Inside the loop, the induction variable must be directly used as the index to access or modify elements within an array or a slice. Additionally, an attacker must be able to cause an integer overflow or underflow in the induction variable to trigger this issue. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "RHBZ#2456342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"category": "external",
"summary": "https://go.dev/cl/763765",
"url": "https://go.dev/cl/763765"
},
{
"category": "external",
"summary": "https://go.dev/issue/78333",
"url": "https://go.dev/issue/78333"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4868",
"url": "https://pkg.go.dev/vuln/GO-2026-4868"
}
],
"release_date": "2026-04-08T01:06:57.168000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-12T19:48:56+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.8 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16505"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: possible memory corruption after bound check elimination"
},
{
"cve": "CVE-2026-27144",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2026-04-08T02:01:22.896153+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: no-op interface conversion bypasses overlap checking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable in applications that contain a memory move or copy operation that is subject to a no-op (no-operation) interface conversion. Furthermore, the source and destination memory addresses involved in the move or copy must overlap and an attacker must be able to supply an input that triggers this specific operation. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "RHBZ#2456340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"category": "external",
"summary": "https://go.dev/cl/763764",
"url": "https://go.dev/cl/763764"
},
{
"category": "external",
"summary": "https://go.dev/issue/78371",
"url": "https://go.dev/issue/78371"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4867",
"url": "https://pkg.go.dev/vuln/GO-2026-4867"
}
],
"release_date": "2026-04-08T01:06:56.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-12T19:48:56+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.8 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16505"
},
{
"category": "workaround",
"details": "To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as \u0027any\u0027 or \u0027interface{}\u0027) just before a move operation, refactor the code to use concrete types or explicit pointers instead.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: no-op interface conversion bypasses overlap checking"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-12T19:48:56+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.8 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16505"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:44b66e1afa72c24167382ba2e71dfad9a197f4878074a8fff2e3f0ddae930e49_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5afab7e3267c6803839c2b96b00d715e3b327588485ecee7b23d8e3513ac15f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:5e76c624c73bf4f33aed2871e03d90cd8b5fb60e56165af0f501858b47594b9f_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:b83715ebf0a7b233b53ee600ee0062f3967bec57a84a55d0255734979a0120af_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1164507052fa1be4b0f85d2f1474b80aa39744b6e651b3a06629980fceb44021_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4c954b01fa50e61194c19b4ec33d72f7b2d51cb561c8553328bd087742a0915d_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:69489685a5d09b90fea6a502bfe00aa288c6e74c552469e127a5693923e0fa1e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:989055e4981041419a61eab47e35d2e7e290855907657b32cf2de51490eafa18_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:3fce9db7529ea1b3c7b8edc40e18e6a32ccf5bb1501425ffe141837c19309287_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:6a300b4b9b1954020ba5876f91caca93ee2bc0da2c7059aaad40c3b264b59e8b_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84558fd223caace930e314c5ad288f3680fc6d925c90409e11f85c846c211890_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a2544534e61d95a2f5592197f70201183e5dacff68ba50aebddeb8d52219f839_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1b9d054f45c6f2b27396c12752cce412263565a1d54220c37b6906f4049aadab_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:1fb621c913ee0b8a724852268a93a69522addeabaa3f611589c4dc8a227ab740_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:6fe2fee491444040c87cac2a9cb7e856d0c29ad02dea9e7f7490d14af120c028_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:85542d8ec656bda1029e634a6178ab9a24e608aca1470dfb45d621a78f0026ea_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a67c6be11ac4b3fe06555c95376bd73eb367e841e87237ff3e0e66ed9479f338_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7016c8a7d14fe6355ad30b34a9bafca73e58beae82e2ec78abd46cda10588a0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d8afbf5abad2a584664f5749330ba50da76ac07d415a2fb1d070f73620e5ba90_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e12b2cfcc3819305c9ece2e424565ca1fb7703026261db422546b76dab1c4960_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4d96bfc97e205ba0cf2ddb03a99240fd6dd90d28bb7cdf25f0d32a99dc8891dd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87213878db431672b26cd65a20d372866bbe7505b991483b77da8db6e9605796_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:c96e66abac88022833d4052b4a30570026878fa7912317ae2984f944bfe400e9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:f0f3cd9f23cf174b94120dc40999112f829a5a77b03071def745f3283cd901f7_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:9c54dfb403dd08f7d72e066c4340d0e3143f29839d7df5485942b789f238e1ff_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…