VIR Vulnerability Intelligence Relay

CVE-2024-1394

high
Published 2024-03-21 · Modified 2024-05-07
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS v2
VIR risk
8.0

Description

Important: golang security update

Predictions

Exploit likelihood
30%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-2562.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2268273

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2268022

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2268018

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-2568.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-3265.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2271903

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:3265

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-5258.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2295010

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2294000

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2292668

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2274767

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2268021

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2268019

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2268017

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:5258

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-4761.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-4379.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-4762.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-2569.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-4371.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-1502.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-4502.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-1501.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-7118.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2315719

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2310529

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-4378.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-1462.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-7262.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2310528

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:7262

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-1646.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:1646

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-1644.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:1644

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-1472.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2262921

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:1472

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:1502

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:2568

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:2562

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:2569

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:4502

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:1472

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:1644

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:1646

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLBA-2024:3266

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:3265

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:5258

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:7262

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:7118

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:4762

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:4761

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:4502

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:4379

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:4378

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:4371

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:2569

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:2568

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:2562

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:1502

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:1501

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:1462

Mitigation details

Source: Red Hat Errata — Red Hat Inc. · View original ↗ · Open-Errata-API

Description golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads Red Hat statement The majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a "Moderate" level of impact. CVSS v3: 7.5…

Description

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

Red Hat statement

The majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a "Moderate" level of impact.

CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Errata / fixed releases

ProductPackageAdvisoryReleased
Red Hat Ansible Automation Platform 2.4 for RHEL 8receptor-0:1.4.5-1.el8apRHSA-2024:16402024-04-02T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 9receptor-0:1.4.5-1.el9apRHSA-2024:16402024-04-02T00:00:00Z
Red Hat Developer Toolsgo-toolset-1.19-golang-0:1.19.13-6.el7_9RHSA-2024:14682024-03-21T00:00:00Z
Red Hat Enterprise Linux 8go-toolset:rhel8-8090020240313170136.26eb71acRHSA-2024:14722024-03-21T00:00:00Z
Red Hat Enterprise Linux 8grafana-pcp-0:5.1.1-2.el8_9RHSA-2024:16442024-04-02T00:00:00Z
Red Hat Enterprise Linux 8grafana-0:9.2.10-8.el8_9RHSA-2024:16462024-04-02T00:00:00Z
Red Hat Enterprise Linux 8grafana-0:9.2.10-16.el8_10RHSA-2024:32652024-05-22T00:00:00Z
Red Hat Enterprise Linux 8container-tools:rhel8-8100020240808093819.afee755dRHSA-2024:52582024-08-13T00:00:00Z
Red Hat Enterprise Linux 8osbuild-composer-0:101-2.el8_10RHSA-2024:72622024-09-26T00:00:00Z
Red Hat Enterprise Linux 9golang-0:1.20.12-2.el9_3RHSA-2024:14622024-03-21T00:00:00Z
Red Hat Enterprise Linux 9grafana-0:9.2.10-8.el9_3RHSA-2024:15012024-03-25T00:00:00Z
Red Hat Enterprise Linux 9grafana-pcp-0:5.1.1-2.el9_3RHSA-2024:15022024-03-25T00:00:00Z
Red Hat Enterprise Linux 9golang-0:1.21.9-2.el9_4RHSA-2024:25622024-04-30T00:00:00Z
Red Hat Enterprise Linux 9grafana-0:9.2.10-16.el9_4RHSA-2024:25682024-04-30T00:00:00Z
Red Hat Enterprise Linux 9grafana-pcp-0:5.1.1-2.el9_4RHSA-2024:25692024-04-30T00:00:00Z
Red Hat Enterprise Linux 9buildah-2:1.33.7-3.el9_4RHSA-2024:43712024-07-08T00:00:00Z
Red Hat Enterprise Linux 9podman-4:4.9.4-5.el9_4RHSA-2024:43782024-07-08T00:00:00Z
Red Hat Enterprise Linux 9gvisor-tap-vsock-6:0.7.3-4.el9_4RHSA-2024:43792024-07-08T00:00:00Z
Red Hat Enterprise Linux 9skopeo-2:1.14.3-3.el9_4RHSA-2024:45022024-07-15T00:00:00Z
Red Hat Enterprise Linux 9containernetworking-plugins-1:1.4.0-4.el9_4RHSA-2024:47612024-07-23T00:00:00Z
Red Hat Enterprise Linux 9runc-4:1.1.12-3.el9_4RHSA-2024:47622024-07-23T00:00:00Z
Red Hat Enterprise Linux 9osbuild-composer-0:132-1.el9RHSA-2025:71182025-05-13T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutionspodman-2:4.2.0-4.el9_0RHSA-2024:45812024-07-16T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutionscontainernetworking-plugins-1:1.0.1-6.el9_0RHSA-2024:46722024-07-22T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Supportgolang-0:1.19.13-7.el9_2RHSA-2024:41462024-06-27T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Supportpodman-2:4.4.1-20.el9_2RHSA-2024:56342024-08-20T00:00:00Z
Red Hat OpenShift Container Platform 4.12buildah-1:1.23.4-5.2.rhaos4.12.el8RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.12butane-0:0.16.0-2.2.rhaos4.12.el8RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.12containernetworking-plugins-1:1.4.0-1.1.rhaos4.12.el8RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.12cri-o-0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.12cri-tools-0:1.25.0-2.2.el8RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.12ignition-0:2.14.0-5.2.rhaos4.12.el9RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.12openshift-clients-0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el8RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.12podman-3:4.2.0-7.2.rhaos4.12.el9RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.12runc-3:1.1.6-5.2.rhaos4.12.el8RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.12skopeo-2:1.9.4-3.2.rhaos4.12.el8RHSA-2024:15742024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.13buildah-1:1.29.1-2.2.rhaos4.13.el8RHSA-2024:17632024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.13containernetworking-plugins-1:1.4.0-1.1.rhaos4.13.el8RHSA-2024:17632024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.13cri-o-0:1.26.5-11.1.rhaos4.13.git919cc6e.el8RHSA-2024:17632024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.13cri-tools-0:1.26.0-4.1.el8RHSA-2024:17632024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.13ignition-0:2.15.0-7.1.rhaos4.13.el9RHSA-2024:17632024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.13openshift-clients-0:4.13.0-202404020737.p0.gd192e90.assembly.stream.el8RHSA-2024:17632024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.13podman-3:4.4.1-5.2.rhaos4.13.el8RHSA-2024:17632024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.13runc-4:1.1.12-1.1.rhaos4.13.el8RHSA-2024:17632024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.13skopeo-2:1.11.2-2.2.rhaos4.13.el8RHSA-2024:17632024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.14butane-0:0.19.0-1.3.rhaos4.14.el8RHSA-2024:15672024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.14containernetworking-plugins-1:1.4.0-1.2.rhaos4.14.el8RHSA-2024:15672024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.14cri-o-0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el8RHSA-2024:15672024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.14cri-tools-0:1.27.0-3.1.el8RHSA-2024:15672024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.14ignition-0:2.16.2-2.1.rhaos4.14.el9RHSA-2024:15672024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.14openshift-clients-0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el8RHSA-2024:15672024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.14ose-aws-ecr-image-credential-provider-0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el8RHSA-2024:15672024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.14podman-3:4.4.1-11.3.rhaos4.14.el8RHSA-2024:15672024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.14skopeo-2:1.11.2-10.3.rhaos4.14.el8RHSA-2024:15672024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.14buildah-1:1.29.1-10.4.rhaos4.14.el8RHSA-2024:18972024-04-26T00:00:00Z
Red Hat OpenShift Container Platform 4.14butane-0:0.19.0-1.4.rhaos4.14.el8RHSA-2024:18972024-04-26T00:00:00Z
Red Hat OpenShift Container Platform 4.14conmon-3:2.1.7-3.4.rhaos4.14.el8RHSA-2024:18972024-04-26T00:00:00Z
Red Hat OpenShift Container Platform 4.14containernetworking-plugins-1:1.4.0-1.3.rhaos4.14.el8RHSA-2024:18972024-04-26T00:00:00Z
Red Hat OpenShift Container Platform 4.14cri-o-0:1.27.4-7.2.rhaos4.14.git082c52f.el8RHSA-2024:18972024-04-26T00:00:00Z
Red Hat OpenShift Container Platform 4.14cri-tools-0:1.27.0-3.2.el8RHSA-2024:18972024-04-26T00:00:00Z

Package state

ProductPackageState
NBDE Tang Servertang-operator-bundle-containerWill not fix
OpenShift Developer Tools and ServiceshelmAffected
OpenShift Developer Tools and ServicesodoWill not fix
OpenShift Pipelinesopenshift-pipelines-clientNot affected
OpenShift Serverlessopenshift-serverless-clientsAffected
Red Hat Ansible Automation Platform 1.2helmWill not fix
Red Hat Ansible Automation Platform 1.2openshift-clientsWill not fix
Red Hat Certification for Red Hat Enterprise Linux 8redhat-certification-preflightFix deferred
Red Hat Certification Program for Red Hat Enterprise Linux 9redhat-certification-preflightFix deferred
Red Hat Enterprise Linux 7buildahOut of support scope
Red Hat Enterprise Linux 7containernetworking-pluginsOut of support scope
Red Hat Enterprise Linux 7host-meteringOut of support scope
Red Hat Enterprise Linux 7podmanOut of support scope
Red Hat Enterprise Linux 7rhc-worker-scriptOut of support scope
Red Hat Enterprise Linux 7skopeoOut of support scope
Red Hat Enterprise Linux 8container-tools:4.0/buildahNot affected
Red Hat Enterprise Linux 8container-tools:4.0/conmonNot affected
Red Hat Enterprise Linux 8container-tools:4.0/containernetworking-pluginsNot affected
Red Hat Enterprise Linux 8container-tools:4.0/podmanNot affected
Red Hat Enterprise Linux 8container-tools:4.0/runcNot affected
Red Hat Enterprise Linux 8container-tools:4.0/skopeoNot affected
Red Hat Enterprise Linux 8container-tools:4.0/toolboxNot affected
Red Hat Enterprise Linux 8git-lfsNot affected
Red Hat Enterprise Linux 8rhcNot affected
Red Hat Enterprise Linux 8weldr-clientNot affected
Red Hat Enterprise Linux 9butaneWill not fix
Red Hat Enterprise Linux 9conmonNot affected
Red Hat Enterprise Linux 9git-lfsNot affected
Red Hat Enterprise Linux 9ignitionWill not fix
Red Hat Enterprise Linux 9toolboxNot affected
Red Hat Enterprise Linux 9weldr-clientNot affected
Red Hat OpenShift Container Platform 4conmon-rsNot affected
Red Hat OpenShift Container Platform 4golang-github-prometheus-promuNot affected
Red Hat OpenShift Container Platform 4lifecycle-agent-operator-bundle-containerNot affected
Red Hat OpenShift Container Platform 4openshift4/bare-metal-event-relay-operator-bundleOut of support scope
Red Hat OpenShift Container Platform 4openshift4/numaresources-operator-bundleNot affected
Red Hat OpenShift Container Platform 4openshift4/ose-cluster-machine-approver-rhel9Not affected
Red Hat OpenShift Container Platform 4rhcosAffected
Red Hat Openshift Container Storage 4mcgOut of support scope
Red Hat OpenShift Dev Spacesdevspaces/machineexec-rhel8Affected
Red Hat OpenShift GitOpsopenshift-gitops-1/gitops-operator-bundleWill not fix
Red Hat OpenShift on AWSrosaAffected
Red Hat OpenShift Virtualization 4kubevirtNot affected
Red Hat OpenStack Platform 16.1etcdOut of support scope
Red Hat OpenStack Platform 16.1golang-qpid-apacheWill not fix
Red Hat OpenStack Platform 16.1qpid-protonNot affected
Red Hat OpenStack Platform 16.2golang-github-infrawatch-apputilsWill not fix
Red Hat OpenStack Platform 16.2golang-qpid-apacheWill not fix
Red Hat OpenStack Platform 16.2qpid-protonNot affected
Red Hat OpenStack Platform 17.1golang-github-infrawatch-apputilsAffected
Red Hat OpenStack Platform 17.1golang-qpid-apacheWill not fix
Red Hat OpenStack Platform 17.1qpid-protonNot affected
Red Hat OpenStack Platform 18.0etcdWill not fix
Red Hat Service Interconnect 1qpid-protonWill not fix
Red Hat Service Interconnect 1skupper-cliAffected
Red Hat Service Interconnect 1skupper-routerWill not fix
Red Hat Software Collectionsrh-git227-git-lfsNot affected
Red Hat Storage 3heketiOut of support scope

Apply commands

bash fix
Apply RHSA-2024:1640 for Red Hat Ansible Automation Platform 2.4 for RHEL 8
yum update -y receptor
# or:
dnf upgrade -y receptor

Affected

VendorProductVersion
redhatOpenShift Developer Tools and ServicesAffected
redhatOpenShift PipelinesNot affected
redhatOpenShift ServerlessAffected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 9Not affected
redhatRed Hat Enterprise Linux 9Not affected
redhatRed Hat Enterprise Linux 9Not affected
redhatRed Hat Enterprise Linux 9Not affected
redhatRed Hat OpenShift Container Platform 4Not affected
redhatRed Hat OpenShift Container Platform 4Not affected
redhatRed Hat OpenShift Container Platform 4Not affected
redhatRed Hat OpenShift Container Platform 4Not affected
redhatRed Hat OpenShift Container Platform 4Not affected
redhatRed Hat OpenShift Container Platform 4Affected
redhatRed Hat OpenShift Dev SpacesAffected
redhatRed Hat OpenShift on AWSAffected
redhatRed Hat OpenShift Virtualization 4Not affected
redhatRed Hat OpenStack Platform 16.1Not affected
redhatRed Hat OpenStack Platform 16.2Not affected
redhatRed Hat OpenStack Platform 17.1Affected
redhatRed Hat OpenStack Platform 17.1Not affected

OS impact
OSVersionStatusFixed in
redhat rhel9fixed
rockylinux rocky8fixed
rockylinux rocky9fixed

Package impact
EcosystemPackageVulnerableFixed
golang Gogithub.com/golang-fips/go<=1.22.1
golang Gogithub.com/golang-fips/openssl/v2<2.0.12.0.1
golang Gogithub.com/microsoft/go-crypto-openssl<=0.2.8
golang Gogithub.com/microsoft/go-crypto-openssl/openssl<0.2.90.2.9
golang Gogithub.com/microsoft/go-crypto-openssl<0.2.90.2.9

References

Verify integrity in audit chain (admin only). AS-IS.