Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Red Hat Certification Program for Red Hat Enterprise Linux 9

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2024-1394
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.92% / 75.03%
||
7 Day CHG~0.00%
Published-21 Mar, 2024 | 12:16
Updated-23 Jul, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Service Interconnect 1Red Hat Storage 3Red Hat OpenShift on AWSRed Hat Developer ToolsRed Hat OpenShift Container Platform 4.12Red Hat OpenShift Container Platform 4.14Red Hat Software CollectionsRed Hat Enterprise Linux 9.2 Extended Update SupportOpenShift Developer Tools and ServicesRed Hat Enterprise Linux 7Red Hat OpenStack Platform 17.1 for RHEL 9Red Hat OpenShift Dev SpacesRed Hat Ansible Automation Platform 2.4 for RHEL 8Red Hat OpenStack Platform 16.2Red Hat Ansible Automation Platform 2OpenShift PipelinesRed Hat OpenShift Container Platform 4.13Red Hat OpenShift Container Platform 4.15Red Hat OpenStack Platform 17.1 for RHEL 8Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Certification Program for Red Hat Enterprise Linux 9Red Hat OpenStack Platform 16.1Red Hat OpenStack Platform 17.1Red Hat Openshift Container Storage 4NBDE Tang ServerRed Hat OpenShift GitOpsRHODF-4.16-RHEL-9Red Hat Ansible Automation Platform 1.2OpenShift ServerlessRed Hat Ansible Automation Platform 2.4 for RHEL 9Red Hat Certification for Red Hat Enterprise Linux 8Red Hat OpenShift Container Platform 4Red Hat OpenShift Virtualization 4Red Hat Enterprise Linux 8Red Hat OpenStack Platform 18.0Red Hat Enterprise Linux 9
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime