A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Redhat
  • Ansible Automation Platform
  • Ansible Automation Platform Developer
  • Ansible Automation Platform Inside
  • Certifications
  • Container Native Virtualization
  • Devtools
  • Enterprise Linux
  • Network Bound Disk Encryption Tang
  • Ocp Tools
  • Openshift
  • Openshift Container Storage
  • Openshift Data Foundation
  • Openshift Devspaces
  • Openshift Gitops
  • Openshift Pipelines
  • Openshift Service On Aws
  • Openstack
  • Rhel E4s
  • Rhel Eus
  • Rhel Software Collections
  • Serverless
  • Service Interconnect
  • Storage

No data.

Package CPE Advisory Released Date
Red Hat Ansible Automation Platform 2.4 for RHEL 8
receptor-0:1.4.5-1.el8ap cpe:/a:redhat:ansible_automation_platform:2.4::el8 RHSA-2024:1640 2024-04-02T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 9
receptor-0:1.4.5-1.el9ap cpe:/a:redhat:ansible_automation_platform:2.4::el9 RHSA-2024:1640 2024-04-02T00:00:00Z
Red Hat Developer Tools
go-toolset-1.19-golang-0:1.19.13-6.el7_9 cpe:/a:redhat:devtools:2023::el7 RHSA-2024:1468 2024-03-21T00:00:00Z
Red Hat Enterprise Linux 8
go-toolset:rhel8-8090020240313170136.26eb71ac cpe:/a:redhat:enterprise_linux:8 RHSA-2024:1472 2024-03-21T00:00:00Z
grafana-pcp-0:5.1.1-2.el8_9 cpe:/a:redhat:enterprise_linux:8 RHSA-2024:1644 2024-04-02T00:00:00Z
grafana-0:9.2.10-8.el8_9 cpe:/a:redhat:enterprise_linux:8 RHSA-2024:1646 2024-04-02T00:00:00Z
grafana-0:9.2.10-16.el8_10 cpe:/a:redhat:enterprise_linux:8 RHSA-2024:3265 2024-05-22T00:00:00Z
container-tools:rhel8-8100020240808093819.afee755d cpe:/a:redhat:enterprise_linux:8 RHSA-2024:5258 2024-08-13T00:00:00Z
osbuild-composer-0:101-2.el8_10 cpe:/a:redhat:enterprise_linux:8 RHSA-2024:7262 2024-09-26T00:00:00Z
Red Hat Enterprise Linux 9
golang-0:1.20.12-2.el9_3 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:1462 2024-03-21T00:00:00Z
grafana-0:9.2.10-8.el9_3 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:1501 2024-03-25T00:00:00Z
grafana-pcp-0:5.1.1-2.el9_3 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:1502 2024-03-25T00:00:00Z
golang-0:1.21.9-2.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:2562 2024-04-30T00:00:00Z
grafana-0:9.2.10-16.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:2568 2024-04-30T00:00:00Z
grafana-pcp-0:5.1.1-2.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:2569 2024-04-30T00:00:00Z
buildah-2:1.33.7-3.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:4371 2024-07-08T00:00:00Z
podman-4:4.9.4-5.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:4378 2024-07-08T00:00:00Z
gvisor-tap-vsock-6:0.7.3-4.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:4379 2024-07-08T00:00:00Z
skopeo-2:1.14.3-3.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:4502 2024-07-15T00:00:00Z
containernetworking-plugins-1:1.4.0-4.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:4761 2024-07-23T00:00:00Z
runc-4:1.1.12-3.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:4762 2024-07-23T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
podman-2:4.2.0-4.el9_0 cpe:/a:redhat:rhel_e4s:9.0 RHSA-2024:4581 2024-07-16T00:00:00Z
containernetworking-plugins-1:1.0.1-6.el9_0 cpe:/a:redhat:rhel_e4s:9.0 RHSA-2024:4672 2024-07-22T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
golang-0:1.19.13-7.el9_2 cpe:/a:redhat:rhel_eus:9.2 RHSA-2024:4146 2024-06-27T00:00:00Z
podman-2:4.4.1-20.el9_2 cpe:/a:redhat:rhel_eus:9.2 RHSA-2024:5634 2024-08-20T00:00:00Z
Red Hat OpenShift Container Platform 4.12
buildah-1:1.23.4-5.2.rhaos4.12.el8 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
butane-0:0.16.0-2.2.rhaos4.12.el8 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
containernetworking-plugins-1:1.4.0-1.1.rhaos4.12.el8 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
cri-o-0:1.25.5-13.1.rhaos4.12.git76343da.el8 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
cri-tools-0:1.25.0-2.2.el9 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
ignition-0:2.14.0-5.2.rhaos4.12.el9 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
openshift-clients-0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
podman-3:4.2.0-7.2.rhaos4.12.el9 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
runc-3:1.1.6-5.2.rhaos4.12.el8 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
skopeo-2:1.9.4-3.2.rhaos4.12.el9 cpe:/a:redhat:openshift:4.12::el8 RHSA-2024:1574 2024-04-03T00:00:00Z
Red Hat OpenShift Container Platform 4.13
buildah-1:1.29.1-2.2.rhaos4.13.el9 cpe:/a:redhat:openshift:4.13::el8 RHSA-2024:1763 2024-04-18T00:00:00Z
containernetworking-plugins-1:1.4.0-1.1.rhaos4.13.el8 cpe:/a:redhat:openshift:4.13::el8 RHSA-2024:1763 2024-04-18T00:00:00Z
cri-o-0:1.26.5-11.1.rhaos4.13.git919cc6e.el9 cpe:/a:redhat:openshift:4.13::el8 RHSA-2024:1763 2024-04-18T00:00:00Z
cri-tools-0:1.26.0-4.2.el9 cpe:/a:redhat:openshift:4.13::el8 RHSA-2024:1763 2024-04-18T00:00:00Z
ignition-0:2.15.0-7.1.rhaos4.13.el9 cpe:/a:redhat:openshift:4.13::el8 RHSA-2024:1763 2024-04-18T00:00:00Z
openshift-clients-0:4.13.0-202404020737.p0.gd192e90.assembly.stream.el9 cpe:/a:redhat:openshift:4.13::el8 RHSA-2024:1763 2024-04-18T00:00:00Z
podman-3:4.4.1-5.2.rhaos4.13.el8 cpe:/a:redhat:openshift:4.13::el8 RHSA-2024:1763 2024-04-18T00:00:00Z
runc-4:1.1.12-1.1.rhaos4.13.el8 cpe:/a:redhat:openshift:4.13::el8 RHSA-2024:1763 2024-04-18T00:00:00Z
skopeo-2:1.11.2-2.2.rhaos4.13.el8 cpe:/a:redhat:openshift:4.13::el8 RHSA-2024:1763 2024-04-18T00:00:00Z
Red Hat OpenShift Container Platform 4.14
butane-0:0.19.0-1.3.rhaos4.14.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1567 2024-04-03T00:00:00Z
containernetworking-plugins-1:1.4.0-1.2.rhaos4.14.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1567 2024-04-03T00:00:00Z
cri-o-0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1567 2024-04-03T00:00:00Z
cri-tools-0:1.27.0-3.1.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1567 2024-04-03T00:00:00Z
ignition-0:2.16.2-2.1.rhaos4.14.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1567 2024-04-03T00:00:00Z
openshift-clients-0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1567 2024-04-03T00:00:00Z
ose-aws-ecr-image-credential-provider-0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1567 2024-04-03T00:00:00Z
podman-3:4.4.1-11.3.rhaos4.14.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1567 2024-04-03T00:00:00Z
skopeo-2:1.11.2-10.3.rhaos4.14.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1567 2024-04-03T00:00:00Z
buildah-1:1.29.1-10.4.rhaos4.14.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
butane-0:0.19.0-1.4.rhaos4.14.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
conmon-3:2.1.7-3.4.rhaos4.14.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
containernetworking-plugins-1:1.4.0-1.3.rhaos4.14.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
cri-o-0:1.27.4-7.2.rhaos4.14.git082c52f.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
cri-tools-0:1.27.0-3.2.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
ignition-0:2.16.2-2.2.rhaos4.14.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
openshift-0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
openshift4-aws-iso-0:4.14.0-202404151639.p0.gd2acdd5.assembly.stream.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
openshift-ansible-0:4.14.0-202404151639.p0.g81558cc.assembly.stream.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
openshift-clients-0:4.14.0-202404151639.p0.gf7b14a9.assembly.stream.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
openshift-kuryr-0:4.14.0-202404151639.p0.g8926a29.assembly.stream.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
ose-aws-ecr-image-credential-provider-0:4.14.0-202404151639.p0.g607e2dd.assembly.stream.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
podman-3:4.4.1-11.4.rhaos4.14.el9 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
runc-4:1.1.12-1.2.rhaos4.14.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
skopeo-2:1.11.2-10.4.rhaos4.14.el8 cpe:/a:redhat:openshift:4.14::el8 RHSA-2024:1897 2024-04-26T00:00:00Z
microshift-0:4.14.19-202403280926.p0.gc1f8861.assembly.4.14.19.el9 cpe:/a:redhat:openshift:4.14::el9 RHSA-2024:1566 2024-04-03T00:00:00Z
rhcos-414.92.202407300859-0 cpe:/a:redhat:openshift:4.14::el9 RHSA-2024:4960 2024-08-07T00:00:00Z
Red Hat OpenShift Container Platform 4.15
buildah-1:1.29.1-20.3.rhaos4.15.el8 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
butane-0:0.20.0-1.1.rhaos4.15.el8 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
containernetworking-plugins-1:1.4.0-1.2.rhaos4.15.el8 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
cri-o-0:1.28.4-8.rhaos4.15.git24f50b9.el9 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
cri-tools-0:1.28.0-3.1.el9 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
ignition-0:2.16.2-2.1.rhaos4.15.el9 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
openshift-clients-0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
ose-aws-ecr-image-credential-provider-0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el9 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
podman-3:4.4.1-21.1.rhaos4.15.el9 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
runc-4:1.1.12-1.1.rhaos4.15.el9 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
skopeo-2:1.11.2-21.2.rhaos4.15.el9 cpe:/a:redhat:openshift:4.15::el8 RHSA-2024:1563 2024-04-02T00:00:00Z
microshift-0:4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9 cpe:/a:redhat:openshift:4.15::el9 RHSA-2024:1561 2024-04-02T00:00:00Z
rhcos-415.92.202407191425-0 cpe:/a:redhat:openshift:4.15::el9 RHSA-2024:4699 2024-07-25T00:00:00Z
Red Hat OpenStack Platform 16.2
etcd-0:3.3.23-16.el8ost cpe:/a:redhat:openstack:16.2::el8 RHSA-2024:3352 2024-05-23T00:00:00Z
Red Hat OpenStack Platform 17.1 for RHEL 8
collectd-sensubility-0:0.2.1-3.el8ost cpe:/a:redhat:openstack:17.1::el8 RHSA-2024:2767 2024-05-22T00:00:00Z
Red Hat OpenStack Platform 17.1 for RHEL 9
etcd-0:3.4.26-8.el9ost cpe:/a:redhat:openstack:17.1::el9 RHSA-2024:2729 2024-05-22T00:00:00Z
collectd-sensubility-0:0.2.1-3.el9ost cpe:/a:redhat:openstack:17.1::el9 RHSA-2024:2730 2024-05-22T00:00:00Z
RHODF-4.16-RHEL-9
odf4/mcg-operator-bundle:v4.16.0-137 cpe:/a:redhat:openshift_data_foundation:4.16::el9 RHSA-2024:4591 2024-07-17T00:00:00Z
odf4/mcg-rhel9-operator:v4.16.0-38 cpe:/a:redhat:openshift_data_foundation:4.16::el9 RHSA-2024:4591 2024-07-17T00:00:00Z
References
Link Providers
https://access.redhat.com/errata/RHSA-2024:1462 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1468 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1472 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1501 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1502 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1561 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1563 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1566 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1567 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1574 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1640 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1644 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1646 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1763 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1897 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2562 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2568 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2569 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2729 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2730 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2767 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3265 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3352 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4146 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4371 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4378 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4379 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4502 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4581 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4591 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4672 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4699 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4761 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4762 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4960 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:5258 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:5634 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:7262 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-1394 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2262921 cve-icon cve-icon
https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136 cve-icon cve-icon cve-icon
https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6 cve-icon cve-icon cve-icon
https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-1394 cve-icon
https://pkg.go.dev/vuln/GO-2024-2660 cve-icon cve-icon cve-icon
https://vuln.go.dev/ID/GO-2024-2660.json cve-icon cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-1394 cve-icon
History

Thu, 26 Sep 2024 23:15:00 +0000

Type Values Removed Values Added
References

Mon, 23 Sep 2024 05:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 21 Aug 2024 04:00:00 +0000

Type Values Removed Values Added
References

Tue, 13 Aug 2024 16:30:00 +0000

Type Values Removed Values Added
References

Wed, 07 Aug 2024 16:45:00 +0000

Type Values Removed Values Added
References
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-03-21T12:16:38.790Z

Updated: 2024-11-13T23:21:38.990Z

Reserved: 2024-02-09T06:02:35.056Z

Link: CVE-2024-1394

cve-icon Vulnrichment

Updated: 2024-08-01T18:40:20.583Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-21T13:00:08.037

Modified: 2024-09-26T23:15:02.303

Link: CVE-2024-1394

cve-icon Redhat

Severity : Important

Publid Date: 2024-03-20T00:00:00Z

Links: CVE-2024-1394 - Bugzilla