Denial of Service vulnerability in certificate chain building
Summary
Denial of Service vulnerability in certificate chain building. Red Hat rates this important (CVSS 7.5). Weakness: CWE-770. Affected package(s): rhc, openshift-service-mesh/pilot-rhel8:1777319850, openshift-service-mesh/istio-rhel9-operator:1778149657, grafana-pcp, openshift-service-mesh/istio-cni-rhel8:1777374598, rhtas/client-server-rhel9:1780399582. Resolved in Red Hat advisory RHSA-2026:11507 — update the affected packages (`sudo dnf update`).
- rhc-1:0.2.5-7.el8_10
- openshift-service-mesh/pilot-rhel8:1777319850
- openshift-service-mesh/istio-rhel9-operator:1778149657
- grafana-pcp-0:5.1.1-14.el9_6
- openshift-service-mesh/istio-cni-rhel8:1777374598
- rhtas/client-server-rhel9:1780399582
- skopeo-2:1.22.2-2.el10_2
- host-metering-0:1.4.0-7.el7_9
- container-tools:rhel8-8060020260515174849.ad008a3a
- quay/quay-rhel9:1779922205
- openshift-service-mesh/istio-rhel9-operator:1778151060
- quay/quay-rhel8:1779822261
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
- RHSA-2026:11507
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
Mitigation checklist
- Update the affected package(s) to the fixed version shipped in RHSA-2026:11507 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 5 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.