Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
Created golang tracking bugs for this issue: Affects: epel-all [bug 2053432] Affects: fedora-all [bug 2053433]
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8 Via RHSA-2022:1081 https://access.redhat.com/errata/RHSA-2022:1081
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1819 https://access.redhat.com/errata/RHSA-2022:1819
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-23806
This issue has been addressed in the following products: Openshift Serverless 1 on RHEL 8 Via RHSA-2022:4860 https://access.redhat.com/errata/RHSA-2022:4860
This issue has been addressed in the following products: Openshift Serveless 1.22 Via RHSA-2022:4863 https://access.redhat.com/errata/RHSA-2022:4863
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 Via RHSA-2022:4956 https://access.redhat.com/errata/RHSA-2022:4956
This issue has been addressed in the following products: OpenShift Service Mesh 2.1 Via RHSA-2022:5004 https://access.redhat.com/errata/RHSA-2022:5004
This issue has been addressed in the following products: OpenShift Service Mesh 2.1 Via RHSA-2022:5006 https://access.redhat.com/errata/RHSA-2022:5006
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8 Via RHSA-2022:5201 https://access.redhat.com/errata/RHSA-2022:5201
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8 Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7 Via RHSA-2022:5392 https://access.redhat.com/errata/RHSA-2022:5392
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2022:5875 https://access.redhat.com/errata/RHSA-2022:5875
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Ironic content for Red Hat OpenShift Container Platform 4.11 Via RHSA-2022:5068 https://access.redhat.com/errata/RHSA-2022:5068
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2022:6094 https://access.redhat.com/errata/RHSA-2022:6094
This issue has been addressed in the following products: Red Hat OpenShift Data Foundation 4.11 on RHEL8 Via RHSA-2022:6156 https://access.redhat.com/errata/RHSA-2022:6156
This issue has been addressed in the following products: RHEL-8-CNV-4.11 Via RHSA-2022:6526 https://access.redhat.com/errata/RHSA-2022:6526
This issue has been addressed in the following products: RHEL-8-CNV-4.12 Via RHSA-2023:0408 https://access.redhat.com/errata/RHSA-2023:0408
This issue has been addressed in the following products: STF-1.5-RHEL-8 Via RHSA-2023:1529 https://access.redhat.com/errata/RHSA-2023:1529