CVE-2021-27918

encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name	Vendor	Start Version	End Version
Go	Golang	*	1.15.9 (excluding)
Go	Golang	1.16.0 (including)	1.16.1 (excluding)
Openshift Serveless 1.16	RedHat	openshift-serverless-1/client-kn-rhel8:0.22.0-4	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-controller-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-mtbroker-filter-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-mtbroker-ingress-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-mtchannel-broker-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-mtping-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-storage-version-migration-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-sugar-controller-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/eventing-webhook-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/ingress-rhel8-operator:1.16.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/knative-rhel8-operator:1.16.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/kn-cli-artifacts-rhel8:0.22.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/kourier-control-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/net-istio-controller-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/net-istio-webhook-rhel8:0.22.0-2	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serverless-operator-bundle:1.16.0-6	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serverless-rhel8-operator:1.16.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serving-activator-rhel8:0.22.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serving-autoscaler-hpa-rhel8:0.22.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serving-autoscaler-rhel8:0.22.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serving-controller-rhel8:0.22.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serving-domain-mapping-rhel8:0.22.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serving-domain-mapping-webhook-rhel8:0.22.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serving-queue-rhel8:0.22.0-4	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serving-storage-version-migration-rhel8:0.22.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/serving-webhook-rhel8:0.22.0-3	*
Openshift Serveless 1.16	RedHat	openshift-serverless-1/svls-must-gather-rhel8:1.16.0-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/client-kn-rhel8:0.23.2-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-controller-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-mtbroker-filter-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-mtbroker-ingress-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-mtchannel-broker-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-mtping-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-storage-version-migration-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-sugar-controller-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/eventing-webhook-rhel8:0.23.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/ingress-rhel8-operator:1.17.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/knative-rhel8-operator:1.17.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/kn-cli-artifacts-rhel8:0.23.2-1	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/kourier-control-rhel8:0.23.0-4	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/net-istio-controller-rhel8:0.23.0-4	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/net-istio-webhook-rhel8:0.23.0-4	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serverless-operator-bundle:1.17.0-11	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serverless-rhel8-operator:1.17.0-5	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serving-activator-rhel8:0.23.1-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serving-autoscaler-hpa-rhel8:0.23.1-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serving-autoscaler-rhel8:0.23.1-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serving-controller-rhel8:0.23.1-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serving-domain-mapping-rhel8:0.23.1-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serving-domain-mapping-webhook-rhel8:0.23.1-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serving-queue-rhel8:0.23.1-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serving-storage-version-migration-rhel8:0.23.1-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/serving-webhook-rhel8:0.23.1-2	*
Openshift Serverless 1.17	RedHat	openshift-serverless-1/svls-must-gather-rhel8:1.17.0-5	*
Openshift Serverless 1 on RHEL 8	RedHat	openshift-serverless-clients-0:0.22.0-3.el8	*
Openshift Serverless 1 on RHEL 8	RedHat	openshift-serverless-clients-0:0.23.2-1.el8	*
Red Hat Enterprise Linux 8	RedHat	go-toolset:rhel8-8040020210716085908.5081a262	*
Red Hat OpenShift Container Storage 4.8.0 on RHEL-8	RedHat	ocs4/cephcsi-rhel8:4.8-125.01872cc.release_4.8	*
Red Hat OpenShift Container Storage 4.8.0 on RHEL-8	RedHat	ocs4/mcg-core-rhel8:5.8.0-38.e060925.5.8	*
Red Hat OpenShift Container Storage 4.8.0 on RHEL-8	RedHat	ocs4/mcg-rhel8-operator:5.8.0-27.4a6ca5f.5.8	*
Red Hat OpenShift Container Storage 4.8.0 on RHEL-8	RedHat	ocs4/ocs-must-gather-rhel8:4.8-196.a35d7d7.release_4.8	*
Red Hat OpenShift Container Storage 4.8.0 on RHEL-8	RedHat	ocs4/ocs-operator-bundle:4.8.0-5	*
Red Hat OpenShift Container Storage 4.8.0 on RHEL-8	RedHat	ocs4/ocs-rhel8-operator:4.8-196.a35d7d7.release_4.8	*
Red Hat OpenShift Container Storage 4.8.0 on RHEL-8	RedHat	ocs4/rook-ceph-rhel8-operator:4.8-167.9a9db5f.release_4.8	*
Red Hat OpenShift Container Storage 4.8.0 on RHEL-8	RedHat	ocs4/volume-replication-rhel8-operator:4.8-20.ab575a2.release_v0.1	*
Golang	Ubuntu	trusty	*
Golang-1.10	Ubuntu	bionic	*
Golang-1.10	Ubuntu	trusty	*
Golang-1.10	Ubuntu	trusty/esm	*
Golang-1.10	Ubuntu	xenial	*
Golang-1.13	Ubuntu	bionic	*
Golang-1.13	Ubuntu	focal	*
Golang-1.13	Ubuntu	groovy	*
Golang-1.13	Ubuntu	hirsute	*
Golang-1.13	Ubuntu	impish	*
Golang-1.13	Ubuntu	kinetic	*
Golang-1.13	Ubuntu	xenial	*
Golang-1.14	Ubuntu	focal	*
Golang-1.14	Ubuntu	groovy	*
Golang-1.14	Ubuntu	hirsute	*
Golang-1.15	Ubuntu	groovy	*
Golang-1.15	Ubuntu	hirsute	*
Golang-1.15	Ubuntu	impish	*
Golang-1.6	Ubuntu	trusty	*
Golang-1.6	Ubuntu	xenial	*
Golang-1.8	Ubuntu	bionic	*
Golang-1.9	Ubuntu	bionic	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-27918
CWE	https://cwe.mitre.org/data/definitions/835.html

Loop with Unreachable Exit Condition ('Infinite Loop')

Weakness

Affected Software

References