Описание
Salt vulnerable to denial of service
Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-20897
- https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-166.yaml
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
- https://saltproject.io/security-announcements/2023-08-10-advisory
Пакеты
salt
< 3005.2
3005.2
salt
>= 3006.0rc1, < 3006.2
3006.2
Связанные уязвимости
Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. ...
