Описание
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
A flaw was found in etcd, where it is possible to have an entry index greater than the number of entries in the ReadAll method in wal/wal.go. This can cause issues when WAL entries are being read during consensus, as an arbitrary etcd consensus participant can go down from a runtime panic when reading the entry. The highest threat from this vulnerability is to system availability.
Отчет
In Red Hat OpenShift Container Platform (RHOCP), the affected components are behind OpenShift OAuth authentication. This restricts access to the vulnerable etcd to authenticated users only, therefore the impact of this vulnerability is Low. A similar access restriction is in place in Red Hat OpenStack Platform (RHOSP) as etcd is limited to use within the internal API network, which is not accessible to any OpenStack tenants.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Advanced Cluster Management for Kubernetes 2 | etcd | Not affected | ||
| Red Hat OpenStack Platform 15 (Stein) | etcd | Fix deferred | ||
| Red Hat Storage 3 | etcd | Affected | ||
| Red Hat Enterprise Linux 7 Extras | etcd | Fixed | RHSA-2021:1407 | 27.04.2021 |
| Red Hat OpenShift Container Platform 4.8 | openshift4/ose-etcd | Fixed | RHSA-2021:2438 | 27.07.2021 |
| Red Hat OpenStack Platform 16.1 | etcd | Fixed | RHSA-2021:0916 | 17.03.2021 |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an e ...
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
6.5 Medium
CVSS3