Описание
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification.
Отчет
OpenShift 3.11 consumes updates for podman from the RHEL-7 extras channel, hence why it has been marked as wontfix in this instance. After extensive testing of the mentioned vulnerability Red Hat has chosen a severity of Moderate instead of High, because the deallocation of GPGME objects while other parts of code are still using it, the vulnerability can only result in a crash and cannot be used to execute code in any feasible manner, moreover the vulnerability only results in crash if finalizers are called to clean up variables while objects are still being used by the underlying C code. Given the inherent attack complexity being high and the exploitability of the vulnerability limited to a crash, Moderate severity seems adequate.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ansible Tower 3 | openshift-clients | Not affected | ||
| Red Hat Enterprise Linux 8 | container-tools:1.0/buildah | Will not fix | ||
| Red Hat Enterprise Linux 8 | container-tools:1.0/podman | Out of support scope | ||
| Red Hat Enterprise Linux 8 | container-tools:1.0/skopeo | Out of support scope | ||
| Red Hat Enterprise Linux 8 | container-tools:2.0/buildah | Will not fix | ||
| Red Hat Enterprise Linux 8 | container-tools:2.0/podman | Affected | ||
| Red Hat Enterprise Linux 8 | container-tools:2.0/skopeo | Affected | ||
| Red Hat Enterprise Linux 8 | container-tools:rhel8/buildah | Will not fix | ||
| Red Hat Enterprise Linux 8 | container-tools:rhel8/podman | Affected | ||
| Red Hat Enterprise Linux 8 | container-tools:rhel8/skopeo | Affected |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use ...
ELSA-2020-1230: skopeo security and bug fix update (MODERATE)
7.5 High
CVSS3