Описание
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.
A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.
Отчет
In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.
Since the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.
This may be fixed in the future.
Starting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as Out of support scope because these versions are already under Maintenance Phase of the support.
[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| A-MQ Clients 2 | netty-codec | Affected | ||
| Red Hat BPM Suite 6 | netty-codec | Out of support scope | ||
| Red Hat build of Quarkus | netty-codec | Affected | ||
| Red Hat Integration Camel K 1 | netty-codec | Affected | ||
| Red Hat Integration Service Registry | netty-codec | Not affected | ||
| Red Hat JBoss BRMS 6 | netty-codec | Out of support scope | ||
| Red Hat JBoss Data Grid 7 | netty-codec | Out of support scope | ||
| Red Hat JBoss Data Virtualization 6 | netty-codec | Out of support scope | ||
| Red Hat JBoss Fuse 6 | netty-codec | Out of support scope | ||
| Red Hat JBoss Fuse Service Works 6 | netty-codec | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.
The Snappy frame decoder function doesn't restrict the chunk length wh ...
SnappyFrameDecoder doesn't restrict chunk length any may buffer skippable chunks in an unnecessary way
Уязвимость функции декодирования кадров сетевого программного средства Netty, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3