Описание
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.
A use-after-free vulnerability was found in Subversion in the mod_dav_svn Apache HTTP server (HTTPd) module. While looking up path-based authorization (authz) rules, multiple calls to the post_config hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue crashes the single HTTPd worker thread or the entire HTTPd server process, depending on the configuration of the Apache HTTPd server.
Отчет
The vulnerable code was introduced in Subversion 1.10 as part of a new implementation of path-based authorization (authz). Red Hat Enterprise Linux 6 and 7 are not affected by this flaw as they ship an older version of Subversion.
Меры по смягчению последствий
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | subversion | Not affected | ||
| Red Hat Enterprise Linux 7 | subversion | Not affected | ||
| Red Hat Enterprise Linux 8 | subversion | Fixed | RHSA-2022:2234 | 12.05.2022 |
| Red Hat Enterprise Linux 8 | subversion | Fixed | RHSA-2022:4941 | 08.06.2022 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | subversion | Fixed | RHSA-2022:2237 | 12.05.2022 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | subversion | Fixed | RHSA-2022:2236 | 12.05.2022 |
| Red Hat Enterprise Linux 8.4 Extended Update Support | subversion | Fixed | RHSA-2022:2222 | 11.05.2022 |
| Red Hat Enterprise Linux 8.4 Extended Update Support | subversion | Fixed | RHSA-2022:4722 | 24.05.2022 |
| Red Hat Enterprise Linux 9 | subversion | Fixed | RHSA-2022:4591 | 18.05.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.
Subversion's mod_dav_svn is vulnerable to memory corruption. While loo ...
EPSS
7.5 High
CVSS3