Описание
Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability.
A flaw was found in the etcd package. Affected versions of etcd allow remote attackers to cause a denial of service via the PageWriter.write function in pagewriter.go, possibly affecting system availability.
Отчет
The only way to trigger this CVE is to dynamically change an unexported variable's value at runtime, which is not possible in any of the Red Hat products. Although the affected code is present in the codebase, we have rated this as a Moderate impact.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | etcd | Out of support scope | ||
| Red Hat OpenStack Platform 16.1 | etcd | Affected | ||
| Red Hat OpenStack Platform 16.1 | openstack-etcd-container | Affected | ||
| Red Hat OpenStack Platform 16.2 | etcd | Affected | ||
| Red Hat OpenStack Platform 16.2 | openstack-etcd-container | Affected | ||
| Red Hat OpenStack Platform 17.0 | etcd | Affected | ||
| Red Hat OpenStack Platform 17.0 | openstack-etcd-container | Affected | ||
| Red Hat OpenStack Platform 17.1 | etcd | Affected | ||
| Red Hat OpenStack Platform 17.1 | openstack-etcd-container | Affected | ||
| Red Hat OpenStack Platform 18.0 | etcd | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability.
Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability.
Etcd v3.5.4 allows remote attackers to cause a denial of service via f ...
EPSS
7.5 High
CVSS3