Описание
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
A flaw was found in the Keccak XKCP SHA-3 reference implementation. The sponge function interface allows partial input data to be processed, and partial output to be produced. When at least one of these has a length of 4294967096 bytes or more, it can result in elimination of cryptographic properties, execution of arbitrary code, or a denial of service.
Отчет
Python as shipped with Red Hat Red Hat Enterprise Linux is not affected by this flaw as it uses the OpenSSL SHA-3 implementation. PHP as shipped with Red Hat Enterprise Linux is affected but not vulnerable by default as it depends of the memory_limit[1] configuration setting to have a value of -1, indicating there is no limit, or to a value bigger than 4G. These values are very unlikely and to reflect this condition PHP was rated with a moderate security impact. [1]. https://www.php.net/manual/en/ini.core.php#ini.memory-limit
Меры по смягчению последствий
Library users can limit the size of partial input data or partial output digest to below 4294967096 bytes. Avoiding the queuing functions altogether by processing the entire input or producing the entire output at once does not trigger this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | php | Out of support scope | ||
| Red Hat Enterprise Linux 6 | python | Not affected | ||
| Red Hat Enterprise Linux 7 | php | Out of support scope | ||
| Red Hat Enterprise Linux 7 | python | Not affected | ||
| Red Hat Enterprise Linux 7 | python3 | Not affected | ||
| Red Hat Enterprise Linux 8 | python27:2.7/python2 | Not affected | ||
| Red Hat Enterprise Linux 8 | python3 | Not affected | ||
| Red Hat Enterprise Linux 8 | python36:3.6/python36 | Not affected | ||
| Red Hat Enterprise Linux 8 | python38:3.8/python38 | Not affected | ||
| Red Hat Enterprise Linux 8 | python39:3.9/python39 | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
8.1 High
CVSS3
Связанные уязвимости
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an i ...
EPSS
8.1 High
CVSS3