Описание
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | booth | Out of support scope | ||
| Red Hat Enterprise Linux 7 | booth | Will not fix | ||
| Red Hat Enterprise Linux 8 | booth | Fixed | RHSA-2024:3659 | 06.06.2024 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | booth | Fixed | RHSA-2024:3657 | 06.06.2024 |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | booth | Fixed | RHSA-2024:3657 | 06.06.2024 |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | booth | Fixed | RHSA-2024:4400 | 09.07.2024 |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | booth | Fixed | RHSA-2024:4400 | 09.07.2024 |
| Red Hat Enterprise Linux 8.8 Extended Update Support | booth | Fixed | RHSA-2024:3658 | 06.06.2024 |
| Red Hat Enterprise Linux 9 | booth | Fixed | RHSA-2024:3661 | 06.06.2024 |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | booth | Fixed | RHSA-2024:4411 | 09.07.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
A flaw was found in Booth, a cluster ticket manager. If a specially-cr ...
EPSS
5.9 Medium
CVSS3