ID

VAR-202009-1442

CVE

CVE-2020-8927

TITLE

Google brotli Library Buffer error vulnerability

DESCRIPTION

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1945703 - "Guest OS Info" availability in VMI describe is flaky 1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster 1963275 - migration controller null pointer dereference 1965099 - Live Migration double handoff to virt-handler causes connection failures 1965181 - CDI importer doesn't report AwaitingVDDK like it used to 1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod 1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs 1969756 - Windows VMs fail to start on air-gapped environments 1970372 - Virt-handler fails to verify container-disk 1973227 - segfault in virt-controller during pdb deletion 1974084 - 2.6.6 containers 1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted] 1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration 1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner 1982760 - [v2v] no kind VirtualMachine is registered for version \"kubevirt.io/v1\" i... 1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with <= 4.8 5. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It is similar in speed with deflate but offers more dense compression. Bugs fixed (https://bugzilla.redhat.com/): 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 5. JIRA issues fixed (https://issues.jboss.org/): TRACING-1725 - Elasticsearch operator reports x509 errors communicating with ElasticSearch in OpenShift Service Mesh project 6. Bugs fixed (https://bugzilla.redhat.com/): 1937901 - CVE-2021-27918 golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader 1958341 - CVE-2021-31525 golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 1965503 - CVE-2021-33196 golang: archive/zip: Malformed archive may cause panic or memory exhaustion 1971445 - Release of OpenShift Serverless Serving 1.16.0 1971448 - Release of OpenShift Serverless Eventing 1.16.0 5. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.13. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2021:2122 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html This update fixes the following bug among others: * Previously, resources for the ClusterOperator were being created early in the update process, which led to update failures when the ClusterOperator had no status condition while Operators were updating. This bug fix changes the timing of when these resources are created. As a result, updates can take place without errors. (BZ#1959238) Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-x86_64 The image digest is sha256:783a2c963f35ccab38e82e6a8c7fa954c3a4551e07d2f43c06098828dd986ed4 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-s390x The image digest is sha256:4cf44e68413acad063203e1ee8982fd01d8b9c1f8643a5b31cd7ff341b3199cd (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-ppc64le The image digest is sha256:d47ce972f87f14f1f3c5d50428d2255d1256dae3f45c938ace88547478643e36 All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor 3. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923268 - [Assisted-4.7] [Staging] Using two both spelling "canceled" "cancelled" 1947216 - [AWS] Missing iam:ListAttachedRolePolicies permission in permissions.go 1953963 - Enable/Disable host operations returns cluster resource with incomplete hosts list 1957749 - ovn-kubernetes pod should have CPU and memory requests set but not limits 1959238 - CVO creating cloud-controller-manager too early causing upgrade failures 1960103 - SR-IOV obliviously reboot the node 1961941 - Local Storage Operator using LocalVolume CR fails to create PV's when backend storage failure is simulated 1962302 - packageserver clusteroperator does not set reason or message for Available condition 1962312 - Deployment considered unhealthy despite being available and at latest generation 1962435 - Public DNS records were not deleted when destroying a cluster which is using byo private hosted zone 1963115 - Test verify /run filesystem contents failing 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: .NET 5.0 on RHEL 7 security and bugfix update Advisory ID: RHSA-2022:0828-01 Product: .NET Core on Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0828 Issue date: 2022-03-10 CVE Names: CVE-2020-8927 CVE-2022-24464 CVE-2022-24512 ===================================================================== 1. Summary: An update for .NET 5.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address security vulnerabilities are now available. The updated versions are .NET SDK 5.0.212 and .NET Runtime 5.0.15. Security Fix(es): * dotnet: ASP.NET Denial of Service via FormPipeReader (CVE-2022-24464) * dotnet: double parser stack buffer overrun (CVE-2022-24512) * brotli: buffer overflow when input chunk is larger than 2GiB (CVE-2020-8927) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1879225 - CVE-2020-8927 brotli: buffer overflow when input chunk is larger than 2GiB 2061847 - CVE-2022-24464 dotnet: ASP.NET Denial of Service via FormPipeReader 2061854 - CVE-2022-24512 dotnet: double parser stack buffer overrun 6. Package List: .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnet50-dotnet-5.0.212-1.el7_9.src.rpm x86_64: rh-dotnet50-aspnetcore-runtime-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-aspnetcore-targeting-pack-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-apphost-pack-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-debuginfo-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-host-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-hostfxr-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-runtime-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-sdk-5.0-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-sdk-5.0-source-built-artifacts-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-targeting-pack-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-templates-5.0-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-netstandard-targeting-pack-2.1-5.0.212-1.el7_9.x86_64.rpm .NET Core on Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnet50-dotnet-5.0.212-1.el7_9.src.rpm x86_64: rh-dotnet50-aspnetcore-runtime-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-aspnetcore-targeting-pack-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-apphost-pack-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-debuginfo-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-host-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-hostfxr-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-runtime-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-sdk-5.0-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-sdk-5.0-source-built-artifacts-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-targeting-pack-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-templates-5.0-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-netstandard-targeting-pack-2.1-5.0.212-1.el7_9.x86_64.rpm .NET Core on Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnet50-dotnet-5.0.212-1.el7_9.src.rpm x86_64: rh-dotnet50-aspnetcore-runtime-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-aspnetcore-targeting-pack-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-apphost-pack-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-debuginfo-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-host-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-hostfxr-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-runtime-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-sdk-5.0-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-sdk-5.0-source-built-artifacts-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-targeting-pack-5.0-5.0.15-1.el7_9.x86_64.rpm rh-dotnet50-dotnet-templates-5.0-5.0.212-1.el7_9.x86_64.rpm rh-dotnet50-netstandard-targeting-pack-2.1-5.0.212-1.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-8927 https://access.redhat.com/security/cve/CVE-2022-24464 https://access.redhat.com/security/cve/CVE-2022-24512 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYippUdzjgjWX9erEAQg6EQ/9GK6dbQFH49s64Guq+KocIoDILIOqShN4 nejZWh+57tXkC+y+zLAPHMeF3+lqwb7RHk11oBbBxTMJirrrDLno0WjRRxFZHphL 1uc0g1N3kuB0OQmNK483zSJ+Yov8GgXNHVPkZE+CYbcOgJo+gQ4xexQKYXh75isv NoPROvTiJlFg5+5746sQBsMF7QOnQmtlJgTkpN+FZuCGBVyyKCezb/eAIZqeqIzj iO+UHFrjcfBOT9+Jw/Vq4LVunTjFnjzVUaQRJZd5muVu8hRmKI3TFZ1dFHvUHob6 OcP6TN35YqgSD28TmO9ZfPyYMoXBmp1hFNFPKy4PevMKoHZSKEIh8Bs8V3AupsXA M7DDaPIoCNlX2G7a++ExmqqvDomKNCA6E5sc+4AOaC3B2buP/WvquQnuDpWHJG5W KsRM++yGpkNtsLIMeflQgN0FRNeH+A0bbaR/g0F+KmO6ihQipE2dCBlJ0kEjSass HETuuQfAf9+GvN3Z/LEOBgknNYNbh/87G25ZZQ81ju06xXqn4AxayWOd5uk2Kt4J HJk3FTBc8AOr5JWZX12YTPw0zbqXkc71rL2FjSUes9iiN+qhI78X6Y93hA0ASTl7 MQOVqjyb6hFyXCGvlTEMk9cIbnpT2uOXmuuHAHyWJYmZzzKSsqp6L3JZ3DbiD8oU lCHDu8J+LH4= =Chyt -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

buffer error

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2025-09-28T22:25:20.434000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE