ID

VAR-202310-0175

CVE

CVE-2023-44487

TITLE

Gentoo Linux Security Advisory 202311-09

DESCRIPTION

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202311-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Go: Multiple Vulnerabilities Date: November 25, 2023 Bugs: #873637, #883783, #894478, #903979, #908255, #915555, #916494 ID: 202311-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. Background ========= Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. Affected packages ================ Package Vulnerable Unaffected ----------- ------------ ------------ dev-lang/go < 1.20.10 >= 1.20.10 Description ========== Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Go users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">\xdev-lang/go-1.20.10" # emerge --ask --oneshot --verbose @golang-rebuild References ========= [ 1 ] CVE-2022-2879 https://nvd.nist.gov/vuln/detail/CVE-2022-2879 [ 2 ] CVE-2022-2880 https://nvd.nist.gov/vuln/detail/CVE-2022-2880 [ 3 ] CVE-2022-41715 https://nvd.nist.gov/vuln/detail/CVE-2022-41715 [ 4 ] CVE-2022-41717 https://nvd.nist.gov/vuln/detail/CVE-2022-41717 [ 5 ] CVE-2022-41723 https://nvd.nist.gov/vuln/detail/CVE-2022-41723 [ 6 ] CVE-2022-41724 https://nvd.nist.gov/vuln/detail/CVE-2022-41724 [ 7 ] CVE-2022-41725 https://nvd.nist.gov/vuln/detail/CVE-2022-41725 [ 8 ] CVE-2023-24534 https://nvd.nist.gov/vuln/detail/CVE-2023-24534 [ 9 ] CVE-2023-24536 https://nvd.nist.gov/vuln/detail/CVE-2023-24536 [ 10 ] CVE-2023-24537 https://nvd.nist.gov/vuln/detail/CVE-2023-24537 [ 11 ] CVE-2023-24538 https://nvd.nist.gov/vuln/detail/CVE-2023-24538 [ 12 ] CVE-2023-29402 https://nvd.nist.gov/vuln/detail/CVE-2023-29402 [ 13 ] CVE-2023-29403 https://nvd.nist.gov/vuln/detail/CVE-2023-29403 [ 14 ] CVE-2023-29404 https://nvd.nist.gov/vuln/detail/CVE-2023-29404 [ 15 ] CVE-2023-29405 https://nvd.nist.gov/vuln/detail/CVE-2023-29405 [ 16 ] CVE-2023-29406 https://nvd.nist.gov/vuln/detail/CVE-2023-29406 [ 17 ] CVE-2023-29409 https://nvd.nist.gov/vuln/detail/CVE-2023-29409 [ 18 ] CVE-2023-39318 https://nvd.nist.gov/vuln/detail/CVE-2023-39318 [ 19 ] CVE-2023-39319 https://nvd.nist.gov/vuln/detail/CVE-2023-39319 [ 20 ] CVE-2023-39320 https://nvd.nist.gov/vuln/detail/CVE-2023-39320 [ 21 ] CVE-2023-39321 https://nvd.nist.gov/vuln/detail/CVE-2023-39321 [ 22 ] CVE-2023-39322 https://nvd.nist.gov/vuln/detail/CVE-2023-39322 [ 23 ] CVE-2023-39323 https://nvd.nist.gov/vuln/detail/CVE-2023-39323 [ 24 ] CVE-2023-39325 https://nvd.nist.gov/vuln/detail/CVE-2023-39325 [ 25 ] CVE-2023-44487 https://nvd.nist.gov/vuln/detail/CVE-2023-44487 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202311-09 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Description: Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. ========================================================================== Ubuntu Security Notice USN-6438-2 October 25, 2023 .Net regressions ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 Summary: An incomplete fix was discovered in .Net. Software Description: - dotnet6: dotNET CLI tools and runtime - dotnet7: dotNET CLI tools and runtime Details: USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for [CVE-2023-36799](https://ubuntu.com/security/CVE-2023-36799) was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-36799) It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-44487) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: aspnetcore-runtime-6.0 6.0.124-0ubuntu1~23.10.1 aspnetcore-runtime-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-host 6.0.124-0ubuntu1~23.10.1 dotnet-host-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-hostfxr-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-hostfxr-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-runtime-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-runtime-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-sdk-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-sdk-7.0 7.0.113-0ubuntu1~23.10.1 dotnet6 6.0.124-0ubuntu1~23.10.1 dotnet7 7.0.113-0ubuntu1~23.10.1 In general, a standard system update will make all the necessary changes. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5570-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 01, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nghttp2 CVE ID : CVE-2023-44487 It was discovered that libnghttp2, a library implementing the HTTP/2 protocol, handled request cancellation incorrectly. For the oldstable distribution (bullseye), this problem has been fixed in version 1.43.0-1+deb11u1. For the stable distribution (bookworm), this problem has been fixed in version 1.52.0-1+deb12u1. We recommend that you upgrade your nghttp2 packages. For the detailed security status of nghttp2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nghttp2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmVqQcgACgkQEMKTtsN8 TjbEqA//QDCmDN5CLJGvcajpO5Ys2AbOXT+i7cTVhPDjFSnNs0CajiY/ay2qfYNX 2L5Bk5XPbFmLWD1QhvpMysXYFOJKxyqzhhTU23Ha2cQS4M5t2SHzkoKPyD+Vk6wg BF2TwwlZiSJTMcQqMcw2OAUAfwwaxPVIT0wB8VNY/I7HO3pvTKXSFl9Wb0Y2RzZT kL8ci804D57Uqi45dM391V4B3UfoQ/EK+bYhbu8qDfp3/gL7gclRy2+v+by1JwsN RUKM+nbb4eB0L7XM4rWmZrB4o0Tp5KblwNYRmUh7aCxqIuHRvwzRmQYoEB0KXJ7j Udv0/cUISbjkcIZ+lTIduhWRRvQxjo6M9rB0Tk6jFjTwXWRpWKPcYBYz1L8QKN+x lizyctsoT6TJR+IeJmbAfkY8hcTT1j/PZSn1udnRCodpXjUccn8cot4NlU6VWtzw X5hZCYGTlyeY3oKuPusES6bNsYqzJNp4ObU0xOTvES/ru8Zmiz/76Eufg3+oDo3S gYKVFcchgp0mk20owdWHTadQpIfQFoJkL2FWYWFhXuTGTe30R9bsMIbDddaD3cYs 6p7AiwYljhYYWqaVmRCAhiGerpun18NZhKUlV7ZMF8yQflrVddPqoVTVQEpWx6ZL cuJ2u/oag8DdQsfXrQvZWcVWdp77itr+ZeBhm7Xok0+jPDscFDo= =P2Nw -----END PGP SIGNATURE----- . Description: AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to in the References section. Description: nghttp2 contains the Hypertext Transfer Protocol version 2 (HTTP/2) client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. The following advisory data is extracted from: https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7481.json Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. - Packet Storm Staff ==================================================================== Red Hat Security Advisory Synopsis: Important: OpenShift Container Platform 4.11.54 packages and security update Advisory ID: RHSA-2023:7481-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:7481 Issue date: 2023-11-29 Revision: 01 CVE Names: CVE-2023-44487 ==================================================================== Summary: Red Hat OpenShift Container Platform release 4.11.54 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.54. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2023:7479 Security Fix(es): * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html Solution: https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html CVEs: CVE-2023-44487 References: https://access.redhat.com/security/updates/classification/#important https://bugzilla.redhat.com/show_bug.cgi?id=2242803

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

code execution

EXTERNAL IDS

REFERENCES