SB2020082012 - Multiple vulnerabilities in Red Hat Quay
Published: August 20, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Resource exhaustion (CVE-ID: CVE-2020-11080)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when processing HTTP/2 SETTINGS frames. A remote attacker can trigger high CPU load by sending large HTTP/2 SETTINGS frames and perform a denial of service (DoS) attack.
2) Memory leak (CVE-ID: CVE-2020-12049)
The vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak in libdbus when a message exceeds the per-message file descriptor limit. A local user with access to the D-Bus system bus or another system service's private AF_UNIX socket can make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.
3) Man-in-the-Middle (MitM) attack (CVE-ID: CVE-2020-13777)
The vulnerability allows a remote attacker to perform Man-in-the-Middle (MitM) attack.
The vulnerability exists due to regression, introduced into the TLS protocol implementation that caused the TLS server to not securely construct a session ticket encryption key considering the application supplied secret. A remote attacker can bypass authentication in TLS 1.3 and recover previous conversations in TLS 1.2
4) Information disclosure (CVE-ID: CVE-2020-14313)
The vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to an error in Red Hat Quay that allows a user with privileges to create a build trigger in a repository to disclose the names of robot accounts and the existence of private repositories within any namespace.
Remediation
Install update from vendor's website.