SB2020110505 - Red Hat Enterprise Linux 8 update for the container-tools:rhel8 module
Published: November 5, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Insufficient verification of data authenticity (CVE-ID: CVE-2020-10749)
The vulnerability allows a remote attacker to perform a man-in-the-Middle attack.
The vulnerability exists due to insufficient verification of data authenticity in CNI plugins when processing IPV6 router advertisements. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
2) Out-of-bounds read (CVE-ID: CVE-2020-10756)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "icmp6_send_echoreply()" routine while replying to an ICMP echo request. A remote attacker with access to guest operating system can trigger out-of-bounds read error and read contents of memory on the system.
3) Infinite loop (CVE-ID: CVE-2020-14040)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.
Remediation
Install update from vendor's website.