Red Hat Enterprise Linux 8.1 update for thunderbird



Published: 2021-04-16
Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE ID CVE-2021-23991
CVE-2021-23992
CVE-2021-23993
CWE ID CWE-310
CWE-451
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
thunderbird (Red Hat package)
Operating systems & Components / Operating system package or component

Red Hat Enterprise Linux Server - Update Services for SAP Solutions
Operating systems & Components / Operating system package or component

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions
Operating systems & Components / Operating system package or component

Red Hat Enterprise Linux for Power, little endian - Extended Update Support
Operating systems & Components / Operating system

Red Hat Enterprise Linux for x86_64 - Extended Update Support
Operating systems & Components / Operating system

Vendor Red Hat Inc.

Security Advisory

1) Cryptographic issues

Risk: Low

CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-23991

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to email encryption.

The vulnerability exists in the way Thunderbird uses the OpenPGP key refresh mechanism while handling the extended validity key period. A remote attacker can send  victim an email containing a crafted version of the original key and an invalid subkey and force the application to use the invalid subkey, which will result in failure to encrypt the original email message when sending it.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

thunderbird (Red Hat package): 78.3.1-1.el8_1, 78.4.0-1.el8_1, 78.4.3-1.el8_1, 78.5.0-1.el8_1, 78.6.0-1.el8_1, 78.6.1-1.el8_1, 78.7.0-1.el8_1, 78.8.0-1.el8_1

Red Hat Enterprise Linux for Power, little endian - Extended Update Support: 8.1

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 8.1

Red Hat Enterprise Linux Server - Update Services for SAP Solutions: 8.1

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions: 8.1

CPE External links

https://access.redhat.com/errata/RHSA-2021:1190

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Spoofing attack

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-23992

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data, when checking if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

thunderbird (Red Hat package): 78.3.1-1.el8_1, 78.4.0-1.el8_1, 78.4.3-1.el8_1, 78.5.0-1.el8_1, 78.6.0-1.el8_1, 78.6.1-1.el8_1, 78.7.0-1.el8_1, 78.8.0-1.el8_1

Red Hat Enterprise Linux for Power, little endian - Extended Update Support: 8.1

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 8.1

Red Hat Enterprise Linux Server - Update Services for SAP Solutions: 8.1

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions: 8.1

CPE External links

https://access.redhat.com/errata/RHSA-2021:1190

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2021-23993

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to disable sending of encrypted messages.

The vulnerability exists due to insufficient validation of imported OpenPGP keys. A remote attacker can force the victim to import a specially crafted OpenPGO key with a subkey that has an invalid self signature and prevent users from sending encrypted messages to a correspondent.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

thunderbird (Red Hat package): 78.3.1-1.el8_1, 78.4.0-1.el8_1, 78.4.3-1.el8_1, 78.5.0-1.el8_1, 78.6.0-1.el8_1, 78.6.1-1.el8_1, 78.7.0-1.el8_1, 78.8.0-1.el8_1

Red Hat Enterprise Linux for Power, little endian - Extended Update Support: 8.1

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 8.1

Red Hat Enterprise Linux Server - Update Services for SAP Solutions: 8.1

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions: 8.1

CPE External links

https://access.redhat.com/errata/RHSA-2021:1190

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###