SB2021042502 - Red Hat OpenShift Serverless update for golang

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021042502

SB2021042502 - Red Hat OpenShift Serverless update for golang

Published: April 25, 2021 Updated: June 7, 2024

Security Bulletin ID SB2021042502
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Medium 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Incorrect calculation (CVE-ID: CVE-2021-3114)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to incorrect calculation performed by the application in "crypto/elliptic/p224.go". A remote attacker can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.


2) OS Command Injection (CVE-ID: CVE-2021-3115)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation when using the "go get" command to fetch modules that make use of cgo. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) NULL pointer dereference (CVE-ID: CVE-2021-3449)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error when processing TLSv1.2 renegotiations. A remote attacker can send a maliciously crafted renegotiation ClientHello message, which omits the signature_algorithms extension but includes a signature_algorithms_cert extension, trigger a NULL pointer dereference error and crash the server.

4) Security features bypass (CVE-ID: CVE-2021-3450)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error in implementation of the X509_V_FLAG_X509_STRICT flag allows an attacker to overwrite a valid CA certificate using any non-CA certificate in the chain. As a result, a remote attacker can perform MitM attack.


5) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2021-20305)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.


Remediation

Install update from vendor's website.

References