Multiple vulnerabilities in OpenShift Container Platform 3.11
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2021-44832 CVE-2020-25704 CVE-2020-36322 CVE-2021-42739 |
| CWE-ID | CWE-94 CWE-401 CWE-404 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Red Hat OpenShift Container Platform Client/Desktop applications / Software for system administration |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Code Injection
EUVDB-ID: #VU59098
Risk: Medium
CVSSv3.1: 5.8 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-44832
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A remote user with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 3.11.0 - 3.11.569
External linkshttp://access.redhat.com/errata/RHSA-2022:0236
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory leak
EUVDB-ID: #VU55258
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-25704
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the Linux kernel performance monitoring subsystem when using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
Install updates from vendor's website.
Red Hat OpenShift Container Platform: 3.11.0 - 3.11.569
External linkshttp://access.redhat.com/errata/RHSA-2022:0236
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Resource Shutdown or Release
EUVDB-ID: #VU59473
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-36322
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists in the FUSE filesystem implementation in the Linux kernel due to fuse_do_getattr() calls make_bad_inode() in inappropriate situations. A local user can run a specially crafted program to trigger kernel crash.
Note, the vulnerability exists due to incomplete fix for #VU58207 (CVE-2021-28950).
Install updates from vendor's website.
Red Hat OpenShift Container Platform: 3.11.0 - 3.11.569
External linkshttp://access.redhat.com/errata/RHSA-2022:0236
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Buffer overflow
EUVDB-ID: #VU59474
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-42739
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary within the firewire subsystem in the Linux kernel in drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c files. A local privileged user can run a specially crafted program tat calls avc_ca_pmt() function to trigger memory corruption and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Red Hat OpenShift Container Platform: 3.11.0 - 3.11.569
External linkshttp://access.redhat.com/errata/RHSA-2022:0236
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
