ID

VAR-202006-1838

CVE

CVE-2020-10543

TITLE

Perl Out-of-bounds write vulnerability in

DESCRIPTION

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Perl Is vulnerable to out-of-bounds writes.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. An attacker could exploit this vulnerability to cause a denial of service. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: perl security update Advisory ID: RHSA-2021:1032-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:1032 Issue date: 2021-03-30 CVE Names: CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 ===================================================================== 1. Summary: An update for perl is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.7) - ppc64, ppc64le, s390x, x86_64 3. Description: Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543) * perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (CVE-2020-10878) * perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.7): Source: perl-5.16.3-294.el7_7.1.src.rpm noarch: perl-CPAN-1.9800-294.el7_7.1.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-294.el7_7.1.noarch.rpm perl-ExtUtils-Embed-1.30-294.el7_7.1.noarch.rpm perl-ExtUtils-Install-1.58-294.el7_7.1.noarch.rpm perl-IO-Zlib-1.10-294.el7_7.1.noarch.rpm perl-Locale-Maketext-Simple-0.21-294.el7_7.1.noarch.rpm perl-Module-CoreList-2.76.02-294.el7_7.1.noarch.rpm perl-Module-Loaded-0.08-294.el7_7.1.noarch.rpm perl-Object-Accessor-0.42-294.el7_7.1.noarch.rpm perl-Package-Constants-0.02-294.el7_7.1.noarch.rpm perl-Pod-Escapes-1.04-294.el7_7.1.noarch.rpm x86_64: perl-5.16.3-294.el7_7.1.x86_64.rpm perl-Time-Piece-1.20.1-294.el7_7.1.x86_64.rpm perl-core-5.16.3-294.el7_7.1.x86_64.rpm perl-debuginfo-5.16.3-294.el7_7.1.i686.rpm perl-debuginfo-5.16.3-294.el7_7.1.x86_64.rpm perl-devel-5.16.3-294.el7_7.1.i686.rpm perl-devel-5.16.3-294.el7_7.1.x86_64.rpm perl-libs-5.16.3-294.el7_7.1.i686.rpm perl-libs-5.16.3-294.el7_7.1.x86_64.rpm perl-macros-5.16.3-294.el7_7.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7): x86_64: perl-debuginfo-5.16.3-294.el7_7.1.x86_64.rpm perl-tests-5.16.3-294.el7_7.1.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.7): Source: perl-5.16.3-294.el7_7.1.src.rpm noarch: perl-CPAN-1.9800-294.el7_7.1.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-294.el7_7.1.noarch.rpm perl-ExtUtils-Embed-1.30-294.el7_7.1.noarch.rpm perl-ExtUtils-Install-1.58-294.el7_7.1.noarch.rpm perl-IO-Zlib-1.10-294.el7_7.1.noarch.rpm perl-Locale-Maketext-Simple-0.21-294.el7_7.1.noarch.rpm perl-Module-CoreList-2.76.02-294.el7_7.1.noarch.rpm perl-Module-Loaded-0.08-294.el7_7.1.noarch.rpm perl-Object-Accessor-0.42-294.el7_7.1.noarch.rpm perl-Package-Constants-0.02-294.el7_7.1.noarch.rpm perl-Pod-Escapes-1.04-294.el7_7.1.noarch.rpm ppc64: perl-5.16.3-294.el7_7.1.ppc64.rpm perl-Time-Piece-1.20.1-294.el7_7.1.ppc64.rpm perl-core-5.16.3-294.el7_7.1.ppc64.rpm perl-debuginfo-5.16.3-294.el7_7.1.ppc.rpm perl-debuginfo-5.16.3-294.el7_7.1.ppc64.rpm perl-devel-5.16.3-294.el7_7.1.ppc.rpm perl-devel-5.16.3-294.el7_7.1.ppc64.rpm perl-libs-5.16.3-294.el7_7.1.ppc.rpm perl-libs-5.16.3-294.el7_7.1.ppc64.rpm perl-macros-5.16.3-294.el7_7.1.ppc64.rpm ppc64le: perl-5.16.3-294.el7_7.1.ppc64le.rpm perl-Time-Piece-1.20.1-294.el7_7.1.ppc64le.rpm perl-core-5.16.3-294.el7_7.1.ppc64le.rpm perl-debuginfo-5.16.3-294.el7_7.1.ppc64le.rpm perl-devel-5.16.3-294.el7_7.1.ppc64le.rpm perl-libs-5.16.3-294.el7_7.1.ppc64le.rpm perl-macros-5.16.3-294.el7_7.1.ppc64le.rpm s390x: perl-5.16.3-294.el7_7.1.s390x.rpm perl-Time-Piece-1.20.1-294.el7_7.1.s390x.rpm perl-core-5.16.3-294.el7_7.1.s390x.rpm perl-debuginfo-5.16.3-294.el7_7.1.s390.rpm perl-debuginfo-5.16.3-294.el7_7.1.s390x.rpm perl-devel-5.16.3-294.el7_7.1.s390.rpm perl-devel-5.16.3-294.el7_7.1.s390x.rpm perl-libs-5.16.3-294.el7_7.1.s390.rpm perl-libs-5.16.3-294.el7_7.1.s390x.rpm perl-macros-5.16.3-294.el7_7.1.s390x.rpm x86_64: perl-5.16.3-294.el7_7.1.x86_64.rpm perl-Time-Piece-1.20.1-294.el7_7.1.x86_64.rpm perl-core-5.16.3-294.el7_7.1.x86_64.rpm perl-debuginfo-5.16.3-294.el7_7.1.i686.rpm perl-debuginfo-5.16.3-294.el7_7.1.x86_64.rpm perl-devel-5.16.3-294.el7_7.1.i686.rpm perl-devel-5.16.3-294.el7_7.1.x86_64.rpm perl-libs-5.16.3-294.el7_7.1.i686.rpm perl-libs-5.16.3-294.el7_7.1.x86_64.rpm perl-macros-5.16.3-294.el7_7.1.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.7): ppc64: perl-debuginfo-5.16.3-294.el7_7.1.ppc64.rpm perl-tests-5.16.3-294.el7_7.1.ppc64.rpm ppc64le: perl-debuginfo-5.16.3-294.el7_7.1.ppc64le.rpm perl-tests-5.16.3-294.el7_7.1.ppc64le.rpm s390x: perl-debuginfo-5.16.3-294.el7_7.1.s390x.rpm perl-tests-5.16.3-294.el7_7.1.s390x.rpm x86_64: perl-debuginfo-5.16.3-294.el7_7.1.x86_64.rpm perl-tests-5.16.3-294.el7_7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10543 https://access.redhat.com/security/cve/CVE-2020-10878 https://access.redhat.com/security/cve/CVE-2020-12723 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYGLwtdzjgjWX9erEAQh/SA/9GENjf1AD4oPsRe6GzOIPR5HIuRSixHcc RUyMNqGsQ+piL824iq37aGqtl96Dvp67BpbeHEzAWTg3bPmrsaM1eXOR5awF9wuc f99kmE2UCTzdhtp4MDBrzRFidpi1FEwqNhOa9pSZH1My6+3PDhV4XtXysgQ7SDlw HJqf3mvfPrZdGcqNoOHWWjRyoH0OodJkPFn1ZoKAXn70HCVuTa0wcng18cWd8zs1 v210iFTCFWaDZpWc69HSV56+crM3alWfW8myDBdaVq9g4iWmK51pbA9Yp4AS4Hjy 09DzL8MJ3QEJjUYoo+siaaNz8bQGyCckhbrSDOgjUjU/QXxRouN5YyjIOnO8DOBc g7Qp2fceXmt8q7dn1YOgIFXGHbjwbMYiDhs39Fn6MuT3r1+ofbj/KMWa2icL5Nje ZetQ5eI+3A+irpef4wS0xMgEgr3PkGKmuxxauoq+y7BgbqD1EDs/ItHVzQKfPdPF m7uQ2mmqdO4rasKRGB0d4pO4yFCqyf6lBqxAEjexY0hyp1JPyJolGmWpYJP6LtJ4 7eKIPjnQgxCWOySa//2xxMSDVLj088zvLGf8eq2xmwV1+cyUXWQ9dkxdyImTO9IZ W6xporFLVbxX+fajaoZQQdHj7UxGpJY3rKofgFQQleRz22JSbvKhqydR36QFBRsR WUNYnqDSxIM= =ci9w -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Bug fix: * RHACM 2.0.8 images (BZ #1915461) 3. Bugs fixed (https://bugzilla.redhat.com/): 1915461 - RHACM 2.0.8 images 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 5. Description: Red Hat Advanced Cluster Management for Kubernetes 2.2.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana gement_for_kubernetes/2.2/html/release_notes/ Security fixes: * redisgraph-tls: redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms (CVE-2021-21309) * console-header-container: nodejs-netmask: improper input validation of octal input data (CVE-2021-28092) * console-container: nodejs-is-svg: ReDoS via malicious string (CVE-2021-28918) Bug fixes: * RHACM 2.2.4 images (BZ# 1957254) * Enabling observability for OpenShift Container Storage with RHACM 2.2 on OCP 4.7 (BZ#1950832) * ACM Operator should support using the default route TLS (BZ# 1955270) * The scrolling bar for search filter does not work properly (BZ# 1956852) * Limits on Length of MultiClusterObservability Resource Name (BZ# 1959426) * The proxy setup in install-config.yaml is not worked when IPI installing with RHACM (BZ# 1960181) * Unable to make SSH connection to a Bitbucket server (BZ# 1966513) * Observability Thanos store shard crashing - cannot unmarshall DNS message (BZ# 1967890) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1932634 - CVE-2021-21309 redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms 1939103 - CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string 1944827 - CVE-2021-28918 nodejs-netmask: improper input validation of octal input data 1950832 - Enabling observability for OpenShift Container Storage with RHACM 2.2 on OCP 4.7 1952150 - [DDF] It would be great to see all the options available for the bucket configuration and which attributes are mandatory 1954506 - [DDF] Table does not contain data about 20 clusters. Now it's difficult to estimate CPU usage with larger clusters 1954535 - Reinstall Submariner - No endpoints found on one cluster 1955270 - ACM Operator should support using the default route TLS 1956852 - The scrolling bar for search filter does not work properly 1957254 - RHACM 2.2.4 images 1959426 - Limits on Length of MultiClusterObservability Resource Name 1960181 - The proxy setup in install-config.yaml is not worked when IPI installing with RHACM. 1963128 - [DDF] Please rename this to "Amazon Elastic Kubernetes Service" 1966513 - Unable to make SSH connection to a Bitbucket server 1967357 - [DDF] When I clicked on this yaml, I get a HTTP 404 error. 1967890 - Observability Thanos store shard crashing - cannot unmarshal DNS message 5. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * [perl-net-ping] wrong return value on failing DNS name lookup (BZ#1973177) 4. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.13. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2021:2122 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html This update fixes the following bug among others: * Previously, resources for the ClusterOperator were being created early in the update process, which led to update failures when the ClusterOperator had no status condition while Operators were updating. This bug fix changes the timing of when these resources are created. As a result, updates can take place without errors. (BZ#1959238) Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-x86_64 The image digest is sha256:783a2c963f35ccab38e82e6a8c7fa954c3a4551e07d2f43c06098828dd986ed4 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-s390x The image digest is sha256:4cf44e68413acad063203e1ee8982fd01d8b9c1f8643a5b31cd7ff341b3199cd (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-ppc64le The image digest is sha256:d47ce972f87f14f1f3c5d50428d2255d1256dae3f45c938ace88547478643e36 All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor 3. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923268 - [Assisted-4.7] [Staging] Using two both spelling "canceled" "cancelled" 1947216 - [AWS] Missing iam:ListAttachedRolePolicies permission in permissions.go 1953963 - Enable/Disable host operations returns cluster resource with incomplete hosts list 1957749 - ovn-kubernetes pod should have CPU and memory requests set but not limits 1959238 - CVO creating cloud-controller-manager too early causing upgrade failures 1960103 - SR-IOV obliviously reboot the node 1961941 - Local Storage Operator using LocalVolume CR fails to create PV's when backend storage failure is simulated 1962302 - packageserver clusteroperator does not set reason or message for Available condition 1962312 - Deployment considered unhealthy despite being available and at latest generation 1962435 - Public DNS records were not deleted when destroying a cluster which is using byo private hosted zone 1963115 - Test verify /run filesystem contents failing 5. Description: Security Fix(es): * Addressed a security issue which can allow a malicious playbook author to elevate to the awx user from outside the isolated environment: CVE-2021-20253 * Upgraded to a more recent version of autobahn to address CVE-2020-35678. * Upgraded to a more recent version of nginx to address CVE-2019-20372. Bug Fix(es): * Fixed a bug which can intermittently cause access to encrypted Tower settings to fail, resulting in failed job launches. * Improved analytics collection to collect the playbook status for all hosts in a playbook run 3. Solution: For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/ index.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1790277 - CVE-2019-20372 nginx: HTTP request smuggling in configurations with URL redirect used as error_page 1911314 - CVE-2020-35678 python-autobahn: allows redirect header injection 1928847 - CVE-2021-20253 ansible-tower: Privilege escalation via job isolation escape 5. ========================================================================== Ubuntu Security Notice USN-4602-1 October 26, 2020 perl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Perl. Software Description: - perl: Practical Extraction and Report Language Details: ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10543) Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10878) Sergey Aleynikov discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12723) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: perl 5.30.0-9ubuntu0.2 Ubuntu 18.04 LTS: perl 5.26.1-6ubuntu0.5 Ubuntu 16.04 LTS: perl 5.22.1-9ubuntu0.9 In general, a standard system update will make all the necessary changes

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

input validation error

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2024-12-21T22:21:22.428000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE