Headline
Ubuntu Security Notice USN-5769-1
Ubuntu Security Notice 5769-1 - It was discovered that protobuf did not properly manage memory when serializing large messages. An attacker could possibly use this issue to cause applications using protobuf to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that protobuf did not properly manage memory when parsing specifically crafted messages. An attacker could possibly use this issue to cause applications using protobuf to crash, resulting in a denial of service.
==========================================================================Ubuntu Security Notice USN-5769-1December 08, 2022protobuf vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 ESMSummary:Several security issues were fixed in protobuf.Software Description:- protobuf: protocol buffers C++ library (development files)Details:It was discovered that protobuf did not properly manage memory when serializinglarge messages. An attacker could possibly use this issue to cause applicationsusing protobuf to crash, resulting in a denial of service, or possibly executearbitrary code. (CVE-2015-5237)It was discovered that protobuf did not properly manage memory when parsingspecifically crafted messages. An attacker could possibly use this issue tocause applications using protobuf to crash, resulting in a denial of service.(CVE-2022-1941)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 ESM: libprotobuf-lite9v5 2.6.1-1.3ubuntu0.1~esm2 libprotobuf9v5 2.6.1-1.3ubuntu0.1~esm2 libprotoc9v5 2.6.1-1.3ubuntu0.1~esm2 protobuf-compiler 2.6.1-1.3ubuntu0.1~esm2 python-protobuf 2.6.1-1.3ubuntu0.1~esm2In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-5769-1 CVE-2015-5237, CVE-2022-1941
Related news
Gentoo Linux Security Advisory 202408-31 - A vulnerability has been discovered in protobuf and protobuf-python, which can lead to a denial of service. Versions greater than or equal to 3.20.3 are affected.
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so ...
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
Ubuntu Security Notice 5945-1 - It was discovered that Protocol Buffers did not properly validate field com.google.protobuf.UnknownFieldSet in protobuf-java. An attacker could possibly use this issue to perform a denial of service attack. This issue only affected protobuf Ubuntu 22.04 LTS and Ubuntu 22.10. It was discovered that Protocol Buffers did not properly parse certain symbols. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
### Summary A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message, which could lead to a denial of service (DoS) on services using the libraries. Reporter: [ClusterFuzz](https://google.github.io/clusterfuzz/) Affected versions: All versions of C++ Protobufs (including Python) prior to the versions listed below. ### Severity & Impact **Medium 5.7** - [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) A small (~500 KB) malicious payload can be constructed which causes the running service to allocate more than 3GB of RAM. ### Proof of Concept For reproduction details, please refer to the unit test that identifies the specific inputs that exercise this parsing weakness. ### Mitigation / Patching Please update to the latest available versions of the following pac...
A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated.