#linux

Red Hat OpenShift Service Mesh 2.2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modu...

Red Hat OpenShift Service Mesh 2.4.1 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Debian Linux Security Advisory 5454-1 - Riccardo Bonafede discovered that the Kanboard project management software was susceptible to SQL injection.

Pluck version 4.7.18 suffers from a remote code execution vulnerability.

Debian Linux Security Advisory 5453-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Debian Linux Security Advisory 5452-1 - Multiple security issues were discovered in the GPAC multimedia framework which could result in denial of service or the execution of arbitrary code.

ProjeQtOr Project Management System version 10.4.1 suffers from multiple cross site scripting vulnerabilities.

WinterCMS versions prior to 1.2.3 suffer from a persistent cross site scripting vulnerability.

Admidio version 4.2.10 suffers from a remote code execution vulnerability.

### Summary A well-crafted string passed to avro's `github.com/hamba/avro/v2.Unmarshal()` can throw a `fatal error: runtime: out of memory` which is unrecoverable and can cause denial of service of the consumer of avro. ### Details The root cause of the issue is that avro uses part of the input to `Unmarshal()` to determine the size when creating a new slice. In the reproducer below, the first few bytes determine the size of the slice. The root cause is on line 239 here: https://github.com/hamba/avro/blob/3abfe1e6382c5dccf2e1a00260c51a64bc1f1ca1/reader.go#L216-L242 ### PoC The issue was found during a security audit of Dapr, and I attach a reproducer that shows how the issue affects Dapr. Dapr uses an older version of the avro library, but it is also affected if bumping avro to latest. To reproduce: ```bash cd /tmp git clone --depth=1 https://github.com/dapr/components-contrib cd components-contrib/pubsub/pulsar ``` now add this test to the `pulsar_test.go`: ```golang func TestPa...