Vulnerability-Lookup

CVE-2021-20291 (GCVE-0-2021-20291)

Vulnerability from cvelistv5 – Published: 2021-04-01 17:49 – Updated: 2024-08-03 17:37

Summary

A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).

Severity ?

No CVSS data available.

CWE

CWE-667

Assigner

redhat

References

URL

	Vendor	Product	Version
	n/a	containers/storage	Affected: containers/storage 1.28.1

CVE-2021-20291

Vulnerability from osv_almalinux

Published

2022-11-15 00:00

Modified

2022-11-18 05:11

Summary

Moderate: buildah security and bug fix update

Details

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.

Security Fix(es):

containers/storage: DoS via malicious image (CVE-2021-20291)
golang: net: lookup functions may return invalid host names (CVE-2021-33195)
golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)
golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
podman: possible information disclosure and modification (CVE-2022-2989)
buildah: possible information disclosure and modification (CVE-2022-2990)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "buildah"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.27.0-2.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "buildah-tests"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.27.0-2.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. \n\nSecurity Fix(es):\n\n* containers/storage: DoS via malicious image (CVE-2021-20291)\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)\n* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)\n* podman: possible information disclosure and modification (CVE-2022-2989)\n* buildah: possible information disclosure and modification (CVE-2022-2990)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2022:8008",
  "modified": "2022-11-18T05:11:27Z",
  "published": "2022-11-15T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2022:8008"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-20291"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-33195"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-33197"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-33198"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-27191"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-2989"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-2990"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1939485"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1989564"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1989570"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1989575"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2064702"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2121445"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2121453"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2022-8008.html"
    }
  ],
  "related": [
    "CVE-2021-20291",
    "CVE-2021-33195",
    "CVE-2021-33197",
    "CVE-2021-33198",
    "CVE-2022-27191",
    "CVE-2022-2989",
    "CVE-2022-2990"
  ],
  "summary": "Moderate: buildah security and bug fix update"
}

CVE-2021-20291

Vulnerability from osv_almalinux

Published

2022-11-15 00:00

Modified

2022-11-18 05:46

Summary

Moderate: podman security and bug fix update

Details

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

Security Fix(es):

golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)
golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)
podman: podman machine spawns gvproxy with port bound to all IPs (CVE-2021-4024)
podman: Remote traffic to rootless containers is seen as orginating from localhost (CVE-2021-20199)
containers/storage: DoS via malicious image (CVE-2021-20291)
golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "podman"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:4.2.0-3.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "podman-docker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:4.2.0-3.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "podman-gvproxy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:4.2.0-3.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "podman-plugins"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:4.2.0-3.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "podman-remote"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:4.2.0-3.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "podman-tests"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:4.2.0-3.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)\n* podman: podman machine spawns gvproxy with port bound to all IPs (CVE-2021-4024)\n* podman: Remote traffic to rootless containers is seen as orginating from localhost (CVE-2021-20199)\n* containers/storage: DoS via malicious image (CVE-2021-20291)\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2022:7954",
  "modified": "2022-11-18T05:46:54Z",
  "published": "2022-11-15T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2022:7954"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2020-28851"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2020-28852"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-20199"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-20291"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-33197"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-34558"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-4024"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-27191"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1913333"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1913338"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1919050"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1939485"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1983596"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1989570"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2026675"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2064702"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2022-7954.html"
    }
  ],
  "related": [
    "CVE-2020-28851",
    "CVE-2020-28852",
    "CVE-2021-4024",
    "CVE-2021-20199",
    "CVE-2021-20291",
    "CVE-2021-33197",
    "CVE-2021-34558",
    "CVE-2022-27191"
  ],
  "summary": "Moderate: podman security and bug fix update"
}

CVE-2021-20291

Vulnerability from osv_almalinux

Published

2021-11-09 08:24

Modified

2022-02-02 17:58

Summary

Moderate: container-tools:rhel8 security, bug fix, and enhancement update

Details

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

buildah: Host environment variables leaked in build container when using chroot isolation (CVE-2021-3602)
containers/storage: DoS via malicious image (CVE-2021-20291)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "crit"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "crit"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "crit"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "criu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "criu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "criu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "criu-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "criu-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "criu-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "criu-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "criu-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "criu-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libslirp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-1.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libslirp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-1.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libslirp-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-1.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libslirp-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-1.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "oci-seccomp-bpf-hook"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.3-3.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "oci-seccomp-bpf-hook"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.3-3.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python3-criu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python3-criu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python3-criu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15-3.module_el8.6.0+2751+06427ca3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "slirp4netns"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.1.8-1.module_el8.6.0+2876+9ed4eae2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "slirp4netns"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.1.8-1.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "toolbox"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.99.3-0.4.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "toolbox"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.99.3-0.4.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "toolbox-tests"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.99.3-0.4.module_el8.5.0+2613+1b78b731"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "toolbox-tests"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.99.3-0.4.module_el8.6.0+2877+8e437bf5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* buildah: Host environment variables leaked in build container when using chroot isolation (CVE-2021-3602)\n\n* containers/storage: DoS via malicious image (CVE-2021-20291)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2021:4154",
  "modified": "2022-02-02T17:58:49Z",
  "published": "2021-11-09T08:24:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2021-4154.html"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-20291"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-3602"
    }
  ],
  "related": [
    "CVE-2021-3602",
    "CVE-2021-20291"
  ],
  "summary": "Moderate: container-tools:rhel8 security, bug fix, and enhancement update"
}

CVE-2021-20291

Vulnerability from osv_almalinux

Published

2022-11-15 00:00

Modified

2022-11-18 05:44

Summary

Moderate: skopeo security and bug fix update

Details

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.

Security Fix(es):

containers/storage: DoS via malicious image (CVE-2021-20291)
golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "skopeo"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.9.2-1.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "skopeo-tests"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.9.2-1.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. \n\nSecurity Fix(es):\n\n* containers/storage: DoS via malicious image (CVE-2021-20291)\n* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2022:7955",
  "modified": "2022-11-18T05:44:13Z",
  "published": "2022-11-15T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2022:7955"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-20291"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-33198"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1939485"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1989575"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2022-7955.html"
    }
  ],
  "related": [
    "CVE-2021-20291",
    "CVE-2021-33198"
  ],
  "summary": "Moderate: skopeo security and bug fix update"
}

FKIE_CVE-2021-20291

Vulnerability from fkie_nvd - Published: 2021-04-01 18:15 - Updated: 2024-11-21 05:46

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1939485	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL/
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X/
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI/
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM/
secalert@redhat.com	https://unit42.paloaltonetworks.com/cve-2021-20291/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1939485	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM/
af854a3a-2127-422b-91ae-364da2661108	https://unit42.paloaltonetworks.com/cve-2021-20291/	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
storage_project	storage	*
redhat	openshift_container_platform	4.0
redhat	enterprise_linux	8.0
fedoraproject	fedora	33
fedoraproject	fedora	34

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:storage_project:storage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "89BBBDA6-01A5-4FB5-B662-8AE0B171CD46",
              "versionEndExcluding": "1.28.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS)."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una vulnerabilidad de interbloqueo en \"github.com/containers/storage\" en versiones anteriores a 1.28.1.\u0026#xa0;Cuando se procesa una imagen de contenedor, cada capa se desempaqueta usando un \"tar\".\u0026#xa0;Si una de esas capas no es un archivo \"tar\" v\u00e1lido, se produce un error que conlleva a una situaci\u00f3n inesperada en la que el c\u00f3digo espera indefinidamente el flujo desempaquetado de tar, que nunca termina.\u0026#xa0;Un atacante podr\u00eda utilizar esta vulnerabilidad para crear una imagen maliciosa, que cuando una aplicaci\u00f3n la descarga y almacena mediante contenedores y almacenamiento, provocar\u00eda un punto muerto que conducir\u00eda a una Denegaci\u00f3n de Servicio (DoS)."
    }
  ],
  "id": "CVE-2021-20291",
  "lastModified": "2024-11-21T05:46:17.627",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-01T18:15:12.603",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://unit42.paloaltonetworks.com/cve-2021-20291/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://unit42.paloaltonetworks.com/cve-2021-20291/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-667"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

GSD-2021-20291

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-20291

Aliases

CVE-2021-20291

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-20291",
    "description": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).",
    "id": "GSD-2021-20291",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-20291.html",
      "https://access.redhat.com/errata/RHSA-2021:4154",
      "https://access.redhat.com/errata/RHSA-2021:2438",
      "https://access.redhat.com/errata/RHSA-2021:1150",
      "https://linux.oracle.com/cve/CVE-2021-20291.html",
      "https://access.redhat.com/errata/RHBA-2022:0348",
      "https://access.redhat.com/errata/RHSA-2022:7954",
      "https://access.redhat.com/errata/RHSA-2022:7955",
      "https://access.redhat.com/errata/RHSA-2022:8008"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-20291"
      ],
      "details": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).",
      "id": "GSD-2021-20291",
      "modified": "2023-12-13T01:23:12.465539Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2021-20291",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "containers/storage",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "containers/storage 1.28.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-667"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485"
          },
          {
            "name": "FEDORA-2021-ec00da7faa",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL/"
          },
          {
            "name": "FEDORA-2021-83b3740389",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM/"
          },
          {
            "name": "FEDORA-2021-a3703b9dc8",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI/"
          },
          {
            "name": "FEDORA-2021-c56a213327",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X/"
          },
          {
            "name": "https://unit42.paloaltonetworks.com/cve-2021-20291/",
            "refsource": "MISC",
            "url": "https://unit42.paloaltonetworks.com/cve-2021-20291/"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.28.1",
          "affected_versions": "All versions before 1.28.1",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-667",
            "CWE-937"
          ],
          "date": "2021-05-25",
          "description": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).",
          "fixed_versions": [
            "1.28.1"
          ],
          "identifier": "CVE-2021-20291",
          "identifiers": [
            "GHSA-7qw8-847f-pggm",
            "CVE-2021-20291"
          ],
          "not_impacted": "",
          "package_slug": "go/github.com/containers/storage",
          "pubdate": "2021-05-10",
          "solution": "Upgrade to version 1.28.1 or above.",
          "title": "Improper Locking",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-20291",
            "https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d698209ee1",
            "https://unit42.paloaltonetworks.com/cve-2021-20291/",
            "https://github.com/advisories/GHSA-7qw8-847f-pggm"
          ],
          "uuid": "3032cb9c-3ecb-4b87-9603-69cb4fd136a1"
        },
        {
          "affected_range": "\u003e=1.23.8 \u003c1.28.1",
          "affected_versions": "All versions starting from 1.23.8 before 1.28.1",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-667",
            "CWE-937"
          ],
          "date": "2021-05-25",
          "description": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).",
          "fixed_versions": [
            "1.28.1"
          ],
          "identifier": "CVE-2021-20291",
          "identifiers": [
            "GHSA-7qw8-847f-pggm",
            "CVE-2021-20291"
          ],
          "not_impacted": "All versions before 1.23.8, all versions starting from 1.28.1",
          "package_slug": "go/github.com/containers/storage/pkg/archive",
          "pubdate": "2021-05-10",
          "solution": "Upgrade to version 1.28.1 or above.",
          "title": "Improper Locking",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-20291",
            "https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d698209ee1",
            "https://unit42.paloaltonetworks.com/cve-2021-20291/",
            "https://github.com/advisories/GHSA-7qw8-847f-pggm"
          ],
          "uuid": "6539eae1-8885-484b-9ffa-64a28c276301"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:storage_project:storage:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.28.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2021-20291"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-667"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485",
              "refsource": "MISC",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485"
            },
            {
              "name": "FEDORA-2021-ec00da7faa",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL/"
            },
            {
              "name": "FEDORA-2021-83b3740389",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM/"
            },
            {
              "name": "FEDORA-2021-a3703b9dc8",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI/"
            },
            {
              "name": "FEDORA-2021-c56a213327",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X/"
            },
            {
              "name": "https://unit42.paloaltonetworks.com/cve-2021-20291/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://unit42.paloaltonetworks.com/cve-2021-20291/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-06-02T13:13Z",
      "publishedDate": "2021-04-01T18:15Z"
    }
  }
}

GHSA-7QW8-847F-PGGM

Vulnerability from github – Published: 2021-05-10 19:35 – Updated: 2023-02-14 17:41

Summary

Improper Locking in github.com/containers/storage

Details

A deadlock vulnerability was found in github.com/containers/storage in versions before 1.28.1. When a container image is processed, each layer is unpacked using tar. If one of those layers is not a valid tar archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containers/storage"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.28.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-20291"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-667"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-04T19:15:55Z",
    "nvd_published_at": "2021-04-01T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A deadlock vulnerability was found in `github.com/containers/storage` in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).",
  "id": "GHSA-7qw8-847f-pggm",
  "modified": "2023-02-14T17:41:32Z",
  "published": "2021-05-10T19:35:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20291"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containers/storage/pull/860"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d698209ee1"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/containers/storage"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2021-0100"
    },
    {
      "type": "WEB",
      "url": "https://unit42.paloaltonetworks.com/cve-2021-20291"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Locking in github.com/containers/storage"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-20291 (GCVE-0-2021-20291)

CVE-2021-20291

Vulnerability from osv_almalinux

CVE-2021-20291

Vulnerability from osv_almalinux

CVE-2021-20291

Vulnerability from osv_almalinux

CVE-2021-20291

Vulnerability from osv_almalinux

FKIE_CVE-2021-20291

GSD-2021-20291

GHSA-7QW8-847F-PGGM

Tags

Sightings

Nomenclature