rhsa-2022_1679
Vulnerability from csaf_redhat
Published
2022-05-10 15:34
Modified
2024-11-06 00:46
Summary
Red Hat Security Advisory: Cryostat 2.1.0: new Cryostat on RHEL 8 container images
Notes
Topic
New Cryostat 2.1.0 on RHEL 8 container images are now available
Details
New Cryostat 2.1.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes and addressing the following security vulnerability: CVE-2021-3121 (see References)
Users of Cryostat 2.0.0 on RHEL 8 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.
You can find images updated by this advisory in Red Hat Container Catalog (see References).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "New Cryostat 2.1.0 on RHEL 8 container images are now available", "title": "Topic" }, { "category": "general", "text": "New Cryostat 2.1.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes and addressing the following security vulnerability: CVE-2021-3121 (see References)\n\nUsers of Cryostat 2.0.0 on RHEL 8 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.\n\nYou can find images updated by this advisory in Red Hat Container Catalog (see References).", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:1679", "url": "https://access.redhat.com/errata/RHSA-2022:1679" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/containers", "url": "https://access.redhat.com/containers" }, { "category": "external", "summary": "1921650", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1679.json" } ], "title": "Red Hat Security Advisory: Cryostat 2.1.0: new Cryostat on RHEL 8 container images", "tracking": { "current_release_date": "2024-11-06T00:46:25+00:00", "generator": { "date": "2024-11-06T00:46:25+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2022:1679", "initial_release_date": "2022-05-10T15:34:53+00:00", "revision_history": [ { "date": "2022-05-10T15:34:53+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-05-10T15:34:53+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T00:46:25+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Cryostat 2 on RHEL 8", "product": { "name": "Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:cryostat:2::el8" } } } ], "category": "product_family", "name": "Cryostat" }, { "branches": [ { "category": "product_version", "name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "product": { "name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=2.1.0-1" } } }, { "category": "product_version", "name": "cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "product": { "name": "cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "product_id": "cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=2.1.0-1" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9_amd64", "product": { "name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9_amd64", "product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=1.0.0-1" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "product": { "name": "cryostat-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=2.1.0-2" } } }, { "category": "product_version", "name": "cryostat-20-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "product": { "name": "cryostat-20-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "product_id": "cryostat-20-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-20-tech-preview/cryostat-rhel8\u0026tag=2.1.0-2" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "product": { "name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=2.1.0-1" } } }, { "category": "product_version", "name": "cryostat-20-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "product": { "name": "cryostat-20-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "product_id": "cryostat-20-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-20-tech-preview/cryostat-operator-bundle\u0026tag=2.1.0-1" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "product": { "name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=2.1.0-1" } } }, { "category": "product_version", "name": "cryostat-20-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "product": { "name": "cryostat-20-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "product_id": "cryostat-20-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-20-tech-preview/cryostat-rhel8-operator\u0026tag=2.1.0-1" } } }, { "category": "product_version", "name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "product": { "name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "product_identification_helper": { "purl": "pkg:oci/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=2.1.0-1" } } }, { "category": "product_version", "name": "cryostat-20-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "product": { "name": "cryostat-20-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "product_id": "cryostat-20-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "product_identification_helper": { "purl": "pkg:oci/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-20-tech-preview/jfr-datasource-rhel8\u0026tag=2.1.0-1" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64" }, "product_reference": "cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-20-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64" }, "product_reference": "cryostat-20-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-20-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64" }, "product_reference": "cryostat-20-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-20-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64" }, "product_reference": "cryostat-20-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-20-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-20-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64" }, "product_reference": "cryostat-20-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-tech-preview/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "relates_to_product_reference": "8Base-Cryostat-2" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64 as a component of Cryostat 2 on RHEL 8", "product_id": "8Base-Cryostat-2:cryostat-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64" }, "product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "relates_to_product_reference": "8Base-Cryostat-2" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3121", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2021-01-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1921650" } ], "notes": [ { "category": "description", "text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Jaeger (RHOSJ) all include code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for OCP, OSSM and RHOSJ.\n\nOpenShift Virtualization includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component of OpenShift Virtualization is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no RHACM component is accepting protobuf messages from unauthenticated sources and are used with a limited scope, hence this vulnerability is rated Moderate for RHACM.\n\nRed Hat Cluster Application Migration (CAM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no CAM component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for CAM.\n\nCryostat-2 is affected as it does ship gogo/protobuf library with it\u0027s distribution but the only use for Protobuf would be the Kubernetes/OpenShift API server the operator communicates with and it should be authenticated hence it is affected with Moderate impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "8Base-Cryostat-2:cryostat-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3121" }, { "category": "external", "summary": "RHBZ#1921650", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3121" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121" } ], "release_date": "2021-01-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-05-10T15:34:53+00:00", "details": "The Cryostat 2 on RHEL 8 container images provided by this update can be downloaded from the Red Hat Container Registry at registry.redhat.io. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.", "product_ids": [ "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "8Base-Cryostat-2:cryostat-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:1679" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "8Base-Cryostat-2:cryostat-20-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:9a55ccd80e3edfa707ba97e60c84345f0d542f1e7a61e59ec28aa3a5dd1a5277_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-operator-bundle@sha256:4214fe35d5e888f5c5e9b314da5ca7604b42a09b3612dd254b6a357e46ee248b_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-reports-rhel8@sha256:6d2893e9b249426acd36787438f43312baa2d957f0e3dcaad3beca3885e164e9_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-rhel8-operator@sha256:66f5bc248bae46fa25d13b902ace884b810365fdddfc3d6277f11e42213534b4_amd64", "8Base-Cryostat-2:cryostat-tech-preview/cryostat-rhel8@sha256:efe3881d45f78e99d69e3c8b894b49a29f2b6e1e954fe2cc0ec15e6b9dee357c_amd64", "8Base-Cryostat-2:cryostat-tech-preview/jfr-datasource-rhel8@sha256:f8e82f4d19b88c46d78b199c077e1c0910e153254ea83dd01a152567e50a85cb_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.