Bug 1827643 (CVE-2020-1108)
| Summary: | CVE-2020-1108 dotnet: Denial of service via untrusted input | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | andrew.slice, bodavis, dbhole, kanderso, omajid, rtillery, rwagner, scorneli, security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | dotnet sdk 3.1.105, dotnet runtime 3.1.5, dotnet sdk 2.1.515, dotnet runtime 2.1.19 | Doc Type: | If docs needed, set a value |
| Doc Text: |
An integer overflow condition was found in dotnet and dotnet3.1's BinaryReader Read7BitEncodedInt() method. This method is used by BinaryReader's ReadString() method, and given a certain input, and cause a denial of service to dotnet applications using BinaryReader. The exploitation of this flaw depends on the application but does not inherently require the attacker to be authenticated or have any specific privileges. An attacker could exploit this flaw remotely via the internet by sending crafted data to a dotnet application that is passed into Read7BitEncodedInt(), resulting in a denial of service when the output is used by ReadString().
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-05-13 16:31:46 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1828624, 1829418, 1829419, 1834957, 1834958, 1835185, 1835188 | ||
| Bug Blocks: | 1827646 | ||
|
Description
Dhananjay Arunesh
2020-04-24 12:28:40 UTC
Acknowledgments: Name: Microsoft External References: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1108 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2143 https://access.redhat.com/errata/RHSA-2020:2143 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-1108 This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2020:2146 https://access.redhat.com/errata/RHSA-2020:2146 This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2020:2249 https://access.redhat.com/errata/RHSA-2020:2249 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2250 https://access.redhat.com/errata/RHSA-2020:2250 The fixes released as part of the May 2020 Patch Tuesday were incomplete. Additional updates to comprehensively address this issue were released as part of the June 2020 Patch Tuesday. https://github.com/dotnet/announcements/issues/157 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2450 https://access.redhat.com/errata/RHSA-2020:2450 This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2020:2476 https://access.redhat.com/errata/RHSA-2020:2476 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2471 https://access.redhat.com/errata/RHSA-2020:2471 This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2020:2475 https://access.redhat.com/errata/RHSA-2020:2475 |