Bug 1988342 (CVE-2021-3672)
| Summary: | CVE-2021-3672 c-ares: Missing input validation of host names may lead to domain hijacking | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Marian Rehak <mrehak> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | aboscatt, atikhono, casper, gkamathe, hhorak, jhrozek, jorton, jstanek, msiddiqu, nagy.martin, nodejs-maint, security-response-team, sgoveas, spotrh, valtri, zsvetlik |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | c-ares 1.17.2 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-08-26 15:34:55 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1989425, 1989426, 1989427, 1989429, 1992221, 1992222, 1994398, 1994399, 1994400, 1994401, 1994942, 1994943, 1994963, 1995019, 1995020, 2014523 | ||
| Bug Blocks: | 1988343, 1988352 | ||
|
Description
Marian Rehak
2021-07-30 10:36:18 UTC
Created c-ares tracking bugs for this issue: Affects: fedora-all [bug 1992221] Created mingw-c-ares tracking bugs for this issue: Affects: fedora-all [bug 1992222] c-ares upstream advisory: https://c-ares.haxx.se/adv_20210810.html Patch linked form the above upstream advisory: https://github.com/c-ares/c-ares/compare/809d5e8..44c009b.patch This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS Via RHSA-2021:3281 https://access.redhat.com/errata/RHSA-2021:3281 This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS Via RHSA-2021:3280 https://access.redhat.com/errata/RHSA-2021:3280 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3672 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:3623 https://access.redhat.com/errata/RHSA-2021:3623 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:3639 https://access.redhat.com/errata/RHSA-2021:3639 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:3638 https://access.redhat.com/errata/RHSA-2021:3638 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:3666 https://access.redhat.com/errata/RHSA-2021:3666 Attack Complexity has been rated as high because an attacker would either need to have a legitimate DNS server under his control which have the malicious records with zero-bytes or trick the user into querying another rogue DNS server This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:2043 https://access.redhat.com/errata/RHSA-2022:2043 |