Bug 2023853 (CVE-2021-27025)
Summary: | CVE-2021-27025 puppet: silent configuration failure in agent | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | bbuckingham, bcourt, bkearney, brandfbb, btotty, dbecker, ehelms, ekohlvan, extras-orphan, jjoyce, jschluet, jsherril, lhh, lpeer, lutter, lzap, mburns, mhulan, mmagr, mmccune, myarboro, nmoumoul, orabin, pcreech, rchan, sclewis, slinaber, terje.rosten |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Puppet Agent 6.25.1, Puppet Agent 7.12.1 | Doc Type: | If docs needed, set a value |
Doc Text: |
A configuration flaw was found in Puppet Agent where the agent silently ignores Augeas settings. This flaw allows a network attacker to cause a denial of service before the first pluginsync. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2022-05-04 17:15:30 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2024044, 2024045, 2024046, 2024376, 2024377, 2025476, 2027207, 2027246, 2027254, 2066884, 2090612, 2090618 | ||
Bug Blocks: | 2023864 |
Description
Guilherme de Almeida Suckevicz
2021-11-16 17:18:24 UTC
Upstream commits (PUP-11209): 7.12.1: https://github.com/puppetlabs/puppet/commit/0e189e9988c4969280134d043b871851928caa41 6.x: https://github.com/puppetlabs/puppet/commit/da8b73edca174309a9bef5f62cd276933fe733e8 Created puppet tracking bugs for this issue: Affects: epel-all [bug 2024044] Affects: fedora-all [bug 2024045] Affects: openstack-rdo [bug 2024046] Epel and fedora are resolved. I'm not sure who responds for the openstack-rdo builds. Upcoming RHUI4 release is notaffected as product removed puppet to suppose installation with Ansible playbooks. This issue has been addressed in the following products: Red Hat Satellite 6.10 for RHEL 7 Via RHSA-2022:1708 https://access.redhat.com/errata/RHSA-2022:1708 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-27025 This issue has been addressed in the following products: Satellite Tools 6.9 for RHEL 7 Satellite Tools 6.9 for RHEL 6.ELS Satellite Tools 6.9 for RHEL 7.2.AUS Satellite Tools 6.9 for RHEL 7.3.AUS Satellite Tools 6.9 for RHEL 7.4.AUS Satellite Tools 6.9 for RHEL 7.4.E4S Satellite Tools 6.9 for RHEL 7.4.TUS Satellite Tools 6.9 for RHEL 7.6.AUS Satellite Tools 6.9 for RHEL 7.6.E4S Satellite Tools 6.9 for RHEL 7.6.EUS Satellite Tools 6.9 for RHEL 7.6.TUS Satellite Tools 6.9 for RHEL 7.7.AUS Satellite Tools 6.9 for RHEL 7.7.E4S Satellite Tools 6.9 for RHEL 7.7.EUS Satellite Tools 6.9 for RHEL 7.7.TUS Satellite Tools 6.9 for RHEL 8 Satellite Tools 6.9 for RHEL 8.0.E4S Satellite Tools 6.9 for RHEL 8.1.E4S Satellite Tools 6.9 for RHEL 8.1.EUS Satellite Tools 6.9 for RHEL 8.2.AUS Satellite Tools 6.9 for RHEL 8.2.E4S Satellite Tools 6.9 for RHEL 8.2.EUS Satellite Tools 6.9 for RHEL 8.2.TUS Satellite Tools 6.9 for RHEL 8.4.AUS Satellite Tools 6.9 for RHEL 8.4.E4S Satellite Tools 6.9 for RHEL 8.4.EUS Satellite Tools 6.9 for RHEL 8.6.AUS Satellite Tools 6.9 for RHEL 8.6.E4S Satellite Tools 6.9 for RHEL 8.6.EUS Satellite Tools 6.9 for RHEL 8.6.TUS Via RHSA-2022:4867 https://access.redhat.com/errata/RHSA-2022:4867 This issue has been addressed in the following products: Satellite Tools 6.10 for RHEL 7 Satellite Tools 6.10 for RHEL 6.ELS Satellite Tools 6.10 for RHEL 7.2.AUS Satellite Tools 6.10 for RHEL 7.3.AUS Satellite Tools 6.10 for RHEL 7.4.AUS Satellite Tools 6.10 for RHEL 7.4.E4S Satellite Tools 6.10 for RHEL 7.4.TUS Satellite Tools 6.10 for RHEL 7.6.AUS Satellite Tools 6.10 for RHEL 7.6.E4S Satellite Tools 6.10 for RHEL 7.6.TUS Satellite Tools 6.10 for RHEL 7.7.AUS Satellite Tools 6.10 for RHEL 7.7.E4S Satellite Tools 6.10 for RHEL 7.7.TUS Satellite Tools 6.10 for RHEL 8 Satellite Tools 6.10 for RHEL 8.1.E4S Satellite Tools 6.10 for RHEL 8.1.EUS Satellite Tools 6.10 for RHEL 8.2.AUS Satellite Tools 6.10 for RHEL 8.2.E4S Satellite Tools 6.10 for RHEL 8.2.EUS Satellite Tools 6.10 for RHEL 8.2.TUS Satellite Tools 6.10 for RHEL 8.4.AUS Satellite Tools 6.10 for RHEL 8.4.E4S Satellite Tools 6.10 for RHEL 8.4.EUS Satellite Tools 6.10 for RHEL 8.4.TUS Satellite Tools 6.10 for RHEL 8.6.AUS Satellite Tools 6.10 for RHEL 8.6.E4S Satellite Tools 6.10 for RHEL 8.6.EUS Via RHSA-2022:4866 https://access.redhat.com/errata/RHSA-2022:4866 This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2022:8846 https://access.redhat.com/errata/RHSA-2022:8846 This issue has been addressed in the following products: Red Hat OpenStack Platform 16.1 Via RHSA-2022:8862 https://access.redhat.com/errata/RHSA-2022:8862 |