Bug 2132868 (CVE-2022-2880)
| Summary: | CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Avinash Hanwate <ahanwate> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | abishop, adudiak, agerstmayr, amackenz, amasferr, amurdaca, ansmith, aoconnor, asm, ataylor, bbaude, bcoca, bdettelb, bkundu, bniver, bodavis, chazlett, davidn, dbenoit, deparker, dwalsh, dwd, dwhatley, dymurray, eduardo.ramalho, eglynn, emachado, epacific, fdeutsch, flucifre, gmeno, go-sig, gparvin, grafana-maint, ibolton, jaharrin, jburrell, jcajka, jcammara, jcantril, jchui, jeder, jhardy, jjoyce, jkurik, jligon, jmatthew, jmontleo, jneedle, jnovy, jobarker, jpadman, jramanat, jross, juneau, jwendell, jwon, lball, lemenkov, lhh, lsm5, mabashia, matzew, maxwell, mbenjamin, mboddu, mburns, mcressma, mgarciac, mhackett, mheon, mkudlej, mnewsome, mwringe, nathans, nboldt, njean, ocs-bugs, oramraz, osapryki, osbuilders, oskutka, pahickey, pehunt, periklis, pjindal, pthomas, rcernich, rhcos-sst, rhuss, rkieley, saroy, scorneli, sfowler, simaishi, sipoyare, slucidi, smcdonal, smullick, sostapov, spower, sseago, stcannon, tfister, tjochec, tstellar, tsweeney, twalsh, umohnani, vereddy, vkumar, whayutin, yguenane, zsadeh |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | go 1.19.2, go 1.18.7 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-05-18 19:42:27 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2138888, 2132876, 2132877, 2133915, 2133916, 2133917, 2133920, 2133922, 2133923, 2133925, 2133926, 2133927, 2134346, 2134405, 2134406, 2134407, 2134441, 2134442, 2134443, 2134445, 2134446, 2134447, 2134448, 2134449, 2134450, 2134453, 2134454, 2134455, 2134456, 2134457, 2134471, 2134472, 2134473, 2134474, 2134475, 2134476, 2134477, 2136717, 2136718, 2136719, 2136720, 2136721, 2136722, 2136723, 2136835, 2136839, 2136841, 2136843, 2136849, 2138889 | ||
| Bug Blocks: | 2132475 | ||
|
Description
Avinash Hanwate
2022-10-07 04:54:12 UTC
Created golang tracking bugs for this issue: Affects: epel-all [bug 2132876] Affects: fedora-all [bug 2132877] References: https://github.com/golang/go/issues/54663 Upstream Commits: Master : https://github.com/golang/go/commit/7c84234142149bd24a4096c6cab691d3593f3431 branch.go1.18 : https://github.com/golang/go/commit/9d2c73a9fd69e45876509bb3bdb2af99bf77da1e branch.go1.19 : https://github.com/golang/go/commit/f6d844510d5f1e3b3098eba255d9b633d45eac3b This issue has been addressed in the following products: RHOL-5.5-RHEL-8 Via RHSA-2022:8781 https://access.redhat.com/errata/RHSA-2022:8781 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2022:7398 https://access.redhat.com/errata/RHSA-2022:7398 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2022:7399 https://access.redhat.com/errata/RHSA-2022:7399 This issue has been addressed in the following products: RHOL-5.6-RHEL-8 Via RHSA-2023:0264 https://access.redhat.com/errata/RHSA-2023:0264 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0328 https://access.redhat.com/errata/RHSA-2023:0328 This issue has been addressed in the following products: Red Hat Developer Tools Via RHSA-2023:0445 https://access.redhat.com/errata/RHSA-2023:0445 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0446 https://access.redhat.com/errata/RHSA-2023:0446 This issue has been addressed in the following products: Red Hat OpenShift Service Mesh 2.3 for RHEL 8 Via RHSA-2023:0542 https://access.redhat.com/errata/RHSA-2023:0542 This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8 Via RHSA-2023:0631 https://access.redhat.com/errata/RHSA-2023:0631 This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.7 Via RHSA-2023:0693 https://access.redhat.com/errata/RHSA-2023:0693 This issue has been addressed in the following products: Openshift Serverless 1 on RHEL 8 Via RHSA-2023:0708 https://access.redhat.com/errata/RHSA-2023:0708 This issue has been addressed in the following products: RHOSS-1.27-RHEL-8 Via RHSA-2023:0709 https://access.redhat.com/errata/RHSA-2023:0709 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:0727 https://access.redhat.com/errata/RHSA-2023:0727 This issue has been addressed in the following products: OpenShift Custom Metrics Autoscaler 2 Via RHSA-2023:1042 https://access.redhat.com/errata/RHSA-2023:1042 This issue has been addressed in the following products: OADP-1.1-RHEL-8 Via RHSA-2023:1174 https://access.redhat.com/errata/RHSA-2023:1174 This issue has been addressed in the following products: Red Hat OpenStack Platform 16.1 Red Hat OpenStack Platform 16.2 Via RHSA-2023:1275 https://access.redhat.com/errata/RHSA-2023:1275 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2167 https://access.redhat.com/errata/RHSA-2023:2167 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2204 https://access.redhat.com/errata/RHSA-2023:2204 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2357 https://access.redhat.com/errata/RHSA-2023:2357 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:2780 https://access.redhat.com/errata/RHSA-2023:2780 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:2784 https://access.redhat.com/errata/RHSA-2023:2784 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:2866 https://access.redhat.com/errata/RHSA-2023:2866 This issue has been addressed in the following products: RHEL-9-CNV-4.13 Via RHSA-2023:3205 https://access.redhat.com/errata/RHSA-2023:3205 This issue has been addressed in the following products: OSSO-1.1-RHEL-8 Via RHSA-2023:0584 https://access.redhat.com/errata/RHSA-2023:0584 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-2880 This issue has been addressed in the following products: Red Hat Ceph Storage 6.1 Via RHSA-2023:3642 https://access.redhat.com/errata/RHSA-2023:3642 This issue has been addressed in the following products: OpenShift Developer Tools and Services for OCP 4.11 Via RHSA-2023:3664 https://access.redhat.com/errata/RHSA-2023:3664 This issue has been addressed in the following products: RHODF-4.13-RHEL-9 Via RHSA-2023:3742 https://access.redhat.com/errata/RHSA-2023:3742 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:3613 https://access.redhat.com/errata/RHSA-2023:3613 This issue has been addressed in the following products: Service Interconnect 1 for RHEL 8 Service Interconnect 1 for RHEL 9 Via RHSA-2023:4003 https://access.redhat.com/errata/RHSA-2023:4003 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0121 https://access.redhat.com/errata/RHSA-2024:0121 This issue has been addressed in the following products: RHEL-8 based Middleware Containers Via RHSA-2024:2944 https://access.redhat.com/errata/RHSA-2024:2944 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:2988 https://access.redhat.com/errata/RHSA-2024:2988 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:3254 https://access.redhat.com/errata/RHSA-2024:3254 |