Bug 2268046 (CVE-2024-24786)
| Summary: | CVE-2024-24786 golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | TEJ RATHI <trathi> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | abishop, amctagga, anjoseph, aoconnor, apjagtap, asatyam, asherlan, aveerama, bbuckingham, bcourt, bdettelb, bniver, dfreiber, dhanak, dhellmann, diagrawa, dkenigsb, drow, dsimansk, dymurray, eglynn, ehelms, fdeutsch, flucifre, ggiguash, gkamathe, gmeno, gparvin, ibolton, jburrell, jcantril, jjoyce, jkoehler, jmatthew, jmoller, jmontleo, joelsmith, jprabhak, jschluet, jshaughn, jsherril, jwendell, kingland, kverlaen, lbainbri, lhh, lsvaty, lzap, matzew, mbenjamin, mbocek, mburns, mgarciac, mhackett, mhulan, mnovotny, mrajanna, muagarwa, mwringe, njean, nmoumoul, odf-bz-bot, orabin, oramraz, owatkins, pahickey, pcreech, periklis, pgrist, pierdipi, rcernich, rchan, rgarg, rguimara, rhaigner, rhuss, rjohnson, sabiswas, sakbas, sapillai, sdawley, shbose, sidakwo, sipoyare, skontopo, slucidi, smullick, sostapov, spandura, sseago, tnielsen, twalsh, ubhargav, vereddy, vkumar, whayutin |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | google.golang.org/protobuf 1.33.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2268125, 2268126, 2268127, 2268128, 2268134, 2268135, 2268147, 2268148, 2268157, 2268160, 2268161, 2268163, 2268165, 2268166, 2268167, 2275340, 2275341, 2268129, 2268130, 2268141, 2268142, 2268143, 2268146, 2268158, 2268159, 2268162, 2268164 | ||
| Bug Blocks: | 2268169 | ||
|
Description
TEJ RATHI
2024-03-06 06:49:40 UTC
Update: A small correction: This vulnerability applies when the UnmarshalOptions.DiscardUnknown option is set (as well as when unmarshaling into any message which contains a google.protobuf.Any). There is no UnmarshalUnknown option. In addition, version 1.33.0 of google.golang.org/protobuf inadvertently introduced an incompatibility with the older github.com/golang/protobuf module. (https://github.com/golang/protobuf/issues/1596) Users of the older module should update to github.com/golang/prot....4. - Damien, apologetically on behalf of the Go team. comment 0 and doctext updated for the same. This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:1363 https://access.redhat.com/errata/RHSA-2024:1363 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:1362 https://access.redhat.com/errata/RHSA-2024:1362 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:1456 https://access.redhat.com/errata/RHSA-2024:1456 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:1461 https://access.redhat.com/errata/RHSA-2024:1461 This issue has been addressed in the following products: RHOL-5.6-RHEL-8 Via RHSA-2024:1507 https://access.redhat.com/errata/RHSA-2024:1507 This issue has been addressed in the following products: RHOL-5.7-RHEL-8 Via RHSA-2024:1508 https://access.redhat.com/errata/RHSA-2024:1508 This issue has been addressed in the following products: RHOL-5.8-RHEL-9 Via RHSA-2024:1474 https://access.redhat.com/errata/RHSA-2024:1474 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:1537 https://access.redhat.com/errata/RHSA-2024:1537 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:1538 https://access.redhat.com/errata/RHSA-2024:1538 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:1559 https://access.redhat.com/errata/RHSA-2024:1559 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:1563 https://access.redhat.com/errata/RHSA-2024:1563 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:1574 https://access.redhat.com/errata/RHSA-2024:1574 This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8 Via RHSA-2024:1665 https://access.redhat.com/errata/RHSA-2024:1665 This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9 Via RHSA-2024:1795 https://access.redhat.com/errata/RHSA-2024:1795 This issue has been addressed in the following products: OADP-1.3-RHEL-9 Via RHSA-2024:1859 https://access.redhat.com/errata/RHSA-2024:1859 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:1874 https://access.redhat.com/errata/RHSA-2024:1874 This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.8 Via RHSA-2024:1925 https://access.redhat.com/errata/RHSA-2024:1925 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:2549 https://access.redhat.com/errata/RHSA-2024:2549 This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.7 Via RHSA-2024:2639 https://access.redhat.com/errata/RHSA-2024:2639 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:2666 https://access.redhat.com/errata/RHSA-2024:2666 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:2773 https://access.redhat.com/errata/RHSA-2024:2773 |