1247732 – (CVE-2015-5164) CVE-2015-5164 Satellite6: python pickle() processing problem in pulp

Bug 1247732 (CVE-2015-5164) - CVE-2015-5164 Satellite6: python pickle() processing problem in pulp

Summary: CVE-2015-5164 Satellite6: python pickle() processing problem in pulp

Keywords:
Status:	POST
Alias:	CVE-2015-5164
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1246263
Blocks:
TreeView+	depends on / blocked

Reported:	2015-07-28 17:10 UTC by Kurt Seifried
Modified:	2021-04-06 18:04 UTC (History)
CC List:	17 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	A flaw was found in the handling of Python pickle()-encoded messages in the Qpid server on Satellite 6. The Qpid server did not properly restrict message types that can be sent from managed content hosts. An attacker with administrative access to a managed content host could send arbitrary messages containing pickle()-encoded data, which would then be processed on the Satellite 6 server and result in possible code execution.
Clone Of:
Environment:
Last Closed:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Pulp Redmine	23	0	Normal	CLOSED - CURRENTRELEASE	As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerously	2016-03-23 18:32:13 UTC

Description Kurt Seifried 2015-07-28 17:10:26 UTC

Brian Bouterse of Red Hat reports:

The Qpid server on Satellite6 does not properly restrict message types that can
be sent from managed content hosts. An attacker with administrative access to a
managed content host could send arbitrary messages containing pickle() encoded
data which would then be processed on the Satellite6 server.

Comment 1 pulp-infra@redhat.com 2015-09-11 16:30:58 UTC

The Pulp upstream bug status is at NEW. Updating the external tracker on this bug.

Comment 2 pulp-infra@redhat.com 2015-09-11 16:31:00 UTC

The Pulp upstream bug priority is at Normal. Updating the external tracker on this bug.

Comment 3 Kurt Seifried 2015-11-06 05:44:31 UTC

Acknowledgement:

This issue was discovered by Brian Bouterse of Red Hat.

Comment 5 pulp-infra@redhat.com 2015-12-09 15:31:40 UTC

The Pulp upstream bug status is at ASSIGNED. Updating the external tracker on this bug.

Comment 6 pulp-infra@redhat.com 2015-12-11 16:31:28 UTC

The Pulp upstream bug status is at MODIFIED. Updating the external tracker on this bug.

Comment 7 pulp-infra@redhat.com 2016-02-23 21:01:43 UTC

The Pulp upstream bug status is at ON_QA. Updating the external tracker on this bug.

Comment 8 pulp-infra@redhat.com 2016-03-23 18:32:14 UTC

The Pulp upstream bug status is at CLOSED - CURRENTRELEASE. Updating the external tracker on this bug.

Comment 9 pulp-infra@redhat.com 2016-11-21 21:04:22 UTC

All upstream Pulp bugs are at MODIFIED+. Moving this bug to POST.

Note You need to log in before you can comment on or make changes to this bug.