1607731 – (CVE-2018-8018) CVE-2018-8018 ignite: Improper deserialization allows for code execution via GridClientJdkMarshaller endpoint

Bug 1607731 (CVE-2018-8018) - CVE-2018-8018 ignite: Improper deserialization allows for code execution via GridClientJdkMarshaller endpoint

Summary: CVE-2018-8018 ignite: Improper deserialization allows for code execution via ...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2018-8018
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1607732
TreeView+	depends on / blocked

Reported:	2018-07-24 06:51 UTC by Sam Fowler
Modified:	2021-02-16 23:54 UTC (History)
CC List:	0 users
Fixed In Version:	ignite 2.6
Clone Of:
Environment:
Last Closed:	2019-06-10 10:34:11 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2018:3768	0	None	None	None	2018-12-04 16:02:07 UTC

Description Sam Fowler 2018-07-24 06:51:57 UTC

Apache Ignite through version 2.5's serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to GridClientJdkMarshaller deserialization endpoint.


External References:

https://lists.apache.org/thread.html/e0fdf53114a321142ecfa5cfa17658090f0b4e1677de431e329b37ab@%3Cdev.ignite.apache.org%3E

Comment 2 errata-xmlrpc 2018-12-04 16:02:04 UTC

This issue has been addressed in the following products:

  Red Hat Fuse 7.2

Via RHSA-2018:3768 https://access.redhat.com/errata/RHSA-2018:3768

Note You need to log in before you can comment on or make changes to this bug.