Bug 1853652 (CVE-2020-14040) - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
Summary: CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in ...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2020-14040
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1853653 1853654 1854693 1854694 1854695 1854714 1854715 1854716 1854717 1854718 1854719 1854832 1854833 1854834 1854835 1854837 1854838 1854840 1855568 1855569 1855570 1855571 1855572 1855573 1855575 1855576 1855577 1855578 1855579 1855580 1855581 1855582 1855583 1855584 1855586 1855587 1855588 1855589 1855590 1855591 1855592 1855593 1855594 1855597 1855598 1855599 1855600 1855601 1855602 1855603 1855604 1855605 1855606 1855607 1855608 1855609 1855610 1855611 1855612 1855613 1855614 1855615 1855616 1855617 1855618 1855619 1855620 1855621 1855623 1855624 1855625 1855626 1855627 1855628 1855629 1855630 1855631 1855632 1855633 1855634 1855635 1855636 1855637 1855638 1855639 1855640 1855641 1855642 1855643 1855644 1855645 1855646 1855647 1855648 1855649 1855650 1855654 1855655 1855656 1855657 1855658 1855659 1855660 1855661 1855662 1855663 1855664 1855665 1855666 1855667 1855668 1855669 1855670 1855671 1855672 1855673 1855674 1855675 1855676 1855679 1855680 1855681 1855682 1855683 1855684 1855685 1855686 1855687 1855688 1855689 1855690 1855691 1855692 1855693 1855694 1855695 1855696 1855697 1855698 1855699 1855700 1855701 1855702 1855703 1856127 1856128 1856129 1856130 1856131 1856132 1856133 1856134 1856135 1856136 1856137 1856138 1856140 1856141 1856142 1856143 1856144 1856145 1856146 1856147 1856148 1856150 1856151 1856152 1856153 1856190 1856191 1856192 1856193 1856194 1856195 1856196 1856197 1856198 1856199 1856200 1856201 1856202 1856203 1856204 1856205 1856206 1856207 1856208 1856209 1856210 1856211 1856212 1856213 1856214 1856215 1856216 1856217 1856218 1856219 1856220 1856221 1856222 1856223 1856224 1856225 1856226 1856227 1856228 1856229 1856230 1856231 1856233 1856234 1856235 1856286 1857030 1857031 1857032 1857033 1857034 1857035 1857107 1857108 1857109 1857110 1857111 1857112 1857682 1858217 1858837 1865873 1866052 1866054 1866057 1866058 1881539 1881575 1893686 1894171 1895446 1901782 1901783 1901784 1901785 1901786 1901787 1901788 1901789 1901790 1932326 1932327 1932328 1932329 1932330 1932331 1932332 1932333 1932334 1932335 1932336 1932337 1932338 1932339 1932340 1932342 1932343 1932344 1932345 1932346 1932347 1932348 1932349 1932350 1932351 1932352 1932353 1932354 1932355 1932356 1932357 1932358 1932359 1932360 1932361 1932481 1932498 1932617 1932632 1932633 1932665 1932668 1933062 1933068 1933073 1933104 1933106 1933136 1938297 1938355 1939647 1951707 1977541 1977542
Blocks: 1853655
TreeView+ depends on / blocked
 
Reported: 2020-07-03 13:29 UTC by Marian Rehak
Modified: 2023-10-09 11:28 UTC (History)
131 users (show)

Fixed In Version: golang.org/x/text 0.3.3
Doc Type: If docs needed, set a value
Doc Text:
A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.
Clone Of:
Environment:
Last Closed: 2020-07-22 13:27:42 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:3087 0 None None None 2020-07-22 07:33:45 UTC
Red Hat Product Errata RHSA-2020:3369 0 None None None 2020-08-06 20:18:00 UTC
Red Hat Product Errata RHSA-2020:3372 0 None None None 2020-08-06 20:21:57 UTC
Red Hat Product Errata RHSA-2020:3578 0 None None None 2020-09-08 10:09:51 UTC
Red Hat Product Errata RHSA-2020:3665 0 None None None 2020-09-08 09:47:51 UTC
Red Hat Product Errata RHSA-2020:3727 0 None None None 2020-09-16 07:56:27 UTC
Red Hat Product Errata RHSA-2020:3780 0 None None None 2020-09-21 19:50:35 UTC
Red Hat Product Errata RHSA-2020:3783 0 None None None 2020-09-22 07:15:59 UTC
Red Hat Product Errata RHSA-2020:4214 0 None None None 2020-10-08 10:50:45 UTC
Red Hat Product Errata RHSA-2020:4297 0 None None None 2020-10-27 14:54:03 UTC
Red Hat Product Errata RHSA-2020:4298 0 None None None 2020-10-27 16:24:37 UTC
Red Hat Product Errata RHSA-2020:4694 0 None None None 2020-11-04 03:05:08 UTC
Red Hat Product Errata RHSA-2020:5054 0 None None None 2020-11-10 13:52:52 UTC
Red Hat Product Errata RHSA-2020:5055 0 None None None 2020-11-10 13:53:29 UTC
Red Hat Product Errata RHSA-2020:5056 0 None None None 2020-11-10 13:54:14 UTC
Red Hat Product Errata RHSA-2020:5149 0 None None None 2020-11-18 15:07:41 UTC
Red Hat Product Errata RHSA-2020:5198 0 None None None 2020-11-24 09:02:52 UTC
Red Hat Product Errata RHSA-2020:5605 0 None None None 2020-12-17 06:22:17 UTC
Red Hat Product Errata RHSA-2020:5606 0 None None None 2020-12-17 05:42:19 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:10:11 UTC
Red Hat Product Errata RHSA-2020:5635 0 None None None 2021-02-24 15:01:01 UTC
Red Hat Product Errata RHSA-2021:0420 0 None None None 2021-02-04 16:14:53 UTC
Red Hat Product Errata RHSA-2021:0799 0 None None None 2021-03-10 11:15:29 UTC
Red Hat Product Errata RHSA-2021:0980 0 None None None 2021-03-24 12:58:10 UTC
Red Hat Product Errata RHSA-2021:3140 0 None None None 2021-08-11 18:25:52 UTC

Description Marian Rehak 2020-07-03 13:29:43 UTC
Go version v0.3.3 of the x/text package fixes a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

Upstream Reference:

https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0?pli=1

Comment 1 Marian Rehak 2020-07-03 13:30:20 UTC
Created golang tracking bugs for this issue:

Affects: epel-all [bug 1853654]
Affects: fedora-all [bug 1853653]

Comment 28 Mark Cooper 2020-07-13 01:03:52 UTC
Git commit: https://go-review.googlesource.com/c/text/+/238238

Comment 29 Mark Cooper 2020-07-13 01:06:14 UTC
Statement:

OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.

Comment 38 errata-xmlrpc 2020-07-22 07:33:40 UTC
This issue has been addressed in the following products:

  Jaeger-1.17

Via RHSA-2020:3087 https://access.redhat.com/errata/RHSA-2020:3087

Comment 39 Product Security DevOps Team 2020-07-22 13:27:42 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-14040

Comment 40 errata-xmlrpc 2020-08-06 20:17:54 UTC
This issue has been addressed in the following products:

  OpenShift Service Mesh 1.1
  Openshift Service Mesh 1.1

Via RHSA-2020:3369 https://access.redhat.com/errata/RHSA-2020:3369

Comment 41 errata-xmlrpc 2020-08-06 20:21:51 UTC
This issue has been addressed in the following products:

  OpenShift Service Mesh 1.0

Via RHSA-2020:3372 https://access.redhat.com/errata/RHSA-2020:3372

Comment 45 errata-xmlrpc 2020-09-08 09:47:41 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:3665 https://access.redhat.com/errata/RHSA-2020:3665

Comment 46 errata-xmlrpc 2020-09-08 10:09:42 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.5

Via RHSA-2020:3578 https://access.redhat.com/errata/RHSA-2020:3578

Comment 47 errata-xmlrpc 2020-09-16 07:56:22 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 3.11

Via RHSA-2020:3727 https://access.redhat.com/errata/RHSA-2020:3727

Comment 48 errata-xmlrpc 2020-09-21 19:50:29 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.5

Via RHSA-2020:3780 https://access.redhat.com/errata/RHSA-2020:3780

Comment 49 errata-xmlrpc 2020-09-22 07:15:53 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.4

Via RHSA-2020:3783 https://access.redhat.com/errata/RHSA-2020:3783

Comment 52 errata-xmlrpc 2020-10-08 10:50:37 UTC
This issue has been addressed in the following products:

  Red Hat Developer Tools

Via RHSA-2020:4214 https://access.redhat.com/errata/RHSA-2020:4214

Comment 54 errata-xmlrpc 2020-10-27 14:53:59 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.6

Via RHSA-2020:4297 https://access.redhat.com/errata/RHSA-2020:4297

Comment 55 errata-xmlrpc 2020-10-27 16:24:32 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.6

Via RHSA-2020:4298 https://access.redhat.com/errata/RHSA-2020:4298

Comment 58 errata-xmlrpc 2020-11-04 03:05:02 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:4694 https://access.redhat.com/errata/RHSA-2020:4694

Comment 59 errata-xmlrpc 2020-11-10 13:52:47 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extras

Via RHSA-2020:5054 https://access.redhat.com/errata/RHSA-2020:5054

Comment 60 errata-xmlrpc 2020-11-10 13:53:22 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extras

Via RHSA-2020:5055 https://access.redhat.com/errata/RHSA-2020:5055

Comment 61 errata-xmlrpc 2020-11-10 13:54:08 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extras

Via RHSA-2020:5056 https://access.redhat.com/errata/RHSA-2020:5056

Comment 62 errata-xmlrpc 2020-11-18 15:07:27 UTC
This issue has been addressed in the following products:

  Openshift Serveless 1.11

Via RHSA-2020:5149 https://access.redhat.com/errata/RHSA-2020:5149

Comment 63 errata-xmlrpc 2020-11-24 09:02:37 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Jaeger 1.20

Via RHSA-2020:5198 https://access.redhat.com/errata/RHSA-2020:5198

Comment 65 errata-xmlrpc 2020-12-17 05:42:17 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Storage 4.6.0 on RHEL-8

Via RHSA-2020:5606 https://access.redhat.com/errata/RHSA-2020:5606

Comment 66 errata-xmlrpc 2020-12-17 06:22:15 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Storage 4.6.0 on RHEL-8

Via RHSA-2020:5605 https://access.redhat.com/errata/RHSA-2020:5605

Comment 67 errata-xmlrpc 2021-02-04 16:14:48 UTC
This issue has been addressed in the following products:

  Red Hat Quay 3

Via RHSA-2021:0420 https://access.redhat.com/errata/RHSA-2021:0420

Comment 74 errata-xmlrpc 2021-02-24 15:00:52 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.7

Via RHSA-2020:5635 https://access.redhat.com/errata/RHSA-2020:5635

Comment 75 errata-xmlrpc 2021-02-24 15:10:00 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.7

Via RHSA-2020:5633 https://access.redhat.com/errata/RHSA-2020:5633

Comment 78 errata-xmlrpc 2021-03-10 11:15:20 UTC
This issue has been addressed in the following products:

  RHEL-8-CNV-2.6

Via RHSA-2021:0799 https://access.redhat.com/errata/RHSA-2021:0799

Comment 80 errata-xmlrpc 2021-03-24 12:57:55 UTC
This issue has been addressed in the following products:

  Red Hat Advanced Cluster Management for Kubernetes 2.1 for RHEL 8
  Red Hat Advanced Cluster Management for Kubernetes 2.1 for RHEL 7

Via RHSA-2021:0980 https://access.redhat.com/errata/RHSA-2021:0980

Comment 82 errata-xmlrpc 2021-04-07 10:31:24 UTC
This issue has been addressed in the following products:

  3scale API Management

Via RHSA-2021:1129 https://access.redhat.com/errata/RHSA-2021:1129

Comment 83 errata-xmlrpc 2021-04-13 00:09:29 UTC
This issue has been addressed in the following products:

  Red Hat Advanced Cluster Management for Kubernetes 2.2 for RHEL 8
  Red Hat Advanced Cluster Management for Kubernetes 2.2 for RHEL 7

Via RHSA-2021:1168 https://access.redhat.com/errata/RHSA-2021:1168

Comment 86 errata-xmlrpc 2021-04-26 15:56:02 UTC
This issue has been addressed in the following products:

  Red Hat Advanced Cluster Management for Kubernetes 2.1 for RHEL 8
  Red Hat Advanced Cluster Management for Kubernetes 2.1 for RHEL 7

Via RHSA-2021:1369 https://access.redhat.com/errata/RHSA-2021:1369

Comment 87 errata-xmlrpc 2021-05-19 08:01:17 UTC
This issue has been addressed in the following products:

  Red Hat Integration

Via RHSA-2021:2039 https://access.redhat.com/errata/RHSA-2021:2039

Comment 91 errata-xmlrpc 2021-08-11 18:25:47 UTC
This issue has been addressed in the following products:

  Red Hat Fuse 7.9

Via RHSA-2021:3140 https://access.redhat.com/errata/RHSA-2021:3140


Note You need to log in before you can comment on or make changes to this bug.