Bug 2048778 (CVE-2022-23833) - CVE-2022-23833 django: Denial-of-service possibility in file uploads
Summary: CVE-2022-23833 django: Denial-of-service possibility in file uploads
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-23833
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2051706 2051707 2051708 2048894 2048895 2049324 2049325 2049327 2049329 2050718 2050745 2050754 2050755 2050846
Blocks: 2048788
TreeView+ depends on / blocked
 
Reported: 2022-01-31 19:28 UTC by Guilherme de Almeida Suckevicz
Modified: 2022-12-07 20:27 UTC (History)
61 users (show)

Fixed In Version: django 4.0.2, django 3.2.12, django 2.2.27
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Django. The issue occurs when passing certain inputs to multipart forms, resulting in an infinite loop when parsing files.
Clone Of:
Environment:
Last Closed: 2022-07-05 21:23:46 UTC
Embargoed:


Attachments (Terms of Use)
0002-2.2.x-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-f.patch (3.12 KB, application/mbox)
2022-01-31 19:55 UTC, Guilherme de Almeida Suckevicz
no flags Details
0002-3.2.x-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-f.patch (3.82 KB, application/mbox)
2022-01-31 19:56 UTC, Guilherme de Almeida Suckevicz
no flags Details
0002-4.0.x-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-f.patch (4.50 KB, application/mbox)
2022-01-31 19:57 UTC, Guilherme de Almeida Suckevicz
no flags Details
0002-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-file-up.patch (4.50 KB, application/mbox)
2022-01-31 19:57 UTC, Guilherme de Almeida Suckevicz
no flags Details


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:5498 0 None None None 2022-07-05 14:27:35 UTC
Red Hat Product Errata RHSA-2022:8853 0 None None None 2022-12-07 19:25:46 UTC
Red Hat Product Errata RHSA-2022:8872 0 None None None 2022-12-07 20:27:20 UTC

Description Guilherme de Almeida Suckevicz 2022-01-31 19:28:38 UTC
Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Comment 1 Guilherme de Almeida Suckevicz 2022-01-31 19:55:17 UTC
Created attachment 1858150 [details]
0002-2.2.x-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-f.patch

Comment 2 Guilherme de Almeida Suckevicz 2022-01-31 19:56:19 UTC
Created attachment 1858151 [details]
0002-3.2.x-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-f.patch

Comment 3 Guilherme de Almeida Suckevicz 2022-01-31 19:57:08 UTC
Created attachment 1858152 [details]
0002-4.0.x-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-f.patch

Comment 4 Guilherme de Almeida Suckevicz 2022-01-31 19:57:50 UTC
Created attachment 1858153 [details]
0002-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-file-up.patch

Comment 6 Summer Long 2022-02-01 23:07:18 UTC
Created django:1.6/python-django tracking bugs for this issue:

Affects: fedora-all [bug 2049324]


Created python-django tracking bugs for this issue:

Affects: epel-all [bug 2049327]
Affects: fedora-all [bug 2049325]
Affects: openstack-rdo [bug 2049329]

Comment 13 errata-xmlrpc 2022-07-05 14:27:32 UTC
This issue has been addressed in the following products:

  Red Hat Satellite 6.11 for RHEL 7
  Red Hat Satellite 6.11 for RHEL 8

Via RHSA-2022:5498 https://access.redhat.com/errata/RHSA-2022:5498

Comment 14 Product Security DevOps Team 2022-07-05 21:23:43 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-23833

Comment 15 errata-xmlrpc 2022-12-07 19:25:43 UTC
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.2

Via RHSA-2022:8853 https://access.redhat.com/errata/RHSA-2022:8853

Comment 16 errata-xmlrpc 2022-12-07 20:27:17 UTC
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.1

Via RHSA-2022:8872 https://access.redhat.com/errata/RHSA-2022:8872


Note You need to log in before you can comment on or make changes to this bug.