Lucene search

K
redhatRedHatRHSA-2024:6536
HistorySep 10, 2024 - 2:17 p.m.

(RHSA-2024:6536) Moderate: Red Hat AMQ Streams 2.5.2 release and security update

2024-09-1014:17:57
access.redhat.com
10
red hat amq streams
apache kafka
microservices
scala
java
sbt
zookeeper
snappy
kafka
strimzi
bridge
oauth
cruise control.placeholder

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

10

Confidence

High

EPSS

0.838

Percentile

98.5%

Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.

This release of Red Hat AMQ Streams 2.5.2 serves as a replacement for Red Hat AMQ Streams 2.5.1, and includes security and bug fixes, and enhancements.

Security Fix(es):

  • Scala: sbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, IO.unzip allows writing of arbitrary file. This would have potential to overwrite /root/.ssh/authorized_keys. Within sbt’s main code, IO.unzip is used in pullRemoteCache task and Resolvers.remote; however many projects use IO.unzip(...) directly to implement custom tasks. This vulnerability has been patched in version 1.9.7.(CVE-2023-46122)

  • ZooKeeper: Information disclosure in persistent watcher handling. Users are recommended to upgrade to version 3.9.2, 3.8.4 which fixes the issue.
    (CVE-2024-23944)

  • ZooKeeper: Authorization Bypass in Apache ZooKeeper amq-st-2

  • Snappy: flaw was found in SnappyInputStream in snappy-java. This issue occurs when decompressing data with a too-large chunk size due to a missing upper bound check on chunk length. An unrecoverable fatal error can occur, resulting in a Denial of Service (DoS) (CVE-2023-43642)

  • Kafka: snappy-java: Unchecked chunk length leads to DoS amq-st-2, (CVE-2024-27309), (CVE-2024-31141)

  • Strimzi Operators: vertx-core: io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)

  • Strimzi Bridge: flaw was found in SnappyInputStream in snappy-java (CVE-2023-43642)

  • Strimzi Bridge: netty-codec-http: Allocation of Resources Without Limits or Throttling (CVE-2024-29025)

  • Strimzi Bridge: vertx-core: io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)

  • Strimzi Bridge: netty-codec-http2: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (CVE-2023-44487)

  • Strimzi Bridge: Bump snappy-java to fix (CVE-2023-43642)

  • Strimzi OAuth: In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component. (CVE-2023-52428)

  • Cruise Control: flaw was found in SnappyInputStream in snappy-java (CVE-2023-43642)

  • Cruise Control: jose4j- denial of service via specially crafted JWE (CVE-2023-51775)

  • Cruise Control: Bump snappy-java to fix (CVE-2023-43642)

  • Cruise Control: cruise-control reported a high-sev json vulnerability (CVE-2023-5072)

  • Cruise Control: Nimbus JOSE+JWT before 9.37.2 (CVE-2023-52428)

  • Strimzi Kafka Kubernetes Config Provider: Bump snappy-java to fix (CVE-2023-43642)

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

10

Confidence

High

EPSS

0.838

Percentile

98.5%