openstack-keystone: failure to check signature TTL of the EC2 credential auth method

A flaw was found in Keystone, where the restriction was not checked for the Signature Version 4 V4 process of AWS signatures issued within a limited time window. This flaw allows an attacker to capture an auth header and reuse it, potentially maintaining indefinite access...

openstack-keystone: EC2 and credential endpoints are not protected from a scoped context

A vulnerability was found in Keystone's EC2 credentials API. This flaw allows any user authenticated within a limited scope trust/OAuth/application credential to create an EC2 credential with escalated permissions, for example, obtaining an "admin" role, while the user is on a limited "viewer" ro...

openstack-keystone: Credentials endpoint policy logic allows changing credential owner and target project ID

A vulnerability was found in Keystone's EC2 credentials API. This flaw allows any authenticated user to create an EC2 credential for themselves for a project that they have a specified role, and then perform an update to the credential user and project, allowing them to masquerade as another user...

RHEL 8 : openstack-keystone (RHSA-2020:3105)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3105 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

RHEL 8 : openstack-keystone (RHSA-2020:3102)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3102 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

RHEL 7 : openstack-keystone (RHSA-2020:3096)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3096 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

openstack-keystone: EC2 and credential endpoints are not protected from a scoped context

A vulnerability was found in Keystone's EC2 credentials API. This flaw allows any user authenticated within a limited scope trust/OAuth/application credential to create an EC2 credential with escalated permissions, for example, obtaining an "admin" role, while the user is on a limited "viewer" ro...

openstack-keystone: failure to check signature TTL of the EC2 credential auth method

A flaw was found in Keystone, where the restriction was not checked for the Signature Version 4 V4 process of AWS signatures issued within a limited time window. This flaw allows an attacker to capture an auth header and reuse it, potentially maintaining indefinite access...

openstack-keystone: Credentials endpoint policy logic allows changing credential owner and target project ID

A vulnerability was found in Keystone's EC2 credentials API. This flaw allows any authenticated user to create an EC2 credential for themselves for a project that they have a specified role, and then perform an update to the credential user and project, allowing them to masquerade as another user...

Important: Red Hat Security Advisory: openstack-keystone security update

An update for openstack-keystone is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Privilege Escalation

openstack keystone is vulnerable to privilege escalation. The library does not properly enforce the role parameters associated to an OAuth1 access token. A keystone token containing every role assignment is assigned to a low-privileged user, granting the user more access than required...

RHEL 7 : openstack-keystone (RHSA-2020:2732)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2732 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

SGN - Encoder Ported Into Go With Several Improvements

SGN is a polymorphic binary encoder for offensive security purposes such as generating statically undetecable binary payloads. It uses a additive feedback loop to encode given binary instructions similar to LSFR. This project is the reimplementation of the original Shikata ga nai in golang with...

keystone:fuzz_asm_arm_armbe: Use-of-uninitialized-value in llvm_ks::ARMAsmBackend::adjustFixupValue

Detailed Report: https://oss-fuzz.com/testcase?key=5712919152295936 Project: keystone Fuzzing Engine: libFuzzer Fuzz Target: fuzzasmarmarmbe Job Type: libfuzzermsankeystone Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: llvmks::ARMAsmBackend::adjustFixupValu...

keystone:fuzz_asm_x86_64: Use-of-uninitialized-value in llvm_ks::isIntN

Detailed Report: https://oss-fuzz.com/testcase?key=6316147845890048 Project: keystone Fuzzing Engine: libFuzzer Fuzz Target: fuzzasmx8664 Job Type: libfuzzermsankeystone Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: llvmks::isIntN X86AsmBackend::applyFixup...

keystone:fuzz_asm_arm_thumbbe: Use-of-uninitialized-value in llvm_ks::ARMAsmBackend::reasonForFixupRelaxation

Detailed Report: https://oss-fuzz.com/testcase?key=5454398435360768 Project: keystone Fuzzing Engine: libFuzzer Fuzz Target: fuzzasmarmthumbbe Job Type: libfuzzermsankeystone Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

keystone:fuzz_asm_x86_16: Heap-use-after-free in llvm_ks::X86Operand::getToken

Detailed Report: https://oss-fuzz.com/testcase?key=5637154293415936 Project: keystone Fuzzing Engine: afl Fuzz Target: fuzzasmx8616 Job Type: aflasankeystone Platform Id: linux Crash Type: Heap-use-after-free READ 4 Crash Address: 0x60d000000a28 Crash State: llvmks::X86Operand::getToken...

keystone:fuzz_asm_mips64be: Use-of-uninitialized-value in MipsAsmParser::isPicAndNotNxxAbi

Detailed Report: https://oss-fuzz.com/testcase?key=5663481503416320 Project: keystone Fuzzing Engine: libFuzzer Fuzz Target: fuzzasmmips64be Job Type: libfuzzermsankeystone Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: MipsAsmParser::isPicAndNotNxxAbi...

keystone:fuzz_asm_hex: Use-of-uninitialized-value in llvm_ks::HexagonMCCodeEmitter::getExprOpValue

Detailed Report: https://oss-fuzz.com/testcase?key=6220669925982208 Project: keystone Fuzzing Engine: libFuzzer Fuzz Target: fuzzasmhex Job Type: libfuzzermsankeystone Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: llvmks::HexagonMCCodeEmitter::getExprOpValu...

keystone:fuzz_asm_mips64: Use-of-uninitialized-value in MipsAsmParser::processInstruction

Detailed Report: https://oss-fuzz.com/testcase?key=6308839044677632 Project: keystone Fuzzing Engine: libFuzzer Fuzz Target: fuzzasmmips64 Job Type: libfuzzermsankeystone Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: MipsAsmParser::processInstruction...