etcd-3.2.32-1.el7

エラータID: AXSA:2021-1717:01

Release date: 
Tuesday, April 27, 2021 - 20:55
Subject: 
etcd-3.2.32-1.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

The etcd packages provide a highly available key-value store for shared configuration.

Security Fix(es):

* etcd: Large slice causes panic in decodeRecord method (CVE-2020-15106)
* etcd: DoS in wal/wal.go (CVE-2020-15112)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-15106
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.
CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.

Solution: 

Update packages.

CVEs: 
CVE-2020-15106
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.
CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
Additional Info: 

N/A

Download: 

SRPMS
  1. etcd-3.2.32-1.el7.src.rpm
    MD5: 9fdff6cb294d69a8a324dd9d1921da8e
    SHA-256: 8af0f57c0f5a6b994acac97ae4ce45d533e1c9a11717bb899467a09d394f1cba
    Size: 3.01 MB

Asianux Server 7 for x86_64
  1. etcd-3.2.32-1.el7.x86_64.rpm
    MD5: 023d14eb18ad367527f0f64e59520d12
    SHA-256: 0c39c049559313c1f269171a62d0e38918fdaa82029e9cbadcb510b8217bb5c6
    Size: 9.50 MB