grafana-7.5.15-4.el8.ML.1
エラータID: AXSA:2023-6073:05
リリース日:
2023/06/19 Monday - 06:37
題名:
grafana-7.5.15-4.el8.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- go の net/http モジュールには、HTTP/2 接続のシャットダウン前に
致命的なエラーが発生した場合 HTTP/2 接続が無応答状態になる問題が
あるため、リモートの攻撃者により、サービス拒否攻撃を可能とする
脆弱性が存在します。(CVE-2022-27664)
- golang には、リバースプロキシから転送されたクエリを含むリクエスト
の Go プロキシの処理に問題があるため、リモートの攻撃者により、
net/http モジュールによって拒否された解析不能なパラメーターを含む
リクエストを介して、HTTP リクエストスマグリング攻撃を可能とする
脆弱性が存在します。(CVE-2022-2880)
- Grafana には、ユーザー名と電子メールアドレスの両方をログイン
アカウントとして利用できるため、リモートの攻撃者により、攻撃対象と
するユーザーの電子メールアドレスを別のユーザーとして登録することを
介して、攻撃対象のユーザーのログインの妨害を可能とする脆弱性が存在
します。(CVE-2022-39229)
- golang の regexp モジュールには、信頼できない情報元から入力された
正規表現をコンパイルする際に大量のメモリを消費してしまう問題がある
ため、リモートの攻撃者により、細工された正規表現の入力を介して、
メモリの枯渇とそれに起因するサービス拒否攻撃を可能とする脆弱性が
存在します。(CVE-2022-41715)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-27664
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
CVE-2022-2880
Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.
Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.
CVE-2022-39229
Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`’s email address. This prevents `user_1` logging into the application since `user_1`'s password won’t match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.
Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, that means no other user can have the same username or email address as another user. A user can have an email address as a username. However, the login system allows users to log in with either username or email address. Since Grafana allows a user to log in with either their username or email address, this creates an usual behavior where `user_1` can register with one email address and `user_2` can register their username as `user_1`’s email address. This prevents `user_1` logging into the application since `user_1`'s password won’t match with `user_2`'s email address. Versions 9.1.8 and 8.5.14 contain a patch. There are no workarounds for this issue.
CVE-2022-41715
Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.
Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.
追加情報:
N/A
ダウンロード:
SRPMS
- grafana-7.5.15-4.el8.ML.1.src.rpm
MD5: 6113aa4e268127bc7abbc3c92eaf05b0
SHA-256: ff3e1788470aa46e80250bffc9d8c39f533a6b38e46a64c024486b500a44c7ec
Size: 115.56 MB
Asianux Server 8 for x86_64
- grafana-7.5.15-4.el8.ML.1.x86_64.rpm
MD5: 9ebde9e2d48d7335199704b3df26e661
SHA-256: 186d76c1f623bdcaef7067b950aec39401c0bf4b2c2fe0751f7a662f4f6c0574
Size: 39.47 MB