-
Notifications
You must be signed in to change notification settings - Fork 58
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Aliases: CVE-2023-6337, GHSA-6p62-6cg9-f5f5 Fixes #2399 Change-Id: Ib7a3ac1cf3977dcc0345786f706d5169df79eac9 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/551996 Run-TryBot: Tim King <taking@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
- Loading branch information
1 parent
e9e1530
commit e7ffd94
Showing
3 changed files
with
176 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,105 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2023-2399", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2023-6337", | ||
"GHSA-6p62-6cg9-f5f5" | ||
], | ||
"summary": "Denial of service via memory exhaustion in github.com/hashicorp/vault", | ||
"details": "Unauthenticated and authenticated HTTP requests from a client will be attempted to be mapped to memory. Large requests may result in the exhaustion of available memory on the host, which may cause crashes and denial of service.", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "github.com/hashicorp/vault", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "1.12.0" | ||
}, | ||
{ | ||
"fixed": "1.13.12" | ||
}, | ||
{ | ||
"introduced": "1.14.0" | ||
}, | ||
{ | ||
"fixed": "1.14.8" | ||
}, | ||
{ | ||
"introduced": "1.15.0" | ||
}, | ||
{ | ||
"fixed": "1.15.4" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": { | ||
"imports": [ | ||
{ | ||
"path": "github.com/hashicorp/vault/helper/forwarding", | ||
"symbols": [ | ||
"GenerateForwardedHTTPRequest", | ||
"GenerateForwardedRequest" | ||
] | ||
}, | ||
{ | ||
"path": "github.com/hashicorp/vault/http", | ||
"symbols": [ | ||
"HandlerAnchor.Handler", | ||
"TestServer", | ||
"TestServerWithListener", | ||
"TestServerWithListenerAndProperties", | ||
"handler", | ||
"parseFormRequest", | ||
"parseJSONRequest", | ||
"rateLimitQuotaWrapping", | ||
"wrapGenericHandler" | ||
] | ||
}, | ||
{ | ||
"path": "github.com/hashicorp/vault/vault", | ||
"symbols": [ | ||
"Core.DetermineRoleFromLoginRequest", | ||
"Core.DetermineRoleFromLoginRequestFromBytes", | ||
"Core.ForwardRequest", | ||
"Core.HandleRequest", | ||
"NewSystemBackend", | ||
"NewTestCluster", | ||
"SystemBackend.handleStorageRaftSnapshotWrite", | ||
"TestCluster.InitCores", | ||
"TestCoreUnsealed", | ||
"TestCoreUnsealedRaw", | ||
"TestCoreUnsealedWithConfig", | ||
"TestCoreUnsealedWithMetrics", | ||
"TestCoreWithCustomResponseHeaderAndUI" | ||
] | ||
} | ||
] | ||
} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6337" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://discuss.hashicorp.com/t/hcsec-2023-34-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-handling-large-http-requests/60741" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/hashicorp/vault/pull/24354" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2023-2399" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
id: GO-2023-2399 | ||
modules: | ||
- module: github.com/hashicorp/vault | ||
versions: | ||
- introduced: 1.12.0 | ||
fixed: 1.13.12 | ||
- introduced: 1.14.0 | ||
fixed: 1.14.8 | ||
- introduced: 1.15.0 | ||
fixed: 1.15.4 | ||
vulnerable_at: 1.15.3 | ||
packages: | ||
- package: github.com/hashicorp/vault/helper/forwarding | ||
symbols: | ||
- GenerateForwardedRequest | ||
derived_symbols: | ||
- GenerateForwardedHTTPRequest | ||
- package: github.com/hashicorp/vault/http | ||
symbols: | ||
- handler | ||
- wrapGenericHandler | ||
- parseJSONRequest | ||
- parseFormRequest | ||
- rateLimitQuotaWrapping | ||
derived_symbols: | ||
- HandlerAnchor.Handler | ||
- TestServer | ||
- TestServerWithListener | ||
- TestServerWithListenerAndProperties | ||
skip_fix: 'TODO: module github.com/hashicorp/vault must be updated with go get github.com/hashicorp/vault/sdk@v0.10.2 to reproduce.' | ||
- package: github.com/hashicorp/vault/vault | ||
symbols: | ||
- Core.DetermineRoleFromLoginRequestFromBytes | ||
- Core.DetermineRoleFromLoginRequest | ||
- SystemBackend.handleStorageRaftSnapshotWrite | ||
derived_symbols: | ||
- Core.ForwardRequest | ||
- Core.HandleRequest | ||
- NewSystemBackend | ||
- NewTestCluster | ||
- TestCluster.InitCores | ||
- TestCoreUnsealed | ||
- TestCoreUnsealedRaw | ||
- TestCoreUnsealedWithConfig | ||
- TestCoreUnsealedWithMetrics | ||
- TestCoreWithCustomResponseHeaderAndUI | ||
skip_fix: 'TODO: module github.com/hashicorp/vault must be updated with go get github.com/hashicorp/vault/sdk@v0.10.2 to reproduce.' | ||
summary: Denial of service via memory exhaustion in github.com/hashicorp/vault | ||
description: |- | ||
Unauthenticated and authenticated HTTP requests from a client | ||
will be attempted to be mapped to memory. | ||
Large requests may result in the exhaustion of available | ||
memory on the host, which may cause crashes and denial of service. | ||
cves: | ||
- CVE-2023-6337 | ||
ghsas: | ||
- GHSA-6p62-6cg9-f5f5 | ||
references: | ||
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-6337 | ||
- web: https://discuss.hashicorp.com/t/hcsec-2023-34-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-handling-large-http-requests/60741 | ||
- fix: https://github.com/hashicorp/vault/pull/24354 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters